Remove deprecated android.security.KeyStore methods.

* delKey -> delete * getPubkey -> exportKey * saw -> list. Bug: 18088752 Change-Id: Ifb794f91a42646d67da1340ee16765cbaf255a49
author: Alex Klyubin <klyubin@google.com> 2015-06-08 10:14:58 -0700
committer: Alex Klyubin <klyubin@google.com> 2015-06-08 10:14:58 -0700
commit: 4350babc028822e8905190d88a9f5b8c6ffce8ec (patch)
tree: 2225ba548ce55506a6a8e8a23fe7549ae7e4d60b /keystore
parent: e1f3214e72b63ed7cbe368005622055f80da0e0d (diff)
download: frameworks_base-4350babc028822e8905190d88a9f5b8c6ffce8ec.zip
frameworks_base-4350babc028822e8905190d88a9f5b8c6ffce8ec.tar.gz
frameworks_base-4350babc028822e8905190d88a9f5b8c6ffce8ec.tar.bz2
6 files changed, 45 insertions, 45 deletions
diff --git a/keystore/java/android/security/KeyStore.java b/keystore/java/android/security/KeyStore.java
index 1a05104..367257a 100644
--- a/keystore/java/android/security/KeyStore.java
+++ b/keystore/java/android/security/KeyStore.java
@@ -231,14 +231,6 @@ public class KeyStore {
         return list(prefix, UID_SELF);
     }
 
-    public String[] saw(String prefix, int uid) {
-        return list(prefix, uid);
-    }
-
-    public String[] saw(String prefix) {
-        return saw(prefix, UID_SELF);
-    }
-
     public boolean reset() {
         try {
             return mBinder.reset() == NO_ERROR;
@@ -328,23 +320,6 @@ public class KeyStore {
         }
     }
 
-    public byte[] getPubkey(String key) {
-        try {
-            return mBinder.get_pubkey(key);
-        } catch (RemoteException e) {
-            Log.w(TAG, "Cannot connect to keystore", e);
-            return null;
-        }
-    }
-
-    public boolean delKey(String key, int uid) {
-        return delete(key, uid);
-    }
-
-    public boolean delKey(String key) {
-        return delKey(key, UID_SELF);
-    }
-
     public byte[] sign(String key, byte[] data) {
         try {
             return mBinder.sign(key, data);
diff --git a/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java b/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java
index 7b5ca3a..c5ea0f7 100644
--- a/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java
+++ b/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java
@@ -20,6 +20,8 @@ import android.annotation.NonNull;
 import android.security.Credentials;
 import android.security.KeyPairGeneratorSpec;
 import android.security.KeyStore;
+import android.security.keymaster.ExportResult;
+import android.security.keymaster.KeymasterDefs;
 
 import com.android.org.bouncycastle.x509.X509V3CertificateGenerator;
 import com.android.org.conscrypt.NativeConstants;
@@ -33,6 +35,7 @@ import java.security.KeyPairGenerator;
 import java.security.KeyPairGeneratorSpi;
 import java.security.NoSuchAlgorithmException;
 import java.security.PrivateKey;
+import java.security.ProviderException;
 import java.security.PublicKey;
 import java.security.SecureRandom;
 import java.security.cert.CertificateEncodingException;
@@ -153,7 +156,18 @@ public abstract class AndroidKeyStoreKeyPairGeneratorSpi extends KeyPairGenerato
                 throw new RuntimeException("Can't get key", e);
             }
 
-            final byte[] pubKeyBytes = mKeyStore.getPubkey(privateKeyAlias);
+            ExportResult exportResult =
+                    mKeyStore.exportKey(
+                            privateKeyAlias, KeymasterDefs.KM_KEY_FORMAT_X509, null, null);
+            if (exportResult == null) {
+                throw new KeyStoreConnectException();
+            } else if (exportResult.resultCode != KeyStore.NO_ERROR) {
+                throw new ProviderException(
+                        "Failed to obtain public key in X.509 format",
+                        KeyStore.getKeyStoreException(exportResult.resultCode));
+            }
+            final byte[] pubKeyBytes = exportResult.exportData;
+
 
