Remove "encrypt at rest" flag from new AndroidKeyStore API.

This flag causes issues such as being unable to generate, import, or
use keys when the user/profile secure lock screen credential hasn't
yet been entered after boot.

Bug: 18088752
Change-Id: I992f6dfdc945bcb83e341356a40dfa7d7bc143d8

5 files changed, 14 insertions, 116 deletions

diff --git a/keystore/java/android/security/keystore/AndroidKeyPairGeneratorSpi.java b/keystore/java/android/security/keystore/AndroidKeyPairGeneratorSpi.java
index 8d3b421..2c393fd 100644
--- a/keystore/java/android/security/keystore/AndroidKeyPairGeneratorSpi.java
+++ b/keystore/java/android/security/keystore/AndroidKeyPairGeneratorSpi.java
@@ -89,6 +89,7 @@ public abstract class AndroidKeyPairGeneratorSpi extends KeyPairGeneratorSpi {
     private KeyStore mKeyStore;
 
     private KeyGenParameterSpec mSpec;
+    private boolean mEncryptionAtRestRequired;
     private @KeyProperties.KeyAlgorithmEnum String mKeyAlgorithm;
     private int mKeyType;
     private int mKeySize;
@@ -123,7 +124,7 @@ public abstract class AndroidKeyPairGeneratorSpi extends KeyPairGeneratorSpi {
 
         }
 
-        final int flags = mSpec.getFlags();
+        final int flags = (mEncryptionAtRestRequired) ? KeyStore.FLAG_ENCRYPTED : 0;
         if (((flags & KeyStore.FLAG_ENCRYPTED) != 0)
                 && (mKeyStore.state() != KeyStore.State.UNLOCKED)) {
             throw new IllegalStateException(
@@ -296,6 +297,7 @@ public abstract class AndroidKeyPairGeneratorSpi extends KeyPairGeneratorSpi {
 
         String keyAlgorithm;
         KeyGenParameterSpec spec;
+        boolean encryptionAtRestRequired = false;
         if (params instanceof KeyPairGeneratorSpec) {
             KeyPairGeneratorSpec legacySpec = (KeyPairGeneratorSpec) params;
             try {
@@ -353,7 +355,7 @@ public abstract class AndroidKeyPairGeneratorSpi extends KeyPairGeneratorSpi {
                 specBuilder.setCertificateSerialNumber(legacySpec.getSerialNumber());
                 specBuilder.setCertificateNotBefore(legacySpec.getStartDate());
                 specBuilder.setCertificateNotAfter(legacySpec.getEndDate());
-                specBuilder.setEncryptionAtRestRequired(legacySpec.isEncryptionRequired());
+                encryptionAtRestRequired = legacySpec.isEncryptionRequired();
                 specBuilder.setUserAuthenticationRequired(false);
 
                 spec = specBuilder.build();
@@ -390,6 +392,7 @@ public abstract class AndroidKeyPairGeneratorSpi extends KeyPairGeneratorSpi {
         mKeyType = keyType;
         mKeySize = keySize;
         mSpec = spec;
+        mEncryptionAtRestRequired = encryptionAtRestRequired;
         mKeyStore = KeyStore.getInstance();
     }
 }
diff --git a/keystore/java/android/security/keystore/AndroidKeyStoreKeyGeneratorSpi.java b/keystore/java/android/security/keystore/AndroidKeyStoreKeyGeneratorSpi.java
index 0821bf5..dc4c8a3 100644
--- a/keystore/java/android/security/keystore/AndroidKeyStoreKeyGeneratorSpi.java
+++ b/keystore/java/android/security/keystore/AndroidKeyStoreKeyGeneratorSpi.java
@@ -264,13 +264,6 @@ public abstract class AndroidKeyStoreKeyGeneratorSpi extends KeyGeneratorSpi {
             throw new IllegalStateException("Not initialized");
         }
 
