Clean up exception usage in LockSettingsService (part 2)
Replace RuntimeException which cannot propagate across binder
to binder-compatible IllegalStateException/IllegalArgumentException
Bug: 128831839
Test: atest frameworks/base/services/tests/servicestests/src/com/android/server/locksettings
Change-Id: I2e88997acb27a7b97eafa7a7de441ac641544ddd
diff --git a/services/core/java/com/android/server/locksettings/LockSettingsService.java b/services/core/java/com/android/server/locksettings/LockSettingsService.java
index 00d39e2..ebe5a1d 100644
--- a/services/core/java/com/android/server/locksettings/LockSettingsService.java
+++ b/services/core/java/com/android/server/locksettings/LockSettingsService.java
@@ -1614,17 +1614,17 @@
} catch (CertificateException | UnrecoverableKeyException
| IOException | BadPaddingException | IllegalBlockSizeException | KeyStoreException
| NoSuchPaddingException | NoSuchAlgorithmException | InvalidKeyException e) {
- throw new RuntimeException("Failed to encrypt key", e);
+ throw new IllegalStateException("Failed to encrypt key", e);
}
ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
try {
if (iv.length != PROFILE_KEY_IV_SIZE) {
- throw new RuntimeException("Invalid iv length: " + iv.length);
+ throw new IllegalArgumentException("Invalid iv length: " + iv.length);
}
outputStream.write(iv);
outputStream.write(encryptionResult);
} catch (IOException e) {
- throw new RuntimeException("Failed to concatenate byte arrays", e);
+ throw new IllegalStateException("Failed to concatenate byte arrays", e);
}
mStorage.writeChildProfileLock(userId, outputStream.toByteArray());
}
@@ -1692,7 +1692,7 @@
digest.update(credential);
return digest.digest();
} catch (NoSuchAlgorithmException e) {
- throw new RuntimeException("NoSuchAlgorithmException for SHA-512");
+ throw new IllegalStateException("NoSuchAlgorithmException for SHA-512");
}
}
diff --git a/services/core/java/com/android/server/locksettings/LockSettingsStorage.java b/services/core/java/com/android/server/locksettings/LockSettingsStorage.java
index 29b8aa2..ba2ebc8 100644
--- a/services/core/java/com/android/server/locksettings/LockSettingsStorage.java
+++ b/services/core/java/com/android/server/locksettings/LockSettingsStorage.java
@@ -140,7 +140,7 @@
dos.close();
return os.toByteArray();
} catch (IOException e) {
- throw new RuntimeException(e);
+ throw new IllegalStateException("Fail to serialze credential hash", e);
}
}
@@ -157,7 +157,7 @@
}
return new CredentialHash(hash, type);
} catch (IOException e) {
- throw new RuntimeException(e);
+ throw new IllegalStateException("Fail to deserialze credential hash", e);
}
}
}
@@ -666,7 +666,7 @@
dos.writeInt(qualityForUi);
dos.write(payload);
} catch (IOException e) {
- throw new RuntimeException("ByteArrayOutputStream cannot throw IOException");
+ throw new IllegalStateException("ByteArrayOutputStream cannot throw IOException");
}
return os.toByteArray();
}
diff --git a/services/core/java/com/android/server/locksettings/PasswordSlotManager.java b/services/core/java/com/android/server/locksettings/PasswordSlotManager.java
index 4ef63c0..17aca15 100644
--- a/services/core/java/com/android/server/locksettings/PasswordSlotManager.java
+++ b/services/core/java/com/android/server/locksettings/PasswordSlotManager.java
@@ -109,7 +109,7 @@
public void markSlotInUse(int slot) throws RuntimeException {
ensureSlotMapLoaded();
if (mSlotMap.containsKey(slot) && !mSlotMap.get(slot).equals(getMode())) {
- throw new RuntimeException("password slot " + slot + " is not available");
