Merge "Remove deprecated android.security.KeyStore methods." into mnc-dev

3 files changed, 18 insertions, 29 deletions

diff --git a/keystore/java/android/security/KeyStore.java b/keystore/java/android/security/KeyStore.java
index 1a05104..367257a 100644
--- a/keystore/java/android/security/KeyStore.java
+++ b/keystore/java/android/security/KeyStore.java
@@ -231,14 +231,6 @@ public class KeyStore {
         return list(prefix, UID_SELF);
     }
 
-    public String[] saw(String prefix, int uid) {
-        return list(prefix, uid);
-    }
-
-    public String[] saw(String prefix) {
-        return saw(prefix, UID_SELF);
-    }
-
     public boolean reset() {
         try {
             return mBinder.reset() == NO_ERROR;
@@ -328,23 +320,6 @@ public class KeyStore {
         }
     }
 
-    public byte[] getPubkey(String key) {
-        try {
-            return mBinder.get_pubkey(key);
-        } catch (RemoteException e) {
-            Log.w(TAG, "Cannot connect to keystore", e);
-            return null;
-        }
-    }
-
-    public boolean delKey(String key, int uid) {
-        return delete(key, uid);
-    }
-
-    public boolean delKey(String key) {
-        return delKey(key, UID_SELF);
-    }
-
     public byte[] sign(String key, byte[] data) {
         try {
             return mBinder.sign(key, data);
diff --git a/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java b/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java
index 7b5ca3a..c5ea0f7 100644
--- a/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java
+++ b/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java
@@ -20,6 +20,8 @@ import android.annotation.NonNull;
 import android.security.Credentials;
 import android.security.KeyPairGeneratorSpec;
 import android.security.KeyStore;
+import android.security.keymaster.ExportResult;
+import android.security.keymaster.KeymasterDefs;
 
 import com.android.org.bouncycastle.x509.X509V3CertificateGenerator;
 import com.android.org.conscrypt.NativeConstants;
@@ -33,6 +35,7 @@ import java.security.KeyPairGenerator;
 import java.security.KeyPairGeneratorSpi;
 import java.security.NoSuchAlgorithmException;
 import java.security.PrivateKey;
+import java.security.ProviderException;
 import java.security.PublicKey;
 import java.security.SecureRandom;
 import java.security.cert.CertificateEncodingException;
@@ -153,7 +156,18 @@ public abstract class AndroidKeyStoreKeyPairGeneratorSpi extends KeyPairGenerato
                 throw new RuntimeException("Can't get key", e);
             }
 
-            final byte[] pubKeyBytes = mKeyStore.getPubkey(privateKeyAlias);
+            ExportResult exportResult =
+                    mKeyStore.exportKey(
+                            privateKeyAlias, KeymasterDefs.KM_KEY_FORMAT_X509, null, null);
+            if (exportResult == null) {
+                throw new KeyStoreConnectException();
+            } else if (exportResult.resultCode != KeyStore.NO_ERROR) {
+                throw new ProviderException(
+                        "Failed to obtain public key in X.509 format",
+                        KeyStore.getKeyStoreException(exportResult.resultCode));
+            }
+            final byte[] pubKeyBytes = exportResult.exportData;
+
 
             final PublicKey pubKey;
             try {
diff --git a/keystore/java/android/security/keystore/AndroidKeyStoreSpi.java b/keystore/java/android/security/keystore/AndroidKeyStoreSpi.java
index 05ddef6..7c9c0cf 100644
--- a/keystore/java/android/security/keystore/AndroidKeyStoreSpi.java
+++ b/keystore/java/android/security/keystore/AndroidKeyStoreSpi.java
@@ -685,7 +685,7 @@ public class AndroidKeyStoreSpi extends KeyStoreSpi {
     }
 
     private Set<String> getUniqueAliases() {
-        final String[] rawAliases = mKeyStore.saw("");
+        final String[] rawAliases = mKeyStore.list("");
         if (rawAliases == null) {
             return new HashSet<String>();
         }
@@ -778,7 +778,7 @@ public class AndroidKeyStoreSpi extends KeyStoreSpi {
          * equivalent to the USER_CERTIFICATE prefix for the Android keystore
          * convention.
          */
-        final String[] certAliases = mKeyStore.saw(Credentials.USER_CERTIFICATE);
+        final String[] certAliases = mKeyStore.list(Credentials.USER_CERTIFICATE);
         if (certAliases != null) {
             for (String alias : certAliases) {
                 final byte[] certBytes = mKeyStore.get(Credentials.USER_CERTIFICATE + alias);
@@ -799,7 +799,7 @@ public class AndroidKeyStoreSpi extends KeyStoreSpi {
          * Look at all the TrustedCertificateEntry types. Skip all the
          * PrivateKeyEntry we looked at above.
          */
-        final String[] caAliases = mKeyStore.saw(Credentials.CA_CERTIFICATE);
+        final String[] caAliases = mKeyStore.list(Credentials.CA_CERTIFICATE);
         if (certAliases != null) {
             for (String alias : caAliases) {
                 if (nonCaEntries.contains(alias)) {