-        if ((spec.isEncryptionAtRestRequired())
-                && (mKeyStore.state() != KeyStore.State.UNLOCKED)) {
-            throw new IllegalStateException(
-                    "Requested to import a key which must be encrypted at rest using secure lock"
-                    + " screen credential, but the credential hasn't yet been entered by the user");
-        }
-
         KeymasterArguments args = new KeymasterArguments();
         args.addInt(KeymasterDefs.KM_TAG_KEY_SIZE, mKeySizeBits);
         args.addInt(KeymasterDefs.KM_TAG_ALGORITHM, mKeymasterAlgorithm);
@@ -300,7 +293,7 @@ public abstract class AndroidKeyStoreKeyGeneratorSpi extends KeyGeneratorSpi {
         byte[] additionalEntropy =
                 KeyStoreCryptoOperationUtils.getRandomBytesToMixIntoKeystoreRng(
                         mRng, (mKeySizeBits + 7) / 8);
-        int flags = spec.getFlags();
+        int flags = 0;
         String keyAliasInKeystore = Credentials.USER_SECRET_KEY + spec.getKeystoreAlias();
         KeyCharacteristics resultingKeyCharacteristics = new KeyCharacteristics();
         int errorCode = mKeyStore.generateKey(
diff --git a/keystore/java/android/security/keystore/AndroidKeyStoreSpi.java b/keystore/java/android/security/keystore/AndroidKeyStoreSpi.java
index d6145a3..f159c30 100644
--- a/keystore/java/android/security/keystore/AndroidKeyStoreSpi.java
+++ b/keystore/java/android/security/keystore/AndroidKeyStoreSpi.java
@@ -274,6 +274,7 @@ public class AndroidKeyStoreSpi extends KeyStoreSpi {
 
     private void setPrivateKeyEntry(String alias, PrivateKey key, Certificate[] chain,
             java.security.KeyStore.ProtectionParameter param) throws KeyStoreException {
+        int flags = 0;
         KeyProtection spec;
         if (param instanceof KeyStoreParameter) {
             KeyStoreParameter legacySpec = (KeyStoreParameter) param;
@@ -319,7 +320,9 @@ public class AndroidKeyStoreSpi extends KeyStoreSpi {
                 } else {
                     throw new KeyStoreException("Unsupported key algorithm: " + keyAlgorithm);
                 }
-                specBuilder.setEncryptionAtRestRequired(legacySpec.isEncryptionRequired());
+                if (legacySpec.isEncryptionRequired()) {
+                    flags = android.security.KeyStore.FLAG_ENCRYPTED;
+                }
                 specBuilder.setUserAuthenticationRequired(false);
 
                 spec = specBuilder.build();
@@ -449,8 +452,6 @@ public class AndroidKeyStoreSpi extends KeyStoreSpi {
             Credentials.deleteSecretKeyTypeForAlias(mKeyStore, alias);
         }
 
-        final int flags = (spec == null) ? 0 : spec.getFlags();
-
         if (shouldReplacePrivateKey
                 && !mKeyStore.importKey(Credentials.USER_PRIVATE_KEY + alias, keyBytes,
                         android.security.KeyStore.UID_SELF, flags)) {
@@ -636,7 +637,7 @@ public class AndroidKeyStoreSpi extends KeyStoreSpi {
                 args,
                 KeymasterDefs.KM_KEY_FORMAT_RAW,
                 keyMaterial,
-                params.getFlags(),
+                0, // flags
                 new KeyCharacteristics());
         if (errorCode != android.security.KeyStore.NO_ERROR) {
             throw new KeyStoreException("Failed to import secret key. Keystore error code: "
diff --git a/keystore/java/android/security/keystore/KeyGenParameterSpec.java b/keystore/java/android/security/keystore/KeyGenParameterSpec.java
index f598482..1d4c188 100644
--- a/keystore/java/android/security/keystore/KeyGenParameterSpec.java
+++ b/keystore/java/android/security/keystore/KeyGenParameterSpec.java
@@ -16,12 +16,10 @@
 
 package android.security.keystore;
 
-import android.app.KeyguardManager;
 import android.annotation.IntRange;
 import android.annotation.NonNull;
 import android.annotation.Nullable;
 import android.text.TextUtils;
-import android.security.KeyStore;
 
