4 files changed, 11 insertions, 24 deletions
diff --git a/keystore/java/android/security/KeyStore.java b/keystore/java/android/security/KeyStore.java
index f105072a32bf..2cac2e150919 100644
--- a/keystore/java/android/security/KeyStore.java
+++ b/keystore/java/android/security/KeyStore.java
@@ -17,7 +17,6 @@
 package android.security;
 
 import android.compat.annotation.UnsupportedAppUsage;
-import android.os.Build;
 import android.os.StrictMode;
 
 /**
@@ -30,10 +29,6 @@ import android.os.StrictMode;
  */
 public class KeyStore {
 
-    // ResponseCodes - see system/security/keystore/include/keystore/keystore.h
-    @UnsupportedAppUsage(maxTargetSdk = Build.VERSION_CODES.R, trackingBug = 170729553)
-    public static final int NO_ERROR = 1;
-
     // Used for UID field to indicate the calling UID.
     public static final int UID_SELF = -1;
 
@@ -48,8 +43,8 @@ public class KeyStore {
      * Add an authentication record to the keystore authorization table.
      *
      * @param authToken The packed bytes of a hw_auth_token_t to be provided to keymaster.
-     * @return {@code KeyStore.NO_ERROR} on success, otherwise an error value corresponding to
-     * a {@code KeymasterDefs.KM_ERROR_} value or {@code KeyStore} ResponseCode.
+     * @return 0 on success, otherwise an error value corresponding to a
+     * {@code KeymasterDefs.KM_ERROR_} value or {@code KeyStore} ResponseCode.
      */
     public int addAuthToken(byte[] authToken) {
         StrictMode.noteDiskWrite();
diff --git a/keystore/java/android/security/keystore2/AndroidKeyStoreCipherSpiBase.java b/keystore/java/android/security/keystore2/AndroidKeyStoreCipherSpiBase.java
index 101a10e3d312..3f39eeb0cc6b 100644
--- a/keystore/java/android/security/keystore2/AndroidKeyStoreCipherSpiBase.java
+++ b/keystore/java/android/security/keystore2/AndroidKeyStoreCipherSpiBase.java
@@ -359,14 +359,12 @@ abstract class AndroidKeyStoreCipherSpiBase extends CipherSpi implements KeyStor
         } catch (KeyStoreException keyStoreException) {
             GeneralSecurityException e = KeyStoreCryptoOperationUtils.getExceptionForCipherInit(
                     mKey, keyStoreException);
-            if (e != null) {
-                if (e instanceof InvalidKeyException) {
-                    throw (InvalidKeyException) e;
-                } else if (e instanceof InvalidAlgorithmParameterException) {
-                    throw (InvalidAlgorithmParameterException) e;
-                } else {
-                    throw new ProviderException("Unexpected exception type", e);
-                }
+            if (e instanceof InvalidKeyException) {
+                throw (InvalidKeyException) e;
+            } else if (e instanceof InvalidAlgorithmParameterException) {
+                throw (InvalidAlgorithmParameterException) e;
+            } else {
+                throw new ProviderException("Unexpected exception type", e);
             }
         }
 
diff --git a/keystore/java/android/security/keystore2/KeyStoreCryptoOperationUtils.java b/keystore/java/android/security/keystore2/KeyStoreCryptoOperationUtils.java
index 372e4cb3d72e..9b82206e5709 100644
--- a/keystore/java/android/security/keystore2/KeyStoreCryptoOperationUtils.java
+++ b/keystore/java/android/security/keystore2/KeyStoreCryptoOperationUtils.java
@@ -20,7 +20,6 @@ import android.app.ActivityThread;
 import android.hardware.biometrics.BiometricManager;
 import android.hardware.security.keymint.ErrorCode;
 import android.security.GateKeeper;
-import android.security.KeyStore;
 import android.security.KeyStoreException;
 import android.security.KeyStoreOperation;
 import android.security.keymaster.KeymasterDefs;
@@ -131,15 +130,10 @@ abstract class KeyStoreCryptoOperationUtils {
 
     /**
      * Returns the exception to be thrown by the {@code Cipher.init} method of the crypto operation
-     * in response to {@code KeyStore.begin} operation or {@code null} if the {@code init} method
-     * should succeed.
+     * in response to a failed {code IKeystoreSecurityLevel#createOperation()}.
      */
     public static GeneralSecurityException getExceptionForCipherInit(
             AndroidKeyStoreKey key, KeyStoreException e) {
-        if (e.getErrorCode() == KeyStore.NO_ERROR) {
-            return null;
-        }
-
         // Cipher-specific cases
         switch (e.getErrorCode()) {
             case KeymasterDefs.KM_ERROR_INVALID_NONCE:
diff --git a/services/core/java/com/android/server/biometrics/sensors/AuthenticationClient.java b/services/core/java/com/android/server/biometrics/sensors/AuthenticationClient.java
index f9568ea9d72b..6eba23f45fdf 100644
--- a/services/core/java/com/android/server/biometrics/sensors/AuthenticationClient.java
+++ b/services/core/java/com/android/server/biometrics/sensors/AuthenticationClient.java
@@ -256,10 +256,10 @@ public abstract class AuthenticationClient<T, O extends AuthenticateOptions>
             // For BP, BiometricService will add the authToken to Keystore.
             if (!isBiometricPrompt() && mIsStrongBiometric) {
                 final int result = KeyStore.getInstance().addAuthToken(byteToken);
-                if (result != KeyStore.NO_ERROR) {
+                if (result != 0) {
                     Slog.d(TAG, "Error adding auth token : " + result);
                 } else {
-                    Slog.d(TAG, "addAuthToken: " + result);
+                    Slog.d(TAG, "addAuthToken succeeded");
                 }
             } else {
                 Slog.d(TAG, "Skipping addAuthToken");