diff options
| -rw-r--r-- | services/core/java/com/android/server/security/FileIntegrityService.java | 19 |
1 files changed, 0 insertions, 19 deletions
diff --git a/services/core/java/com/android/server/security/FileIntegrityService.java b/services/core/java/com/android/server/security/FileIntegrityService.java index 8cf2d0379ec3..482090a02025 100644 --- a/services/core/java/com/android/server/security/FileIntegrityService.java +++ b/services/core/java/com/android/server/security/FileIntegrityService.java @@ -22,11 +22,8 @@ import android.content.Context; import android.content.pm.PackageManager; import android.os.Build; import android.os.IBinder; -import android.os.Process; import android.os.SystemProperties; -import android.security.Credentials; import android.security.IFileIntegrityService; -import android.security.KeyStore; import android.util.Slog; import com.android.server.SystemService; @@ -114,9 +111,6 @@ public class FileIntegrityService extends SystemService { // Load certificates trusted by the device manufacturer. loadCertificatesFromDirectory("/product/etc/security/fsverity"); - - // Load certificates trusted by the device owner. - loadCertificatesFromKeystore(KeyStore.getInstance()); } private void loadCertificatesFromDirectory(String path) { @@ -139,19 +133,6 @@ public class FileIntegrityService extends SystemService { } } - private void loadCertificatesFromKeystore(KeyStore keystore) { - for (final String alias : keystore.list(Credentials.APP_SOURCE_CERTIFICATE, - Process.FSVERITY_CERT_UID)) { - byte[] certificateBytes = keystore.get(Credentials.APP_SOURCE_CERTIFICATE + alias, - Process.FSVERITY_CERT_UID, false /* suppressKeyNotFoundWarning */); - if (certificateBytes == null) { - Slog.w(TAG, "The retrieved fs-verity certificate is null, ignored " + alias); - continue; - } - collectCertificate(certificateBytes); - } - } - /** * Tries to convert {@code bytes} into an X.509 certificate and store in memory. * Errors need to be surpressed in order fo the next certificates to still be collected. |