 import java.math.BigInteger;
 import java.security.KeyPairGenerator;
@@ -37,8 +35,8 @@ import javax.security.auth.x500.X500Principal;
  * {@link AlgorithmParameterSpec} for initializing a {@link KeyPairGenerator} or a
  * {@link KeyGenerator} of the <a href="{@docRoot}training/articles/keystore.html">Android Keystore
  * system</a>. The spec determines whether user authentication is required for using the key, what
- * uses the key is authorized for (e.g., only for signing -- decryption not permitted), whether the
- * key should be encrypted at rest, the key's and validity start and end dates.
+ * uses the key is authorized for (e.g., only for signing -- decryption not permitted), the key's
+ * validity start and end dates.
  *
  * <p>To generate an asymmetric key pair or a symmetric key, create an instance of this class using
  * the {@link Builder}, initialize a {@code KeyPairGenerator} or a {@code KeyGenerator} of the
@@ -127,7 +125,6 @@ public final class KeyGenParameterSpec implements AlgorithmParameterSpec {
     private final BigInteger mCertificateSerialNumber;
     private final Date mCertificateNotBefore;
     private final Date mCertificateNotAfter;
-    private final int mFlags;
     private final Date mKeyValidityStart;
     private final Date mKeyValidityForOriginationEnd;
     private final Date mKeyValidityForConsumptionEnd;
@@ -151,7 +148,6 @@ public final class KeyGenParameterSpec implements AlgorithmParameterSpec {
             BigInteger certificateSerialNumber,
             Date certificateNotBefore,
             Date certificateNotAfter,
-            int flags,
             Date keyValidityStart,
             Date keyValidityForOriginationEnd,
             Date keyValidityForConsumptionEnd,
@@ -195,7 +191,6 @@ public final class KeyGenParameterSpec implements AlgorithmParameterSpec {
         mCertificateSerialNumber = certificateSerialNumber;
         mCertificateNotBefore = certificateNotBefore;
         mCertificateNotAfter = certificateNotAfter;
-        mFlags = flags;
         mKeyValidityStart = keyValidityStart;
         mKeyValidityForOriginationEnd = keyValidityForOriginationEnd;
         mKeyValidityForConsumptionEnd = keyValidityForConsumptionEnd;
@@ -271,29 +266,6 @@ public final class KeyGenParameterSpec implements AlgorithmParameterSpec {
     }
 
     /**
-     * @hide
-     */
-    public int getFlags() {
-        return mFlags;
-    }
-
-    /**
-     * Returns {@code true} if the key must be encrypted at rest. This will protect the key with the
-     * secure lock screen credential (e.g., password, PIN, or pattern).
-     *
-     * <p>Note that encrypting the key at rest requires that the secure lock screen (e.g., password,
-     * PIN, pattern) is set up, otherwise key generation will fail. Moreover, this key will be
-     * deleted when the secure lock screen is disabled or reset (e.g., by the user or a Device
-     * Administrator). Finally, this key cannot be used until the user unlocks the secure lock
-     * screen after boot.
-     *
-     * @see KeyguardManager#isDeviceSecure()
-     */
-    public boolean isEncryptionAtRestRequired() {
-        return (mFlags & KeyStore.FLAG_ENCRYPTED) != 0;
-    }
-
-    /**
      * Returns the time instant before which the key is not yet valid or {@code null} if not
      * restricted.
      */
@@ -450,7 +422,6 @@ public final class KeyGenParameterSpec implements AlgorithmParameterSpec {
         private BigInteger mCertificateSerialNumber;
         private Date mCertificateNotBefore;
         private Date mCertificateNotAfter;
-        private int mFlags;
         private Date mKeyValidityStart;
         private Date mKeyValidityForOriginationEnd;
         private Date mKeyValidityForConsumptionEnd;
@@ -576,28 +547,6 @@ public final class KeyGenParameterSpec implements AlgorithmParameterSpec {
         }
 
         /**
-         * Sets whether this key pair or key must be encrypted at rest. This will protect the key
-         * pair or key with the secure lock screen credential (e.g., password, PIN, or pattern).
-         *
-         * <p>Note that enabling this feature requires that the secure lock screen (e.g., password,
-         * PIN, pattern) is set up, otherwise key generation will fail. Moreover, this key will be
-         * deleted when the secure lock screen is disabled or reset (e.g., by the user or a Device
-         * Administrator). Finally, this key cannot be used until the user unlocks the secure lock
-         * screen after boot.
-         *
-         * @see KeyguardManager#isDeviceSecure()
-         */
-        @NonNull
-        public Builder setEncryptionAtRestRequired(boolean required) {
-            if (required) {
-                mFlags |= KeyStore.FLAG_ENCRYPTED;
-            } else {
-                mFlags &= ~KeyStore.FLAG_ENCRYPTED;
-            }
-            return this;
-        }
-
-        /**
          * Sets the time instant before which the key is not yet valid.
          *
          * <p>By default, the key is valid at any instant.
@@ -839,7 +788,6 @@ public final class KeyGenParameterSpec implements AlgorithmParameterSpec {
                     mCertificateSerialNumber,
                     mCertificateNotBefore,
                     mCertificateNotAfter,
-                    mFlags,
                     mKeyValidityStart,
                     mKeyValidityForOriginationEnd,
                     mKeyValidityForConsumptionEnd,
diff --git a/keystore/java/android/security/keystore/KeyProtection.java b/keystore/java/android/security/keystore/KeyProtection.java
index 48fdd98..f52a193 100644
--- a/keystore/java/android/security/keystore/KeyProtection.java
+++ b/keystore/java/android/security/keystore/KeyProtection.java
@@ -19,8 +19,6 @@ package android.security.keystore;
 import android.annotation.IntRange;
 import android.annotation.NonNull;
 import android.annotation.Nullable;
-import android.app.KeyguardManager;
-import android.security.KeyStore;
 
