Merge "Handle unparsable public keys" am: b43409fbfc am: a34428066a am: 7650484e3d
Original change: https://android-review.googlesource.com/c/platform/frameworks/base/+/2373248
Change-Id: I82254f6576b4a1bcfc4624ae6039137644094cfe
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
diff --git a/keystore/java/android/security/keystore2/AndroidKeyStoreProvider.java b/keystore/java/android/security/keystore2/AndroidKeyStoreProvider.java
index 9947d34..c55a781 100644
--- a/keystore/java/android/security/keystore2/AndroidKeyStoreProvider.java
+++ b/keystore/java/android/security/keystore2/AndroidKeyStoreProvider.java
@@ -38,6 +38,7 @@
import java.security.Security;
import java.security.Signature;
import java.security.UnrecoverableKeyException;
+import java.security.cert.X509Certificate;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.RSAPublicKey;
@@ -221,7 +222,14 @@
}
final byte[] x509PublicCert = metadata.certificate;
- PublicKey publicKey = AndroidKeyStoreSpi.toCertificate(x509PublicCert).getPublicKey();
+ final X509Certificate parsedX509Certificate =
+ AndroidKeyStoreSpi.toCertificate(x509PublicCert);
+ if (parsedX509Certificate == null) {
+ throw new UnrecoverableKeyException("Failed to parse the X.509 certificate containing"
+ + " the public key. This likely indicates a hardware problem.");
+ }
+
+ PublicKey publicKey = parsedX509Certificate.getPublicKey();
String jcaKeyAlgorithm = publicKey.getAlgorithm();