1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
|
/*
* Copyright (C) 2017 The Android Open Source Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package android.security.keystore;
import android.annotation.NonNull;
import android.annotation.Nullable;
import android.app.PendingIntent;
import android.content.pm.PackageManager.NameNotFoundException;
import android.os.RemoteException;
import android.os.ServiceSpecificException;
import android.util.Log;
import com.android.internal.widget.ILockSettings;
import java.util.List;
import java.util.Map;
/**
* @deprecated Use {@link android.security.keystore.recovery.RecoveryController}.
* @hide
*/
public class RecoveryController {
private static final String TAG = "RecoveryController";
/** Key has been successfully synced. */
public static final int RECOVERY_STATUS_SYNCED = 0;
/** Waiting for recovery agent to sync the key. */
public static final int RECOVERY_STATUS_SYNC_IN_PROGRESS = 1;
/** Recovery account is not available. */
public static final int RECOVERY_STATUS_MISSING_ACCOUNT = 2;
/** Key cannot be synced. */
public static final int RECOVERY_STATUS_PERMANENT_FAILURE = 3;
/**
* Failed because no snapshot is yet pending to be synced for the user.
*
* @hide
*/
public static final int ERROR_NO_SNAPSHOT_PENDING = 21;
/**
* Failed due to an error internal to the recovery service. This is unexpected and indicates
* either a problem with the logic in the service, or a problem with a dependency of the
* service (such as AndroidKeyStore).
*
* @hide
*/
public static final int ERROR_SERVICE_INTERNAL_ERROR = 22;
/**
* Failed because the user does not have a lock screen set.
*
* @hide
*/
public static final int ERROR_INSECURE_USER = 23;
/**
* Error thrown when attempting to use a recovery session that has since been closed.
*
* @hide
*/
public static final int ERROR_SESSION_EXPIRED = 24;
/**
* Failed because the provided certificate was not a valid X509 certificate.
*
* @hide
*/
public static final int ERROR_BAD_CERTIFICATE_FORMAT = 25;
/**
* Error thrown if decryption failed. This might be because the tag is wrong, the key is wrong,
* the data has become corrupted, the data has been tampered with, etc.
*
* @hide
*/
public static final int ERROR_DECRYPTION_FAILED = 26;
private final ILockSettings mBinder;
private RecoveryController(ILockSettings binder) {
mBinder = binder;
}
/**
* Deprecated.
* Gets a new instance of the class.
*/
public static RecoveryController getInstance() {
throw new UnsupportedOperationException("using Deprecated RecoveryController version");
}
/**
* Initializes key recovery service for the calling application. RecoveryController
* randomly chooses one of the keys from the list and keeps it to use for future key export
* operations. Collection of all keys in the list must be signed by the provided {@code
* rootCertificateAlias}, which must also be present in the list of root certificates
* preinstalled on the device. The random selection allows RecoveryController to select
* which of a set of remote recovery service devices will be used.
*
* <p>In addition, RecoveryController enforces a delay of three months between
* consecutive initialization attempts, to limit the ability of an attacker to often switch
* remote recovery devices and significantly increase number of recovery attempts.
*
* @param rootCertificateAlias alias of a root certificate preinstalled on the device
* @param signedPublicKeyList binary blob a list of X509 certificates and signature
* @throws BadCertificateFormatException if the {@code signedPublicKeyList} is in a bad format.
* @throws InternalRecoveryServiceException if an unexpected error occurred in the recovery
* service.
*/
public void initRecoveryService(
@NonNull String rootCertificateAlias, @NonNull byte[] signedPublicKeyList)
throws BadCertificateFormatException, InternalRecoveryServiceException {
throw new UnsupportedOperationException("Deprecated initRecoveryService method called");
}
/**
* Returns data necessary to store all recoverable keys for given account. Key material is
* encrypted with user secret and recovery public key.
*
* @param account specific to Recovery agent.
* @return Data necessary to recover keystore.
* @throws InternalRecoveryServiceException if an unexpected error occurred in the recovery
* service.
