AttestedKeyPair: Address API review comments
Make AttestedKeyPair c'tor accept a List<Certificate> rather than
Certificate[] to match the getter method on this class.
To make it easier to use this class from other framework code I've
re-instantiated the c'tor with a certificate array which will
convert the array to a list.
Bug: 139092002
Test: cts-tradefed run commandAndExit cts-dev -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.MixedDeviceOwnerTest#testKeyManagement
Change-Id: Ie80dcb28f112efa89d3cc6fdceb1b9e5e26c58b1
diff --git a/api/current.txt b/api/current.txt
index e765013..df73089 100644
--- a/api/current.txt
+++ b/api/current.txt
@@ -40629,7 +40629,7 @@
package android.security {
public final class AttestedKeyPair {
- ctor public AttestedKeyPair(@Nullable java.security.KeyPair, @Nullable java.security.cert.Certificate[]);
+ ctor public AttestedKeyPair(@Nullable java.security.KeyPair, @NonNull java.util.List<java.security.cert.Certificate>);
method @NonNull public java.util.List<java.security.cert.Certificate> getAttestationRecord();
method @Nullable public java.security.KeyPair getKeyPair();
}
diff --git a/keystore/java/android/security/AttestedKeyPair.java b/keystore/java/android/security/AttestedKeyPair.java
index 2debfee..19fbdac 100644
--- a/keystore/java/android/security/AttestedKeyPair.java
+++ b/keystore/java/android/security/AttestedKeyPair.java
@@ -23,6 +23,7 @@
import java.security.cert.Certificate;
import java.util.ArrayList;
import java.util.Arrays;
+import java.util.Collections;
import java.util.List;
/**
@@ -36,7 +37,7 @@
public final class AttestedKeyPair {
private final KeyPair mKeyPair;
- private final Certificate[] mAttestationRecord;
+ private final List<Certificate> mAttestationRecord;
/**
* Public constructor for creating a new instance (useful for testing).
@@ -44,12 +45,25 @@
* @param keyPair the key pair associated with the attestation record.
* @param attestationRecord attestation record for the provided key pair.
*/
- public AttestedKeyPair(@Nullable KeyPair keyPair, @Nullable Certificate[] attestationRecord) {
+ public AttestedKeyPair(
+ @Nullable KeyPair keyPair, @NonNull List<Certificate> attestationRecord) {
mKeyPair = keyPair;
mAttestationRecord = attestationRecord;
}
/**
+ * @hide used by platform.
+ */
+ public AttestedKeyPair(@Nullable KeyPair keyPair, @Nullable Certificate[] attestationRecord) {
+ mKeyPair = keyPair;
+ if (attestationRecord == null) {
+ mAttestationRecord = new ArrayList();
+ } else {
+ mAttestationRecord = Arrays.asList(attestationRecord);
+ }
+ }
+
+ /**
* Returns the generated key pair associated with the attestation record
* in this instance.
*/
@@ -73,9 +87,6 @@
* Key Attestation</a> for the format of the attestation record inside the certificate.
*/
public @NonNull List<Certificate> getAttestationRecord() {
- if (mAttestationRecord == null) {
- return new ArrayList();
- }
- return Arrays.asList(mAttestationRecord);
+ return Collections.unmodifiableList(mAttestationRecord);
}
}