             final PublicKey pubKey;
             try {
diff --git a/keystore/java/android/security/keystore/AndroidKeyStoreSpi.java b/keystore/java/android/security/keystore/AndroidKeyStoreSpi.java
index 05ddef6..7c9c0cf 100644
--- a/keystore/java/android/security/keystore/AndroidKeyStoreSpi.java
+++ b/keystore/java/android/security/keystore/AndroidKeyStoreSpi.java
@@ -685,7 +685,7 @@ public class AndroidKeyStoreSpi extends KeyStoreSpi {
     }
 
     private Set<String> getUniqueAliases() {
-        final String[] rawAliases = mKeyStore.saw("");
+        final String[] rawAliases = mKeyStore.list("");
         if (rawAliases == null) {
             return new HashSet<String>();
         }
@@ -778,7 +778,7 @@ public class AndroidKeyStoreSpi extends KeyStoreSpi {
          * equivalent to the USER_CERTIFICATE prefix for the Android keystore
          * convention.
          */
-        final String[] certAliases = mKeyStore.saw(Credentials.USER_CERTIFICATE);
+        final String[] certAliases = mKeyStore.list(Credentials.USER_CERTIFICATE);
         if (certAliases != null) {
             for (String alias : certAliases) {
                 final byte[] certBytes = mKeyStore.get(Credentials.USER_CERTIFICATE + alias);
@@ -799,7 +799,7 @@ public class AndroidKeyStoreSpi extends KeyStoreSpi {
          * Look at all the TrustedCertificateEntry types. Skip all the
          * PrivateKeyEntry we looked at above.
          */
-        final String[] caAliases = mKeyStore.saw(Credentials.CA_CERTIFICATE);
+        final String[] caAliases = mKeyStore.list(Credentials.CA_CERTIFICATE);
         if (certAliases != null) {
             for (String alias : caAliases) {
                 if (nonCaEntries.contains(alias)) {
diff --git a/keystore/tests/src/android/security/KeyStoreTest.java b/keystore/tests/src/android/security/KeyStoreTest.java
index e048ec9..44fb826 100644
--- a/keystore/tests/src/android/security/KeyStoreTest.java
+++ b/keystore/tests/src/android/security/KeyStoreTest.java
@@ -276,8 +276,8 @@ public class KeyStoreTest extends ActivityUnitTestCase<Activity> {
         assertFalse(mKeyStore.contains(TEST_KEYNAME, Process.BLUETOOTH_UID));
     }
 
-    public void testSaw() throws Exception {
-        String[] emptyResult = mKeyStore.saw(TEST_KEYNAME);
+    public void testList() throws Exception {
+        String[] emptyResult = mKeyStore.list(TEST_KEYNAME);
         assertNotNull(emptyResult);
         assertEquals(0, emptyResult.length);
 
@@ -285,26 +285,26 @@ public class KeyStoreTest extends ActivityUnitTestCase<Activity> {
         mKeyStore.put(TEST_KEYNAME1, TEST_KEYVALUE, KeyStore.UID_SELF, KeyStore.FLAG_ENCRYPTED);
         mKeyStore.put(TEST_KEYNAME2, TEST_KEYVALUE, KeyStore.UID_SELF, KeyStore.FLAG_ENCRYPTED);
 
-        String[] results = mKeyStore.saw(TEST_KEYNAME);
+        String[] results = mKeyStore.list(TEST_KEYNAME);
         assertEquals(new HashSet(Arrays.asList(TEST_KEYNAME1.substring(TEST_KEYNAME.length()),
                                                TEST_KEYNAME2.substring(TEST_KEYNAME.length()))),
                      new HashSet(Arrays.asList(results)));
     }
 
-    public void testSaw_ungrantedUid_Bluetooth() throws Exception {
-        String[] results1 = mKeyStore.saw(TEST_KEYNAME, Process.BLUETOOTH_UID);
+    public void testList_ungrantedUid_Bluetooth() throws Exception {
+        String[] results1 = mKeyStore.list(TEST_KEYNAME, Process.BLUETOOTH_UID);
         assertEquals(0, results1.length);
 
         mKeyStore.onUserPasswordChanged(TEST_PASSWD);
         mKeyStore.put(TEST_KEYNAME1, TEST_KEYVALUE, KeyStore.UID_SELF, KeyStore.FLAG_ENCRYPTED);
         mKeyStore.put(TEST_KEYNAME2, TEST_KEYVALUE, KeyStore.UID_SELF, KeyStore.FLAG_ENCRYPTED);
 
