diff options
Diffstat (limited to 'core/java/android')
6 files changed, 15 insertions, 16 deletions
diff --git a/core/java/android/security/keystore/BackwardsCompat.java b/core/java/android/security/keystore/BackwardsCompat.java index 69558c4d8aaf..cf5fe1f07266 100644 --- a/core/java/android/security/keystore/BackwardsCompat.java +++ b/core/java/android/security/keystore/BackwardsCompat.java @@ -61,8 +61,8 @@ class BackwardsCompat { static android.security.keystore.recovery.KeyDerivationParams fromLegacyKeyDerivationParams( KeyDerivationParams keyDerivationParams ) { - return new android.security.keystore.recovery.KeyDerivationParams( - keyDerivationParams.getAlgorithm(), keyDerivationParams.getSalt()); + return android.security.keystore.recovery.KeyDerivationParams.createSha256Params( + keyDerivationParams.getSalt()); } static android.security.keystore.recovery.WrappedApplicationKey fromLegacyWrappedApplicationKey( diff --git a/core/java/android/security/keystore/recovery/KeyChainSnapshot.java b/core/java/android/security/keystore/recovery/KeyChainSnapshot.java index 69b9123c3c3e..ccb627e1181d 100644 --- a/core/java/android/security/keystore/recovery/KeyChainSnapshot.java +++ b/core/java/android/security/keystore/recovery/KeyChainSnapshot.java @@ -84,8 +84,8 @@ public final class KeyChainSnapshot implements Parcelable { } /** - * Snapshot version for given account. It is incremented when user secret or list of application - * keys changes. + * Snapshot version for given recovery agent. It is incremented when user secret or list of + * application keys changes. */ public int getSnapshotVersion() { return mSnapshotVersion; @@ -178,7 +178,7 @@ public final class KeyChainSnapshot implements Parcelable { private KeyChainSnapshot mInstance = new KeyChainSnapshot(); /** - * Snapshot version for given account. + * Snapshot version for the recovery agent. * * @param snapshotVersion The snapshot version * @return This builder. diff --git a/core/java/android/security/keystore/recovery/KeyDerivationParams.java b/core/java/android/security/keystore/recovery/KeyDerivationParams.java index 8cb8e5162f16..225b592d7595 100644 --- a/core/java/android/security/keystore/recovery/KeyDerivationParams.java +++ b/core/java/android/security/keystore/recovery/KeyDerivationParams.java @@ -22,7 +22,6 @@ import android.annotation.SystemApi; import android.os.Parcel; import android.os.Parcelable; - import com.android.internal.util.Preconditions; import java.lang.annotation.Retention; @@ -63,7 +62,7 @@ public final class KeyDerivationParams implements Parcelable { * salt + key_material_len + key_material, where salt_len and key_material_len are one-byte, and * denote the number of bytes for salt and key_material, respectively. */ - public static KeyDerivationParams createSha256Params(@NonNull byte[] salt) { + public static @NonNull KeyDerivationParams createSha256Params(@NonNull byte[] salt) { return new KeyDerivationParams(ALGORITHM_SHA256, salt); } @@ -76,7 +75,7 @@ public final class KeyDerivationParams implements Parcelable { * the parallelization parameter p is 1, the block size parameter r is 8, and the hashing output * length is 32-byte. */ - public static KeyDerivationParams createScryptParams( + public static @NonNull KeyDerivationParams createScryptParams( @NonNull byte[] salt, int memoryDifficulty) { return new KeyDerivationParams(ALGORITHM_SCRYPT, salt, memoryDifficulty); } @@ -84,8 +83,7 @@ public final class KeyDerivationParams implements Parcelable { /** * @hide */ - // TODO: Make private once legacy API is removed - public KeyDerivationParams(@KeyDerivationAlgorithm int algorithm, @NonNull byte[] salt) { + private KeyDerivationParams(@KeyDerivationAlgorithm int algorithm, @NonNull byte[] salt) { this(algorithm, salt, /*memoryDifficulty=*/ -1); } diff --git a/core/java/android/security/keystore/recovery/RecoveryCertPath.java