 import java.security.Key;
 import java.security.KeyStore.ProtectionParameter;
@@ -34,8 +32,7 @@ import javax.crypto.Cipher;
  * <a href="{@docRoot}training/articles/keystore.html">Android KeyStore facility</a>. This class
  * specifies parameters such as whether user authentication is required for using the key, what uses
  * the key is authorized for (e.g., only in {@code CTR} mode, or only for signing -- decryption not
- * permitted), whether the key should be encrypted at rest, the key's and validity start and end
- * dates.
+ * permitted), the key's and validity start and end dates.
  *
  * <p>To import a key or key pair into the Android KeyStore, create an instance of this class using
  * the {@link Builder} and pass the instance into {@link java.security.KeyStore#setEntry(String, java.security.KeyStore.Entry, ProtectionParameter) KeyStore.setEntry}
@@ -101,7 +98,6 @@ import javax.crypto.Cipher;
  * }</pre>
  */
 public final class KeyProtection implements ProtectionParameter {
-    private final int mFlags;
     private final Date mKeyValidityStart;
     private final Date mKeyValidityForOriginationEnd;
     private final Date mKeyValidityForConsumptionEnd;
@@ -115,7 +111,6 @@ public final class KeyProtection implements ProtectionParameter {
     private final int mUserAuthenticationValidityDurationSeconds;
 
     private KeyProtection(
-            int flags,
             Date keyValidityStart,
             Date keyValidityForOriginationEnd,
             Date keyValidityForConsumptionEnd,
@@ -133,7 +128,6 @@ public final class KeyProtection implements ProtectionParameter {
                     "userAuthenticationValidityDurationSeconds must not be negative");
         }
 
-        mFlags = flags;
         mKeyValidityStart = keyValidityStart;
         mKeyValidityForOriginationEnd = keyValidityForOriginationEnd;
         mKeyValidityForConsumptionEnd = keyValidityForConsumptionEnd;
@@ -150,22 +144,6 @@ public final class KeyProtection implements ProtectionParameter {
     }
 
     /**
-     * @hide
-     */
-    public int getFlags() {
-        return mFlags;
-    }
-
-    /**
-     * Returns {@code true} if the {@link java.security.KeyStore} entry must be encrypted at rest.
-     * This will protect the entry with the secure lock screen credential (e.g., password, PIN, or
-     * pattern).
-     */
-    public boolean isEncryptionAtRestRequired() {
-        return (mFlags & KeyStore.FLAG_ENCRYPTED) != 0;
-    }
-
-    /**
      * Gets the time instant before which the key is not yet valid.
      *
      * @return instant or {@code null} if not restricted.
@@ -310,7 +288,6 @@ public final class KeyProtection implements ProtectionParameter {
     public final static class Builder {
         private @KeyProperties.PurposeEnum int mPurposes;
 
-        private int mFlags;
         private Date mKeyValidityStart;
         private Date mKeyValidityForOriginationEnd;
         private Date mKeyValidityForConsumptionEnd;
@@ -338,29 +315,6 @@ public final class KeyProtection implements ProtectionParameter {
         }
 
         /**
-         * Sets whether this {@link java.security.KeyStore} entry must be encrypted at rest.
-         * Encryption at rest will protect the entry with the secure lock screen credential (e.g.,
-         * password, PIN, or pattern).
-         *
-         * <p>Note that enabling this feature requires that the secure lock screen (e.g., password,
-         * PIN, pattern) is set up, otherwise setting the {@code KeyStore} entry will fail.
-         * Moreover, this entry will be deleted when the secure lock screen is disabled or reset
-         * (e.g., by the user or a Device Administrator). Finally, this entry cannot be used until
-         * the user unlocks the secure lock screen after boot.
-         *
-         * @see KeyguardManager#isDeviceSecure()
-         */
-        @NonNull
-        public Builder setEncryptionAtRestRequired(boolean required) {
-            if (required) {
-                mFlags |= KeyStore.FLAG_ENCRYPTED;
-            } else {
-                mFlags &= ~KeyStore.FLAG_ENCRYPTED;
-            }
-            return this;
-        }
-
-        /**
          * Sets the time instant before which the key is not yet valid.
          *
          * <p>By default, the key is valid at any instant.
@@ -589,7 +543,6 @@ public final class KeyProtection implements ProtectionParameter {
         @NonNull
         public KeyProtection build() {
             return new KeyProtection(
-                    mFlags,
                     mKeyValidityStart,
                     mKeyValidityForOriginationEnd,
                     mKeyValidityForConsumptionEnd,