-        String[] results2 = mKeyStore.saw(TEST_KEYNAME, Process.BLUETOOTH_UID);
+        String[] results2 = mKeyStore.list(TEST_KEYNAME, Process.BLUETOOTH_UID);
         assertEquals(0, results2.length);
     }
 
-    public void testSaw_grantedUid_Wifi() throws Exception {
-        String[] results1 = mKeyStore.saw(TEST_KEYNAME, Process.WIFI_UID);
+    public void testList_grantedUid_Wifi() throws Exception {
+        String[] results1 = mKeyStore.list(TEST_KEYNAME, Process.WIFI_UID);
         assertNotNull(results1);
         assertEquals(0, results1.length);
 
@@ -312,14 +312,14 @@ public class KeyStoreTest extends ActivityUnitTestCase<Activity> {
         mKeyStore.put(TEST_KEYNAME1, TEST_KEYVALUE, Process.WIFI_UID, KeyStore.FLAG_ENCRYPTED);
         mKeyStore.put(TEST_KEYNAME2, TEST_KEYVALUE, Process.WIFI_UID, KeyStore.FLAG_ENCRYPTED);
 
-        String[] results2 = mKeyStore.saw(TEST_KEYNAME, Process.WIFI_UID);
+        String[] results2 = mKeyStore.list(TEST_KEYNAME, Process.WIFI_UID);
         assertEquals(new HashSet(Arrays.asList(TEST_KEYNAME1.substring(TEST_KEYNAME.length()),
                                                TEST_KEYNAME2.substring(TEST_KEYNAME.length()))),
                      new HashSet(Arrays.asList(results2)));
     }
 
-    public void testSaw_grantedUid_Vpn() throws Exception {
-        String[] results1 = mKeyStore.saw(TEST_KEYNAME, Process.VPN_UID);
+    public void testList_grantedUid_Vpn() throws Exception {
+        String[] results1 = mKeyStore.list(TEST_KEYNAME, Process.VPN_UID);
         assertNotNull(results1);
         assertEquals(0, results1.length);
 
@@ -327,7 +327,7 @@ public class KeyStoreTest extends ActivityUnitTestCase<Activity> {
         mKeyStore.put(TEST_KEYNAME1, TEST_KEYVALUE, Process.VPN_UID, KeyStore.FLAG_ENCRYPTED);
         mKeyStore.put(TEST_KEYNAME2, TEST_KEYVALUE, Process.VPN_UID, KeyStore.FLAG_ENCRYPTED);
 
-        String[] results2 = mKeyStore.saw(TEST_KEYNAME, Process.VPN_UID);
+        String[] results2 = mKeyStore.list(TEST_KEYNAME, Process.VPN_UID);
         assertEquals(new HashSet(Arrays.asList(TEST_KEYNAME1.substring(TEST_KEYNAME.length()),
                                                TEST_KEYNAME2.substring(TEST_KEYNAME.length()))),
                      new HashSet(Arrays.asList(results2)));
diff --git a/keystore/tests/src/android/security/keystore/AndroidKeyPairGeneratorTest.java b/keystore/tests/src/android/security/keystore/AndroidKeyPairGeneratorTest.java
index cad4e54..8488acd 100644
--- a/keystore/tests/src/android/security/keystore/AndroidKeyPairGeneratorTest.java
+++ b/keystore/tests/src/android/security/keystore/AndroidKeyPairGeneratorTest.java
@@ -18,6 +18,9 @@ package android.security.keystore;
 
 import android.security.Credentials;
 import android.security.KeyPairGeneratorSpec;
+import android.security.KeyStore;
+import android.security.keymaster.ExportResult;
+import android.security.keymaster.KeymasterDefs;
 import android.test.AndroidTestCase;
 
 import java.io.ByteArrayInputStream;
@@ -78,7 +81,7 @@ public class AndroidKeyPairGeneratorTest extends AndroidTestCase {
         assertTrue(mAndroidKeyStore.onUserPasswordChanged("1111"));
         assertTrue(mAndroidKeyStore.isUnlocked());
 