+ throw new IllegalStateException("password slot " + slot + " is not available");
}
mSlotMap.put(slot, getMode());
saveSlotMap();
@@ -123,7 +123,7 @@
public void markSlotDeleted(int slot) throws RuntimeException {
ensureSlotMapLoaded();
if (mSlotMap.containsKey(slot) && !mSlotMap.get(slot).equals(getMode())) {
- throw new RuntimeException("password slot " + slot + " cannot be deleted");
+ throw new IllegalStateException("password slot " + slot + " cannot be deleted");
}
mSlotMap.remove(slot);
saveSlotMap();
diff --git a/services/core/java/com/android/server/locksettings/SyntheticPasswordCrypto.java b/services/core/java/com/android/server/locksettings/SyntheticPasswordCrypto.java
index 388e51f..ea0fb47 100644
--- a/services/core/java/com/android/server/locksettings/SyntheticPasswordCrypto.java
+++ b/services/core/java/com/android/server/locksettings/SyntheticPasswordCrypto.java
@@ -18,6 +18,7 @@
import android.security.keystore.KeyProperties;
import android.security.keystore.KeyProtection;
+import android.util.Slog;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
@@ -43,6 +44,7 @@
import javax.crypto.spec.SecretKeySpec;
public class SyntheticPasswordCrypto {
+ private static final String TAG = "SyntheticPasswordCrypto";
private static final int PROFILE_KEY_IV_SIZE = 12;
private static final int DEFAULT_TAG_LENGTH_BITS = 128;
private static final int AES_KEY_LENGTH = 32; // 256-bit AES key
@@ -80,12 +82,12 @@
byte[] ciphertext = cipher.doFinal(blob);
byte[] iv = cipher.getIV();
if (iv.length != PROFILE_KEY_IV_SIZE) {
- throw new RuntimeException("Invalid iv length: " + iv.length);
+ throw new IllegalArgumentException("Invalid iv length: " + iv.length);
}
final GCMParameterSpec spec = cipher.getParameters().getParameterSpec(
GCMParameterSpec.class);
if (spec.getTLen() != DEFAULT_TAG_LENGTH_BITS) {
- throw new RuntimeException("Invalid tag length: " + spec.getTLen());
+ throw new IllegalArgumentException("Invalid tag length: " + spec.getTLen());
}
ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
outputStream.write(iv);
@@ -102,7 +104,7 @@
} catch (InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException
| IllegalBlockSizeException | BadPaddingException | IOException
| InvalidParameterSpecException e) {
- e.printStackTrace();
+ Slog.e(TAG, "Failed to encrypt", e);
return null;
}
}
@@ -116,7 +118,7 @@
} catch (InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException
| IllegalBlockSizeException | BadPaddingException
| InvalidAlgorithmParameterException e) {
- e.printStackTrace();
+ Slog.e(TAG, "Failed to decrypt", e);
return null;
}
}
@@ -130,8 +132,8 @@
byte[] intermediate = decrypt(applicationId, APPLICATION_ID_PERSONALIZATION, blob);
return decrypt(decryptionKey, intermediate);
} catch (Exception e) {
- e.printStackTrace();
- throw new RuntimeException("Failed to decrypt blob", e);
+ Slog.e(TAG, "Failed to decrypt V1 blob", e);
+ throw new IllegalStateException("Failed to decrypt blob", e);
}
}
@@ -148,8 +150,8 @@
| KeyStoreException | NoSuchPaddingException | NoSuchAlgorithmException
| InvalidKeyException | UnrecoverableKeyException
| InvalidAlgorithmParameterException e) {
- e.printStackTrace();
- throw new RuntimeException("Failed to decrypt blob", e);
+ Slog.e(TAG, "Failed to decrypt blob", e);
+ throw new IllegalStateException("Failed to decrypt blob", e);
}
}
@@ -180,8 +182,8 @@
| KeyStoreException | NoSuchPaddingException | NoSuchAlgorithmException
| InvalidKeyException
| InvalidParameterSpecException e) {
- e.printStackTrace();
- throw new RuntimeException("Failed to encrypt blob", e);
