Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / frameworks / base / 50bc7e42d73c9ca8d77dcd538619c6d6eeaf6dea^! / .
commit50bc7e42d73c9ca8d77dcd538619c6d6eeaf6dea[log] [tgz]
authorDmitry Dementyev <dementyev@google.com>Fri Mar 30 20:18:22 2018 -0700
committerDmitry Dementyev <dementyev@google.com>Sat Mar 31 00:49:23 2018 -0700
tree474ede5c331738ae12816ab16dc5d6b4d8bd515b
parent9cbf27af129a37d97be7361b0c4d529330cff8f9 [diff]
Throw invalid cert exception when deprecated initRecoveryService method
is used.

Throw unsupported operation exception when older version of RecoveryController is used.

Bug: 77293264
Test: atest RecoveryControllerHostTest
Change-Id: I0003104a4305444fac0092f4f6929545cf7c9413

diff --git a/core/java/android/security/keystore/RecoveryController.java b/core/java/android/security/keystore/RecoveryController.java
index 741af12..ca67e35b 100644
--- a/core/java/android/security/keystore/RecoveryController.java
+++ b/core/java/android/security/keystore/RecoveryController.java

@@ -21,7 +21,6 @@
 import android.app.PendingIntent;
 import android.content.pm.PackageManager.NameNotFoundException;
 import android.os.RemoteException;
-import android.os.ServiceManager;
 import android.os.ServiceSpecificException;
 import android.util.Log;
 
@@ -99,12 +98,11 @@
     }
 
     /**
+     * Deprecated.
      * Gets a new instance of the class.
      */
     public static RecoveryController getInstance() {
-        ILockSettings lockSettings =
-                ILockSettings.Stub.asInterface(ServiceManager.getService("lock_settings"));
-        return new RecoveryController(lockSettings);
+        throw new UnsupportedOperationException("using Deprecated RecoveryController version");
     }
 
     /**
@@ -128,16 +126,8 @@
     public void initRecoveryService(
             @NonNull String rootCertificateAlias, @NonNull byte[] signedPublicKeyList)
             throws BadCertificateFormatException, InternalRecoveryServiceException {
-        try {
-            mBinder.initRecoveryService(rootCertificateAlias, signedPublicKeyList);
-        } catch (RemoteException e) {
-            throw e.rethrowFromSystemServer();
-        } catch (ServiceSpecificException e) {
-            if (e.errorCode == ERROR_BAD_CERTIFICATE_FORMAT) {
-                throw new BadCertificateFormatException(e.getMessage());
-            }
-            throw wrapUnexpectedServiceSpecificException(e);
-        }
+        throw new UnsupportedOperationException("Deprecated initRecoveryService method called");
+
     }
 
     /**

diff --git a/core/java/android/security/keystore/recovery/RecoveryController.java b/core/java/android/security/keystore/recovery/RecoveryController.java
index 281822a..ab3ed91 100644
--- a/core/java/android/security/keystore/recovery/RecoveryController.java
+++ b/core/java/android/security/keystore/recovery/RecoveryController.java

@@ -285,17 +285,7 @@
     public void initRecoveryService(
             @NonNull String rootCertificateAlias, @NonNull byte[] signedPublicKeyList)
             throws CertificateException, InternalRecoveryServiceException {
-        try {
-            mBinder.initRecoveryService(rootCertificateAlias, signedPublicKeyList);
-        } catch (RemoteException e) {
-            throw e.rethrowFromSystemServer();
-        } catch (ServiceSpecificException e) {
-            if (e.errorCode == ERROR_BAD_CERTIFICATE_FORMAT
-                    || e.errorCode == ERROR_INVALID_CERTIFICATE) {
-                throw new CertificateException("Invalid certificate for recovery service", e);
-            }
-            throw wrapUnexpectedServiceSpecificException(e);
-        }
+        throw new CertificateException("Deprecated initRecoveryService method called");
     }
 
     /**