diff options
| author | Alex Klyubin <klyubin@google.com> | 2015-04-21 15:17:24 -0700 |
|---|---|---|
| committer | Alex Klyubin <klyubin@google.com> | 2015-04-24 10:54:45 -0700 |
| commit | ad9ba10ecda10c14e46d00f40fc3e431cc2d9bc2 (patch) | |
| tree | 2c1234ccb7344f0a70d62e3e6b9066158c508e85 /keystore/java/android/security/KeyStore.java | |
| parent | 71223ebe1b2264b7463a02c8dafd779eb3b8c210 (diff) | |
| download | frameworks_base-ad9ba10ecda10c14e46d00f40fc3e431cc2d9bc2.zip frameworks_base-ad9ba10ecda10c14e46d00f40fc3e431cc2d9bc2.tar.gz frameworks_base-ad9ba10ecda10c14e46d00f40fc3e431cc2d9bc2.tar.bz2 | |
No runtime exceptions during normal use of AndroidKeyStore crypto.
This changes the implementation of AndroidKeyStore-backed Cipher and
Mac to avoid throwing runtime exceptions during normal use. Runtime
exceptions will now be thrown only due to truly exceptional and
unrecoverable errors (e.g., keystore unreachable, or crypto primitive
not initialized).
This also changes the implementation of Cipher to cache any errors
encountered in Cipher.update until Cipher.doFinal which then throws
them as checked exceptions.
Bug: 20525947
Change-Id: I3c4ad57fe70abfbb817a79402f722a0208660727
Diffstat (limited to 'keystore/java/android/security/KeyStore.java')
| -rw-r--r-- | keystore/java/android/security/KeyStore.java | 23 |
1 files changed, 18 insertions, 5 deletions
diff --git a/keystore/java/android/security/KeyStore.java b/keystore/java/android/security/KeyStore.java index 84a664e..ff8534d 100644 --- a/keystore/java/android/security/KeyStore.java +++ b/keystore/java/android/security/KeyStore.java @@ -30,6 +30,7 @@ import android.security.keymaster.KeymasterDefs; import android.security.keymaster.OperationResult; import android.util.Log; +import java.security.InvalidKeyException; import java.util.Locale; /** @@ -508,7 +509,11 @@ public class KeyStore { } } - public static KeyStoreException getKeyStoreException(int errorCode) { + /** + * Returns a {@link KeyStoreException} corresponding to the provided keystore/keymaster error + * code. + */ + static KeyStoreException getKeyStoreException(int errorCode) { if (errorCode > 0) { // KeyStore layer error switch (errorCode) { @@ -544,7 +549,11 @@ public class KeyStore { } } - public static CryptoOperationException getCryptoOperationException(KeyStoreException e) { + /** + * Returns an {@link InvalidKeyException} corresponding to the provided + * {@link KeyStoreException}. + */ + static InvalidKeyException getInvalidKeyException(KeyStoreException e) { switch (e.getErrorCode()) { case KeymasterDefs.KM_ERROR_KEY_EXPIRED: return new KeyExpiredException(); @@ -553,11 +562,15 @@ public class KeyStore { case KeymasterDefs.KM_ERROR_KEY_USER_NOT_AUTHENTICATED: return new UserNotAuthenticatedException(); default: - return new CryptoOperationException("Crypto operation failed", e); + return new InvalidKeyException("Keystore operation failed", e); } } - public static CryptoOperationException getCryptoOperationException(int errorCode) { - return getCryptoOperationException(getKeyStoreException(errorCode)); + /** + * Returns an {@link InvalidKeyException} corresponding to the provided keystore/keymaster error + * code. + */ + static InvalidKeyException getInvalidKeyException(int errorCode) { + return getInvalidKeyException(getKeyStoreException(errorCode)); } } |