b/core/java/android/security/keystore/recovery/RecoveryCertPath.java index 1950947d34fd..f3604febaa87 100644 --- a/core/java/android/security/keystore/recovery/RecoveryCertPath.java +++ b/core/java/android/security/keystore/recovery/RecoveryCertPath.java @@ -45,7 +45,7 @@ public final class RecoveryCertPath implements Parcelable { * @param certPath The certificate path to be wrapped. * @throws CertificateException if the given certificate path cannot be encoded properly. */ - public static RecoveryCertPath createRecoveryCertPath(@NonNull CertPath certPath) + public static @NonNull RecoveryCertPath createRecoveryCertPath(@NonNull CertPath certPath) throws CertificateException { // Perform the encoding here to avoid throwing exceptions in writeToParcel try { @@ -61,7 +61,7 @@ public final class RecoveryCertPath implements Parcelable { * @return the wrapped certificate path. * @throws CertificateException if the wrapped certificate path cannot be decoded properly. */ - public CertPath getCertPath() throws CertificateException { + public @NonNull CertPath getCertPath() throws CertificateException { // Perform the decoding here to avoid throwing exceptions in createFromParcel return decodeCertPath(mEncodedCertPath); } diff --git a/core/java/android/security/keystore/recovery/RecoverySession.java b/core/java/android/security/keystore/recovery/RecoverySession.java index cf8a9ddf257e..ff49ca3f005c 100644 --- a/core/java/android/security/keystore/recovery/RecoverySession.java +++ b/core/java/android/security/keystore/recovery/RecoverySession.java @@ -234,7 +234,7 @@ public class RecoverySession implements AutoCloseable { * @throws InternalRecoveryServiceException if an error occurs internal to the recovery service. */ @RequiresPermission(Manifest.permission.RECOVER_KEYSTORE) - public Map<String, Key> recoverKeyChainSnapshot( + @NonNull public Map<String, Key> recoverKeyChainSnapshot( @NonNull byte[] recoveryKeyBlob, @NonNull List<WrappedApplicationKey> applicationKeys ) throws SessionExpiredException, DecryptionFailedException, InternalRecoveryServiceException { @@ -257,7 +257,7 @@ public class RecoverySession implements AutoCloseable { } /** Given a map from alias to grant alias, returns a map from alias to a {@link Key} handle. */ - private Map<String, Key> getKeysFromGrants(Map<String, String> grantAliases) + private @NonNull Map<String, Key> getKeysFromGrants(Map<String, String> grantAliases) throws InternalRecoveryServiceException { ArrayMap<String, Key> keysByAlias = new ArrayMap<>(grantAliases.size()); for (String alias : grantAliases.keySet()) { diff --git a/core/java/android/security/keystore/recovery/TrustedRootCertificates.java b/core/java/android/security/keystore/recovery/TrustedRootCertificates.java index a65b40f7b10c..383af424989c 100644 --- a/core/java/android/security/keystore/recovery/TrustedRootCertificates.java +++ b/core/java/android/security/keystore/recovery/TrustedRootCertificates.java @@ -18,6 +18,7 @@ package android.security.keystore.recovery; import static android.security.keystore.recovery.X509CertificateParsingUtils.decodeBase64Cert; +import android.annotation.NonNull; import android.util.ArrayMap; import java.security.cert.CertificateException; @@ -83,7 +84,7 @@ public final class TrustedRootCertificates { /** * Returns all available root certificates, keyed by alias. */ - public static Map<String, X509Certificate> getRootCertificates() { + public static @NonNull Map<String, X509Certificate> getRootCertificates() { return new ArrayMap(ALL_ROOT_CERTIFICATES); } @@ -93,7 +94,7 @@ public final class TrustedRootCertificates { * @param alias the alias of the certificate * @return the certificate referenced by the alias, or null if such a certificate doesn't exist. */ - public static X509Certificate getRootCertificate(String alias) { + public static @NonNull X509Certificate getRootCertificate(String alias) { return ALL_ROOT_CERTIFICATES.get(alias); } |