*/
public @NonNull KeychainSnapshot getRecoveryData(@NonNull byte[] account)
throws InternalRecoveryServiceException {
try {
return BackwardsCompat.toLegacyKeychainSnapshot(mBinder.getKeyChainSnapshot());
} catch (RemoteException e) {
throw e.rethrowFromSystemServer();
} catch (ServiceSpecificException e) {
if (e.errorCode == ERROR_NO_SNAPSHOT_PENDING) {
return null;
}
throw wrapUnexpectedServiceSpecificException(e);
}
}
/**
* Sets a listener which notifies recovery agent that new recovery snapshot is available. {@link
* #getRecoveryData} can be used to get the snapshot. Note that every recovery agent can have at
* most one registered listener at any time.
*
* @param intent triggered when new snapshot is available. Unregisters listener if the value is
* {@code null}.
* @throws InternalRecoveryServiceException if an unexpected error occurred in the recovery
* service.
*/
public void setSnapshotCreatedPendingIntent(@Nullable PendingIntent intent)
throws InternalRecoveryServiceException {
try {
mBinder.setSnapshotCreatedPendingIntent(intent);
} catch (RemoteException e) {
throw e.rethrowFromSystemServer();
} catch (ServiceSpecificException e) {
throw wrapUnexpectedServiceSpecificException(e);
}
}
/**
* Returns a map from recovery agent accounts to corresponding KeyStore recovery snapshot
* version. Version zero is used, if no snapshots were created for the account.
*
* @return Map from recovery agent accounts to snapshot versions.
* @see KeychainSnapshot#getSnapshotVersion
* @throws InternalRecoveryServiceException if an unexpected error occurred in the recovery
* service.
*/
public @NonNull Map<byte[], Integer> getRecoverySnapshotVersions()
throws InternalRecoveryServiceException {
throw new UnsupportedOperationException();
}
/**
* Server parameters used to generate new recovery key blobs. This value will be included in
* {@code KeychainSnapshot.getEncryptedRecoveryKeyBlob()}. The same value must be included
* in vaultParams {@link #startRecoverySession}
*
* @param serverParams included in recovery key blob.
* @see #getRecoveryData
* @throws InternalRecoveryServiceException if an unexpected error occurred in the recovery
* service.
*/
public void setServerParams(byte[] serverParams) throws InternalRecoveryServiceException {
try {
mBinder.setServerParams(serverParams);
} catch (RemoteException e) {
throw e.rethrowFromSystemServer();
} catch (ServiceSpecificException e) {
throw wrapUnexpectedServiceSpecificException(e);
}
}
/**
* Updates recovery status for given keys. It is used to notify keystore that key was
* successfully stored on the server or there were an error. Application can check this value
* using {@code getRecoveyStatus}.
*
* @param packageName Application whose recoverable keys' statuses are to be updated.
* @param aliases List of application-specific key aliases. If the array is empty, updates the
* status for all existing recoverable keys.
* @param status Status specific to recovery agent.
* @throws InternalRecoveryServiceException if an unexpected error occurred in the recovery
* service.
*/
public void setRecoveryStatus(
@NonNull String packageName, @Nullable String[] aliases, int status)
throws NameNotFoundException, InternalRecoveryServiceException {
try {
for (String alias : aliases) {
mBinder.setRecoveryStatus(alias, status);
}
} catch (RemoteException e) {
throw e.rethrowFromSystemServer();
} catch (ServiceSpecificException e) {
throw wrapUnexpectedServiceSpecificException(e);
}
}
/**
* Returns a {@code Map} from Application's KeyStore key aliases to their recovery status.
* Negative status values are reserved for recovery agent specific codes. List of common codes:
*
* <ul>
* <li>{@link #RECOVERY_STATUS_SYNCED}
* <li>{@link #RECOVERY_STATUS_SYNC_IN_PROGRESS}
* <li>{@link #RECOVERY_STATUS_MISSING_ACCOUNT}
* <li>{@link #RECOVERY_STATUS_PERMANENT_FAILURE}
* </ul>
*
* @return {@code Map} from KeyStore alias to recovery status.
* @see #setRecoveryStatus
* @throws InternalRecoveryServiceException if an unexpected error occurred in the recovery
* service.
*/
public Map<String, Integer> getRecoveryStatus() throws InternalRecoveryServiceException {
try {
// IPC doesn't support generic Maps.
@SuppressWarnings("unchecked")
Map<String, Integer> result =
(Map<String, Integer>) mBinder.getRecoveryStatus();
return result;
} catch (RemoteException e) {
throw e.rethrowFromSystemServer();
} catch (ServiceSpecificException e) {
throw wrapUnexpectedServiceSpecificException(e);
}
}
/**
* Specifies a set of secret types used for end-to-end keystore encryption. Knowing all of them
* is necessary to recover data.
*
* @param secretTypes {@link KeychainProtectionParams#TYPE_LOCKSCREEN} or {@link
* KeychainProtectionParams#TYPE_CUSTOM_PASSWORD}
* @throws InternalRecoveryServiceException if an unexpected error occurred in the recovery
* service.
*/
public void setRecoverySecretTypes(
@NonNull @KeychainProtectionParams.UserSecretType int[] secretTypes)
throws InternalRecoveryServiceException {
try {
mBinder.setRecoverySecretTypes(secretTypes);
} catch (RemoteException e) {
throw e.rethrowFromSystemServer();
} catch (ServiceSpecificException e) {
throw wrapUnexpectedServiceSpecificException(e);
}
}
/**
* Defines a set of secret types used for end-to-end keystore encryption. Knowing all of them is
* necessary to generate KeychainSnapshot.
*
* @return list of recovery secret types
* @see KeychainSnapshot
* @throws InternalRecoveryServiceException if an unexpected error occurred in the recovery
* service.
*/
public @NonNull @KeychainProtectionParams.UserSecretType int[] getRecoverySecretTypes()
throws InternalRecoveryServiceException {
try {
return mBinder.getRecoverySecretTypes();
} catch (RemoteException e) {
throw e.rethrowFromSystemServer();
} catch (ServiceSpecificException e) {
throw wrapUnexpectedServiceSpecificException(e);
}
}
/**
* Returns a list of recovery secret types, necessary to create a pending recovery snapshot.
* When user enters a secret of a pending type {@link #recoverySecretAvailable} should be
* called.
*
* @return list of recovery secret types
* @throws InternalRecoveryServiceException if an unexpected error occurred in the recovery
* service.
*/
@NonNull
public @KeychainProtectionParams.UserSecretType int[] getPendingRecoverySecretTypes()
throws InternalRecoveryServiceException {
throw new UnsupportedOperationException();
}
/**
* Initializes recovery session and returns a blob with proof of recovery secrets possession.
* The method generates symmetric key for a session, which trusted remote device can use to
* return recovery key.
*
* @param verifierPublicKey Encoded {@code java.security.cert.X509Certificate} with Public key
* used to create the recovery blob on the source device.
* Keystore will verify the certificate using root of trust.
* @param vaultParams Must match the parameters in the corresponding field in the recovery blob.
* Used to limit number of guesses.
* @param vaultChallenge Data passed from server for this recovery session and used to prevent
* replay attacks
* @param secrets Secrets provided by user, the method only uses type and secret fields.
* @return The recovery claim. Claim provides a b binary blob with recovery claim. It is
* encrypted with verifierPublicKey and contains a proof of user secrets, session symmetric
* key and parameters necessary to identify the counter with the number of failed recovery
* attempts.
* @throws BadCertificateFormatException if the {@code verifierPublicKey} is in an incorrect
* format.
* @throws InternalRecoveryServiceException if an unexpected error occurred in the recovery
* service.
*/
@NonNull public RecoveryClaim startRecoverySession(
@NonNull byte[] verifierPublicKey,
@NonNull byte[] vaultParams,
@NonNull byte[] vaultChallenge,
@NonNull List<KeychainProtectionParams> secrets)
throws BadCertificateFormatException, InternalRecoveryServiceException {
try {
RecoverySession recoverySession = RecoverySession.newInstance(this);
byte[] recoveryClaim =
mBinder.startRecoverySession(
recoverySession.getSessionId(),
verifierPublicKey,
vaultParams,
vaultChallenge,
BackwardsCompat.fromLegacyKeychainProtectionParams(secrets));
return new RecoveryClaim(recoverySession, recoveryClaim);
} catch (RemoteException e) {
throw e.rethrowFromSystemServer();
} catch (ServiceSpecificException e) {
if (e.errorCode == ERROR_BAD_CERTIFICATE_FORMAT) {
throw new BadCertificateFormatException(e.getMessage());
}
throw wrapUnexpectedServiceSpecificException(e);
}
}
/**
* Imports keys.
