From 4da177489448ac20ad50b2ec339c9e1be66ccd77 Mon Sep 17 00:00:00 2001 From: Colin Cross Date: Wed, 11 Apr 2018 17:27:24 +0000 Subject: Revert "Update docs to match encryption requirements" This reverts commit cebb55ea9d98dc7ba93eed520b874ac24ff96800. Reason for revert: broke docs builds Change-Id: I3a4b8d274141efec90fae2ed0b9324194288c635 --- core/java/android/app/backup/BackupAgent.java | 15 ++++----------- core/java/android/app/backup/BackupDataOutput.java | 6 +----- core/java/android/app/backup/FullBackupDataOutput.java | 6 +----- 3 files changed, 6 insertions(+), 21 deletions(-) diff --git a/core/java/android/app/backup/BackupAgent.java b/core/java/android/app/backup/BackupAgent.java index 39b9181b9b6e..d1c957b8fedc 100644 --- a/core/java/android/app/backup/BackupAgent.java +++ b/core/java/android/app/backup/BackupAgent.java @@ -148,17 +148,10 @@ public abstract class BackupAgent extends ContextWrapper { * Flag for {@link BackupDataOutput#getTransportFlags()} and * {@link FullBackupDataOutput#getTransportFlags()} only. * - *

The transport has client-side encryption enabled. i.e., the user's backup is encrypted - * with a key known only to the device, and not to the remote storage solution where the backup - * data is stored. The key may be synced to a remote trusted hardware module if it has - * protections equivalent to those described in the - * Google - * Cloud Key Vault Service whitepaper. Having direct access to the trusted hardware module - * must be insufficient to decrypt the user's backup data. - * - *

The backup data itself must be encrypted using an AES/GCM/NoPadding cipher. The key - * material must be randomly generated using {@link java.security.SecureRandom}, and must have - * at least 256 bits of entropy. + *

The transport has client-side encryption enabled. i.e., the user's backup has been + * encrypted with a key known only to the device, and not to the remote storage solution. Even + * if an attacker had root access to the remote storage provider they should not be able to + * decrypt the user's backup data. */ public static final int FLAG_CLIENT_SIDE_ENCRYPTION_ENABLED = 1; diff --git a/core/java/android/app/backup/BackupDataOutput.java b/core/java/android/app/backup/BackupDataOutput.java index 4f90cf7781e0..5a66f3407417 100644 --- a/core/java/android/app/backup/BackupDataOutput.java +++ b/core/java/android/app/backup/BackupDataOutput.java @@ -107,12 +107,8 @@ public class BackupDataOutput { /** * Returns flags with additional information about the backup transport. For supported flags see - * {@link android.app.backup.BackupAgent}. + * {@link android.app.backup.BackupAgent} * - *

Returns the same flags that {@link BackupTransport#getTransportFlags()} returns. - * - * @see BackupAgent#FLAG_CLIENT_SIDE_ENCRYPTION_ENABLED - * @see BackupAgent#FLAG_DEVICE_TO_DEVICE_TRANSFER * @see FullBackupDataOutput#getTransportFlags() */ public int getTransportFlags() { diff --git a/core/java/android/app/backup/FullBackupDataOutput.java b/core/java/android/app/backup/FullBackupDataOutput.java index f1d9dc6fa93c..18f428339941 100644 --- a/core/java/android/app/backup/FullBackupDataOutput.java +++ b/core/java/android/app/backup/FullBackupDataOutput.java @@ -26,12 +26,8 @@ public class FullBackupDataOutput { /** * Returns flags with additional information about the backup transport. For supported flags see - * {@link android.app.backup.BackupAgent}. + * {@link android.app.backup.BackupAgent} * - *

Returns the same flags that {@link BackupTransport#getTransportFlags()} returns. - * - * @see BackupAgent#FLAG_CLIENT_SIDE_ENCRYPTION_ENABLED - * @see BackupAgent#FLAG_DEVICE_TO_DEVICE_TRANSFER * @see BackupDataOutput#getTransportFlags() */ public int getTransportFlags() { -- cgit v1.2.3-59-g8ed1b