From 40a8d1f7ef6d0f04f5d8c4a57620282513bd2b6b Mon Sep 17 00:00:00 2001
From: Shaquille Johnson <ssjohnson@google.com>
Date: Mon, 13 Nov 2023 16:06:08 +0000
Subject: Update exception thrown for keystore

When the keystore service is not available or
not initialized we do not want to crash the service.
So we throw and Exception that KeystoreService
is not availble when it should be possibly in an
incorrect state.

Test: atest CtsKeystoreTestCases
Bug: 304758094
Change-Id: If73856deb27b9f11a9b77f0ba32c3b4037332759
---
 keystore/java/android/security/KeyStore2.java | 19 +++++++++++++++----
 1 file changed, 15 insertions(+), 4 deletions(-)

diff --git a/keystore/java/android/security/KeyStore2.java b/keystore/java/android/security/KeyStore2.java
index 5e16bcee1a0e..dd703f5eefb9 100644
--- a/keystore/java/android/security/KeyStore2.java
+++ b/keystore/java/android/security/KeyStore2.java
@@ -33,7 +33,6 @@ import android.system.keystore2.ResponseCode;
 import android.util.Log;
 
 import java.util.Calendar;
-import java.util.Objects;
 
 /**
  * @hide This should not be made public in its present form because it
@@ -139,13 +138,25 @@ public class KeyStore2 {
         return new KeyStore2();
     }
 
+    /**
+     * Gets the {@link IKeystoreService} that should be started in early_hal in Android.
+     *
+     * @throws IllegalStateException if the KeystoreService is not available or has not
+     * been initialized when called. This is a state that should not happen and indicates
+     * and error somewhere in the stack or with the calling processes access permissions.
+     */
     @NonNull private synchronized IKeystoreService getService(boolean retryLookup) {
         if (mBinder == null || retryLookup) {
             mBinder = IKeystoreService.Stub.asInterface(ServiceManager
-                    .getService(KEYSTORE2_SERVICE_NAME));
-            Binder.allowBlocking(mBinder.asBinder());
+                .getService(KEYSTORE2_SERVICE_NAME));
+        }
+        if (mBinder == null) {
+            throw new IllegalStateException(
+                    "Could not connect to Keystore service. Keystore may have crashed or not been"
+                            + " initialized");
         }
-        return Objects.requireNonNull(mBinder);
+        Binder.allowBlocking(mBinder.asBinder());
+        return mBinder;
     }
 
     void delete(KeyDescriptor descriptor) throws KeyStoreException {
-- 
cgit v1.2.3-59-g8ed1b