commit 6612c09d19520d0fe719bbe850bd3b5c43876da4
author Max Bires <jbires@google.com> Thu Feb 13 13:38:41 2025 -0800
committer Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> Thu Feb 13 13:38:41 2025 -0800
tree 530bec4b247a57f8ffad951e66881946e0e21283
parent 428d07094839eea67e2ca36a40fb093c3b131d30
parent a1870a4f1fff640f5e942d1b9a7e2fc6c51f920d

Merge "Delete unused method." into main am: a1870a4f1f

Original change: https://android-review.googlesource.com/c/platform/frameworks/base/+/3494590

Change-Id: If902a459038675cdb2996c8b9c5a9faca21dfb9f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>

keystore/java/android/security/keystore2/KeymasterUtils.java

diff --git a/keystore/java/android/security/keystore2/KeymasterUtils.java b/keystore/java/android/security/keystore2/KeymasterUtils.java
index 14ac532..02f3f57 100644
--- a/keystore/java/android/security/keystore2/KeymasterUtils.java
+++ b/keystore/java/android/security/keystore2/KeymasterUtils.java
@@ -16,13 +16,10 @@
 
 package android.security.keystore2;
 
-import android.security.keymaster.KeymasterArguments;
 import android.security.keymaster.KeymasterDefs;
-import android.security.keystore.KeyProperties;
 
 import java.security.AlgorithmParameters;
 import java.security.NoSuchAlgorithmException;
-import java.security.ProviderException;
 import java.security.spec.ECGenParameterSpec;
 import java.security.spec.ECParameterSpec;
 import java.security.spec.InvalidParameterSpecException;
@@ -86,47 +83,6 @@
         }
     }
 
-    /**
-     * Adds {@code KM_TAG_MIN_MAC_LENGTH} tag, if necessary, to the keymaster arguments for
-     * generating or importing a key. This tag may only be needed for symmetric keys (e.g., HMAC,
-     * AES-GCM).
-     */
-    public static void addMinMacLengthAuthorizationIfNecessary(KeymasterArguments args,
-            int keymasterAlgorithm,
-            int[] keymasterBlockModes,
-            int[] keymasterDigests) {
-        switch (keymasterAlgorithm) {
-            case KeymasterDefs.KM_ALGORITHM_AES:
-                if (com.android.internal.util.ArrayUtils.contains(
-                        keymasterBlockModes, KeymasterDefs.KM_MODE_GCM)) {
-                    // AES GCM key needs the minimum length of AEAD tag specified.
-                    args.addUnsignedInt(KeymasterDefs.KM_TAG_MIN_MAC_LENGTH,
-                            AndroidKeyStoreAuthenticatedAESCipherSpi.GCM
-                                    .MIN_SUPPORTED_TAG_LENGTH_BITS);
-                }
-                break;
-            case KeymasterDefs.KM_ALGORITHM_HMAC:
-                // HMAC key needs the minimum length of MAC set to the output size of the associated
-                // digest. This is because we do not offer a way to generate shorter MACs and
-                // don't offer a way to verify MACs (other than by generating them).
-                if (keymasterDigests.length != 1) {
-                    throw new ProviderException(
-                            "Unsupported number of authorized digests for HMAC key: "
-                                    + keymasterDigests.length
-                                    + ". Exactly one digest must be authorized");
-                }
-                int keymasterDigest = keymasterDigests[0];
-                int digestOutputSizeBits = getDigestOutputSizeBits(keymasterDigest);
-                if (digestOutputSizeBits == -1) {
-                    throw new ProviderException(
-                            "HMAC key authorized for unsupported digest: "
-                                    + KeyProperties.Digest.fromKeymaster(keymasterDigest));
-                }
-                args.addUnsignedInt(KeymasterDefs.KM_TAG_MIN_MAC_LENGTH, digestOutputSizeBits);
-                break;
-        }
-    }
-
     static String getEcCurveFromKeymaster(int ecCurve) {
         switch (ecCurve) {
             case android.hardware.security.keymint.EcCurve.P_224: