Gitiles
Code Review Sign In
gerrit.omnirom.org / android_frameworks_base / cc80ef8ca7a0f5bb554cdb9c070ffa90b2bd0f6e^1..cc80ef8ca7a0f5bb554cdb9c070ffa90b2bd0f6e / .
commitcc80ef8ca7a0f5bb554cdb9c070ffa90b2bd0f6e[log] [tgz]
authorEric Biggers <ebiggers@google.com>Thu Mar 21 18:56:59 2024 +0000
committerGerrit Code Review <noreply-gerritcodereview@google.com>Thu Mar 21 18:56:59 2024 +0000
tree943dd30afea223dd24c8a976c0b268f81491759e
parent5321c282e56184dddc0f29706e2a6eae814e5605 [diff]
parenteed080bd2d7cce48c97a83880eb778227500778b [diff]
Merge "Remove the obsolete field android.security.KeyStore.NO_ERROR" into main
diff --git a/keystore/java/android/security/KeyStore.java b/keystore/java/android/security/KeyStore.java
index f105072..2cac2e1 100644
--- a/keystore/java/android/security/KeyStore.java
+++ b/keystore/java/android/security/KeyStore.java

@@ -17,7 +17,6 @@
 package android.security;
 
 import android.compat.annotation.UnsupportedAppUsage;
-import android.os.Build;
 import android.os.StrictMode;
 
 /**
@@ -30,10 +29,6 @@
  */
 public class KeyStore {
 
-    // ResponseCodes - see system/security/keystore/include/keystore/keystore.h
-    @UnsupportedAppUsage(maxTargetSdk = Build.VERSION_CODES.R, trackingBug = 170729553)
-    public static final int NO_ERROR = 1;
-
     // Used for UID field to indicate the calling UID.
     public static final int UID_SELF = -1;
 
@@ -48,8 +43,8 @@
      * Add an authentication record to the keystore authorization table.
      *
      * @param authToken The packed bytes of a hw_auth_token_t to be provided to keymaster.
-     * @return {@code KeyStore.NO_ERROR} on success, otherwise an error value corresponding to
-     * a {@code KeymasterDefs.KM_ERROR_} value or {@code KeyStore} ResponseCode.
+     * @return 0 on success, otherwise an error value corresponding to a
+     * {@code KeymasterDefs.KM_ERROR_} value or {@code KeyStore} ResponseCode.
      */
     public int addAuthToken(byte[] authToken) {
         StrictMode.noteDiskWrite();

diff --git a/keystore/java/android/security/keystore2/AndroidKeyStoreCipherSpiBase.java b/keystore/java/android/security/keystore2/AndroidKeyStoreCipherSpiBase.java
index 101a10e..3f39eeb 100644
--- a/keystore/java/android/security/keystore2/AndroidKeyStoreCipherSpiBase.java
+++ b/keystore/java/android/security/keystore2/AndroidKeyStoreCipherSpiBase.java

@@ -359,14 +359,12 @@
         } catch (KeyStoreException keyStoreException) {
             GeneralSecurityException e = KeyStoreCryptoOperationUtils.getExceptionForCipherInit(
                     mKey, keyStoreException);
-            if (e != null) {
-                if (e instanceof InvalidKeyException) {
-                    throw (InvalidKeyException) e;
-                } else if (e instanceof InvalidAlgorithmParameterException) {
-                    throw (InvalidAlgorithmParameterException) e;
-                } else {
-                    throw new ProviderException("Unexpected exception type", e);
-                }
+            if (e instanceof InvalidKeyException) {
+                throw (InvalidKeyException) e;
+            } else if (e instanceof InvalidAlgorithmParameterException) {
+                throw (InvalidAlgorithmParameterException) e;
+            } else {
+                throw new ProviderException("Unexpected exception type", e);
             }
         }
 

diff --git a/keystore/java/android/security/keystore2/KeyStoreCryptoOperationUtils.java b/keystore/java/android/security/keystore2/KeyStoreCryptoOperationUtils.java
index 372e4cb..9b82206 100644
--- a/keystore/java/android/security/keystore2/KeyStoreCryptoOperationUtils.java
+++ b/keystore/java/android/security/keystore2/KeyStoreCryptoOperationUtils.java

@@ -20,7 +20,6 @@
 import android.hardware.biometrics.BiometricManager;
 import android.hardware.security.keymint.ErrorCode;
 import android.security.GateKeeper;
-import android.security.KeyStore;
 import android.security.KeyStoreException;
 import android.security.KeyStoreOperation;
 import android.security.keymaster.KeymasterDefs;
@@ -131,15 +130,10 @@
 
     /**
      * Returns the exception to be thrown by the {@code Cipher.init} method of the crypto operation
-     * in response to {@code KeyStore.begin} operation or {@code null} if the {@code init} method
-     * should succeed.
+     * in response to a failed {code IKeystoreSecurityLevel#createOperation()}.
      */
     public static GeneralSecurityException getExceptionForCipherInit(
             AndroidKeyStoreKey key, KeyStoreException e) {
-        if (e.getErrorCode() == KeyStore.NO_ERROR) {
-            return null;
-        }
-
         // Cipher-specific cases
         switch (e.getErrorCode()) {
             case KeymasterDefs.KM_ERROR_INVALID_NONCE:

diff --git a/services/core/java/com/android/server/biometrics/sensors/AuthenticationClient.java b/services/core/java/com/android/server/biometrics/sensors/AuthenticationClient.java
index f9568ea..6eba23f 100644
--- a/services/core/java/com/android/server/biometrics/sensors/AuthenticationClient.java
+++ b/services/core/java/com/android/server/biometrics/sensors/AuthenticationClient.java

@@ -256,10 +256,10 @@
             // For BP, BiometricService will add the authToken to Keystore.
             if (!isBiometricPrompt() && mIsStrongBiometric) {
                 final int result = KeyStore.getInstance().addAuthToken(byteToken);
-                if (result != KeyStore.NO_ERROR) {
+                if (result != 0) {
                     Slog.d(TAG, "Error adding auth token : " + result);
                 } else {
-                    Slog.d(TAG, "addAuthToken: " + result);
+                    Slog.d(TAG, "addAuthToken succeeded");
                 }
             } else {
                 Slog.d(TAG, "Skipping addAuthToken");