*
* @param session Related recovery session, as originally created by invoking
* {@link #startRecoverySession(byte[], byte[], byte[], List)}.
* @param recoveryKeyBlob Recovery blob encrypted by symmetric key generated for this session.
* @param applicationKeys Application keys. Key material can be decrypted using recoveryKeyBlob
* and session. KeyStore only uses package names from the application info in {@link
* WrappedApplicationKey}. Caller is responsibility to perform certificates check.
* @return Map from alias to raw key material.
* @throws SessionExpiredException if {@code session} has since been closed.
* @throws DecryptionFailedException if unable to decrypt the snapshot.
* @throws InternalRecoveryServiceException if an error occurs internal to the recovery service.
*/
public Map<String, byte[]> recoverKeys(
@NonNull RecoverySession session,
@NonNull byte[] recoveryKeyBlob,
@NonNull List<WrappedApplicationKey> applicationKeys)
throws SessionExpiredException, DecryptionFailedException,
InternalRecoveryServiceException {
try {
return (Map<String, byte[]>) mBinder.recoverKeys(
session.getSessionId(),
recoveryKeyBlob,
BackwardsCompat.fromLegacyWrappedApplicationKeys(applicationKeys));
} catch (RemoteException e) {
throw e.rethrowFromSystemServer();
} catch (ServiceSpecificException e) {
if (e.errorCode == ERROR_DECRYPTION_FAILED) {
throw new DecryptionFailedException(e.getMessage());
}
if (e.errorCode == ERROR_SESSION_EXPIRED) {
throw new SessionExpiredException(e.getMessage());
}
throw wrapUnexpectedServiceSpecificException(e);
}
}
/**
* Deletes all data associated with {@code session}. Should not be invoked directly but via
* {@link RecoverySession#close()}.
*
* @hide
*/
void closeSession(RecoverySession session) {
try {
mBinder.closeSession(session.getSessionId());
} catch (RemoteException | ServiceSpecificException e) {
Log.e(TAG, "Unexpected error trying to close session", e);
}
}
/**
* Generates a key called {@code alias} and loads it into the recoverable key store. Returns the
* raw material of the key.
*
* @param alias The key alias.
* @throws InternalRecoveryServiceException if an unexpected error occurred in the recovery
* service.
* @throws LockScreenRequiredException if the user has not set a lock screen. This is required
* to generate recoverable keys, as the snapshots are encrypted using a key derived from the
* lock screen.
*/
public byte[] generateAndStoreKey(@NonNull String alias)
throws InternalRecoveryServiceException, LockScreenRequiredException {
throw new UnsupportedOperationException();
}
/**
* Removes a key called {@code alias} from the recoverable key store.
*
* @param alias The key alias.
* @throws InternalRecoveryServiceException if an unexpected error occurred in the recovery
* service.
*/
public void removeKey(@NonNull String alias) throws InternalRecoveryServiceException {
try {
mBinder.removeKey(alias);
} catch (RemoteException e) {
throw e.rethrowFromSystemServer();
} catch (ServiceSpecificException e) {
throw wrapUnexpectedServiceSpecificException(e);
}
}
private InternalRecoveryServiceException wrapUnexpectedServiceSpecificException(
ServiceSpecificException e) {
if (e.errorCode == ERROR_SERVICE_INTERNAL_ERROR) {
return new InternalRecoveryServiceException(e.getMessage());
}
// Should never happen. If it does, it's a bug, and we need to update how the method that
// called this throws its exceptions.
return new InternalRecoveryServiceException("Unexpected error code for method: "
+ e.errorCode, e);
}
}
|