+ Slog.e(TAG, "Failed to create blob", e);
+ throw new IllegalStateException("Failed to encrypt blob", e);
}
}
@@ -193,7 +195,7 @@
keyStore.deleteEntry(keyAlias);
} catch (KeyStoreException | NoSuchAlgorithmException | CertificateException
| IOException e) {
- e.printStackTrace();
+ Slog.e(TAG, "Failed to destroy blob", e);
}
}
@@ -202,7 +204,7 @@
final int PADDING_LENGTH = 128;
MessageDigest digest = MessageDigest.getInstance("SHA-512");
if (personalisation.length > PADDING_LENGTH) {
- throw new RuntimeException("Personalisation too long");
+ throw new IllegalArgumentException("Personalisation too long");
}
// Personalize the hash
// Pad it to the block size of the hash function
@@ -213,7 +215,7 @@
}
return digest.digest();
} catch (NoSuchAlgorithmException e) {
- throw new RuntimeException("NoSuchAlgorithmException for SHA-512", e);
+ throw new IllegalStateException("NoSuchAlgorithmException for SHA-512", e);
}
}
}
diff --git a/services/core/java/com/android/server/locksettings/SyntheticPasswordManager.java b/services/core/java/com/android/server/locksettings/SyntheticPasswordManager.java
index 9bf9ca8..955a9aa 100644
--- a/services/core/java/com/android/server/locksettings/SyntheticPasswordManager.java
+++ b/services/core/java/com/android/server/locksettings/SyntheticPasswordManager.java
@@ -353,12 +353,12 @@
*/
private byte[] weaverEnroll(int slot, byte[] key, @Nullable byte[] value) {
if (slot == INVALID_WEAVER_SLOT || slot >= mWeaverConfig.slots) {
- throw new RuntimeException("Invalid slot for weaver");
+ throw new IllegalArgumentException("Invalid slot for weaver");
}
if (key == null) {
key = new byte[mWeaverConfig.keySize];
} else if (key.length != mWeaverConfig.keySize) {
- throw new RuntimeException("Invalid key size for weaver");
+ throw new IllegalArgumentException("Invalid key size for weaver");
}
if (value == null) {
value = secureRandom(mWeaverConfig.valueSize);
@@ -383,12 +383,12 @@
*/
private VerifyCredentialResponse weaverVerify(int slot, byte[] key) {
if (slot == INVALID_WEAVER_SLOT || slot >= mWeaverConfig.slots) {
- throw new RuntimeException("Invalid slot for weaver");
+ throw new IllegalArgumentException("Invalid slot for weaver");
}
if (key == null) {
key = new byte[mWeaverConfig.keySize];
} else if (key.length != mWeaverConfig.keySize) {
- throw new RuntimeException("Invalid key size for weaver");
+ throw new IllegalArgumentException("Invalid key size for weaver");
}
final VerifyCredentialResponse[] response = new VerifyCredentialResponse[1];
try {
@@ -620,7 +620,7 @@
return i;
}
}
- throw new RuntimeException("Run out of weaver slots.");
+ throw new IllegalStateException("Run out of weaver slots.");
}
/**
@@ -1029,10 +1029,10 @@
if (version != SYNTHETIC_PASSWORD_VERSION_V3
&& version != SYNTHETIC_PASSWORD_VERSION_V2
&& version != SYNTHETIC_PASSWORD_VERSION_V1) {
- throw new RuntimeException("Unknown blob version");
+ throw new IllegalArgumentException("Unknown blob version");
}
if (blob[1] != type) {
- throw new RuntimeException("Invalid blob type");
+ throw new IllegalArgumentException("Invalid blob type");
}
final byte[] secret;
if (version == SYNTHETIC_PASSWORD_VERSION_V1) {
@@ -1237,7 +1237,7 @@
private byte[] passwordTokenToWeaverKey(byte[] token) {
byte[] key = SyntheticPasswordCrypto.personalisedHash(PERSONALISATION_WEAVER_KEY, token);
if (key.length < mWeaverConfig.keySize) {
- throw new RuntimeException("weaver key length too small");
+ throw new IllegalArgumentException("weaver key length too small");
}
return Arrays.copyOf(key, mWeaverConfig.keySize);
}