Revert "Update docs to match encryption requirements"
This reverts commit cebb55ea9d98dc7ba93eed520b874ac24ff96800.
Reason for revert: broke docs builds
Change-Id: I3a4b8d274141efec90fae2ed0b9324194288c635
diff --git a/core/java/android/app/backup/BackupAgent.java b/core/java/android/app/backup/BackupAgent.java
index 39b9181..d1c957b 100644
--- a/core/java/android/app/backup/BackupAgent.java
+++ b/core/java/android/app/backup/BackupAgent.java
@@ -148,17 +148,10 @@
* Flag for {@link BackupDataOutput#getTransportFlags()} and
* {@link FullBackupDataOutput#getTransportFlags()} only.
*
- * <p>The transport has client-side encryption enabled. i.e., the user's backup is encrypted
- * with a key known only to the device, and not to the remote storage solution where the backup
- * data is stored. The key may be synced to a remote trusted hardware module if it has
- * protections equivalent to those described in the
- * <a href="https://developer.android.com/preview/features/security/ckv-whitepaper.html">Google
- * Cloud Key Vault Service whitepaper</a>. Having direct access to the trusted hardware module
- * must be insufficient to decrypt the user's backup data.
- *
- * <p>The backup data itself must be encrypted using an AES/GCM/NoPadding cipher. The key
- * material must be randomly generated using {@link java.security.SecureRandom}, and must have
- * at least 256 bits of entropy.
+ * <p>The transport has client-side encryption enabled. i.e., the user's backup has been
+ * encrypted with a key known only to the device, and not to the remote storage solution. Even
+ * if an attacker had root access to the remote storage provider they should not be able to
+ * decrypt the user's backup data.
*/
public static final int FLAG_CLIENT_SIDE_ENCRYPTION_ENABLED = 1;
diff --git a/core/java/android/app/backup/BackupDataOutput.java b/core/java/android/app/backup/BackupDataOutput.java
index 4f90cf7..5a66f34 100644
--- a/core/java/android/app/backup/BackupDataOutput.java
+++ b/core/java/android/app/backup/BackupDataOutput.java
@@ -107,12 +107,8 @@
/**
* Returns flags with additional information about the backup transport. For supported flags see
- * {@link android.app.backup.BackupAgent}.
+ * {@link android.app.backup.BackupAgent}
*
- * <p>Returns the same flags that {@link BackupTransport#getTransportFlags()} returns.
- *
- * @see BackupAgent#FLAG_CLIENT_SIDE_ENCRYPTION_ENABLED
- * @see BackupAgent#FLAG_DEVICE_TO_DEVICE_TRANSFER
* @see FullBackupDataOutput#getTransportFlags()
*/
public int getTransportFlags() {
diff --git a/core/java/android/app/backup/FullBackupDataOutput.java b/core/java/android/app/backup/FullBackupDataOutput.java
index f1d9dc6..18f4283 100644
--- a/core/java/android/app/backup/FullBackupDataOutput.java
+++ b/core/java/android/app/backup/FullBackupDataOutput.java
@@ -26,12 +26,8 @@
/**
* Returns flags with additional information about the backup transport. For supported flags see
- * {@link android.app.backup.BackupAgent}.
+ * {@link android.app.backup.BackupAgent}
*
- * <p>Returns the same flags that {@link BackupTransport#getTransportFlags()} returns.
- *
- * @see BackupAgent#FLAG_CLIENT_SIDE_ENCRYPTION_ENABLED
- * @see BackupAgent#FLAG_DEVICE_TO_DEVICE_TRANSFER
* @see BackupDataOutput#getTransportFlags()
*/
public int getTransportFlags() {