-        String[] aliases = mAndroidKeyStore.saw("");
+        String[] aliases = mAndroidKeyStore.list("");
         assertNotNull(aliases);
         assertEquals(0, aliases.length);
     }
@@ -359,7 +362,10 @@ public class AndroidKeyPairGeneratorTest extends AndroidTestCase {
         final byte[] caCerts = mAndroidKeyStore.get(Credentials.CA_CERTIFICATE + alias);
         assertNull("A list of CA certificates should not exist for the generated entry", caCerts);
 
-        final byte[] pubKeyBytes = mAndroidKeyStore.getPubkey(Credentials.USER_PRIVATE_KEY + alias);
+        ExportResult exportResult = mAndroidKeyStore.exportKey(
+                Credentials.USER_PRIVATE_KEY + alias, KeymasterDefs.KM_KEY_FORMAT_X509, null, null);
+        assertEquals(KeyStore.NO_ERROR, exportResult.resultCode);
+        final byte[] pubKeyBytes = exportResult.exportData;
         assertNotNull("The keystore should return the public key for the generated key",
                 pubKeyBytes);
     }
diff --git a/keystore/tests/src/android/security/keystore/AndroidKeyStoreTest.java b/keystore/tests/src/android/security/keystore/AndroidKeyStoreTest.java
index 2d4e4a0..336fa40 100644
--- a/keystore/tests/src/android/security/keystore/AndroidKeyStoreTest.java
+++ b/keystore/tests/src/android/security/keystore/AndroidKeyStoreTest.java
@@ -24,6 +24,8 @@ import com.android.org.conscrypt.OpenSSLEngine;
 import android.security.Credentials;
 import android.security.KeyStore;
 import android.security.KeyStoreParameter;
+import android.security.keymaster.ExportResult;
+import android.security.keymaster.KeymasterDefs;
 import android.test.AndroidTestCase;
 
 import java.io.ByteArrayInputStream;
@@ -742,7 +744,7 @@ public class AndroidKeyStoreTest extends AndroidTestCase {
         assertTrue(mAndroidKeyStore.onUserPasswordChanged("1111"));
         assertTrue(mAndroidKeyStore.isUnlocked());
 
-        assertEquals(0, mAndroidKeyStore.saw("").length);
+        assertEquals(0, mAndroidKeyStore.list("").length);
     }
 
     private void assertAliases(final String[] expectedAliases) throws KeyStoreException {
@@ -1932,7 +1934,10 @@ public class AndroidKeyStoreTest extends AndroidTestCase {
             throw new RuntimeException("Can't get key", e);
         }
 
-        final byte[] pubKeyBytes = keyStore.getPubkey(privateKeyAlias);
+        ExportResult exportResult =
+                keyStore.exportKey(privateKeyAlias, KeymasterDefs.KM_KEY_FORMAT_X509, null, null);
+        assertEquals(KeyStore.NO_ERROR, exportResult.resultCode);
+        final byte[] pubKeyBytes = exportResult.exportData;
 
         final PublicKey pubKey;
         try {
author	Alex Klyubin <klyubin@google.com>	2015-06-08 10:14:58 -0700
committer	Alex Klyubin <klyubin@google.com>	2015-06-08 10:14:58 -0700
commit	4350babc028822e8905190d88a9f5b8c6ffce8ec (patch)
tree	2225ba548ce55506a6a8e8a23fe7549ae7e4d60b /keystore
parent	e1f3214e72b63ed7cbe368005622055f80da0e0d (diff)
download	frameworks_base-4350babc028822e8905190d88a9f5b8c6ffce8ec.zip frameworks_base-4350babc028822e8905190d88a9f5b8c6ffce8ec.tar.gz frameworks_base-4350babc028822e8905190d88a9f5b8c6ffce8ec.tar.bz2