From c230e33f80a35d8c4cd7e7eb64f328308107ff70 Mon Sep 17 00:00:00 2001 From: Eric Biggers Date: Mon, 9 Oct 2023 23:16:14 +0000 Subject: Remove KeyStore#state() Remove AndroidKeyStoreMaintenance#getState() and both overloads of KeyStore#state(). None of these are used by platform code anymore. The two KeyStore#state() methods do have @UnsupportedAppUsage, as do two values of the State enum: UNLOCKED and LOCKED. However, there is a clear public API equivalent for apps that may be checking these states: UserManager#isUserUnlocked(). Therefore, according to the policy on unsupported usage of internal APIs, we can remove these internal APIs. Also, the non-SDK dashboard has no runtime results for either method, and only one static analysis result which is from unused code in one app. This is consistent with these methods being entirely unused. Part of the motivation for removing these internal APIs is that upcoming changes to the lifetime of keystore superencryption keys would change the behavior of getState. So it seems like a good time to remove this unused/unsupported code instead of wasting time maintaining it. Bug: 296464083 Test: atest -p --include-subdirs system/security/keystore2 Change-Id: Iff821bbdeac5ee0653c9c71867fd53d38cb4d48f --- .../security/AndroidKeyStoreMaintenance.java | 19 ------------- keystore/java/android/security/KeyStore.java | 33 ---------------------- 2 files changed, 52 deletions(-) diff --git a/keystore/java/android/security/AndroidKeyStoreMaintenance.java b/keystore/java/android/security/AndroidKeyStoreMaintenance.java index 31c2eb2efaed..b7ea04fdfe07 100644 --- a/keystore/java/android/security/AndroidKeyStoreMaintenance.java +++ b/keystore/java/android/security/AndroidKeyStoreMaintenance.java @@ -127,25 +127,6 @@ public class AndroidKeyStoreMaintenance { } } - /** - * Queries user state from Keystore 2.0. - * - * @param userId - Android user id of the user. - * @return UserState enum variant as integer if successful or an error - */ - public static int getState(int userId) { - StrictMode.noteDiskRead(); - try { - return getService().getState(userId); - } catch (ServiceSpecificException e) { - Log.e(TAG, "getState failed", e); - return e.errorCode; - } catch (Exception e) { - Log.e(TAG, "Can not connect to keystore", e); - return SYSTEM_ERROR; - } - } - /** * Informs Keystore 2.0 that an off body event was detected. */ diff --git a/keystore/java/android/security/KeyStore.java b/keystore/java/android/security/KeyStore.java index 8045f55f6b4c..11b827117aa3 100644 --- a/keystore/java/android/security/KeyStore.java +++ b/keystore/java/android/security/KeyStore.java @@ -19,8 +19,6 @@ package android.security; import android.compat.annotation.UnsupportedAppUsage; import android.os.Build; import android.os.StrictMode; -import android.os.UserHandle; -import android.security.maintenance.UserState; /** * @hide This should not be made public in its present form because it @@ -37,15 +35,6 @@ public class KeyStore { // Used for UID field to indicate the calling UID. public static final int UID_SELF = -1; - // States - public enum State { - @UnsupportedAppUsage - UNLOCKED, - @UnsupportedAppUsage - LOCKED, - UNINITIALIZED - }; - private static final KeyStore KEY_STORE = new KeyStore(); @UnsupportedAppUsage @@ -53,28 +42,6 @@ public class KeyStore { return KEY_STORE; } - /** @hide */ - @UnsupportedAppUsage(maxTargetSdk = Build.VERSION_CODES.R, trackingBug = 170729553) - public State state(int userId) { - int userState = AndroidKeyStoreMaintenance.getState(userId); - switch (userState) { - case UserState.UNINITIALIZED: - return KeyStore.State.UNINITIALIZED; - case UserState.LSKF_UNLOCKED: - return KeyStore.State.UNLOCKED; - case UserState.LSKF_LOCKED: - return KeyStore.State.LOCKED; - default: - throw new AssertionError(userState); - } - } - - /** @hide */ - @UnsupportedAppUsage - public State state() { - return state(UserHandle.myUserId()); - } - /** @hide */ @UnsupportedAppUsage(maxTargetSdk = Build.VERSION_CODES.R, trackingBug = 170729553) public byte[] get(String key) { -- cgit v1.2.3-59-g8ed1b