Revert "Integrate IKeystoreAuthorization aidl's addAuthToken wit..."

Revert submission 1519257-rename_auth_service Reason for revert: breaking WM presubmit, b/177787180 Reverted Changes: Ib847b68d4:Integrate IKeystoreAuthorization aidl's addAuthTok... I7893ab452:Integrate IKeystoreAuthorization aidl's addAuthTok... I4a092119c:Implement addAuthToken method of IKeystoreAuthoriz... Change-Id: Iea9bf7e7b3d1e968bbbe39f4ec08dcc3577cee07

Revert "Integrate IKeystoreAuthorization aidl's addAuthToken wit..."
589975d1 · Louis Chang · 2d29591e · 589975d1 · 2d29591e · 2d29591e
Commit 589975d1 authored 4 years ago by Louis Chang
--- a/Android.bp
+++ b/Android.bp
@@ -483,7 +483,6 @@ java_library {
        "android.hardware.vibrator-V1.2-java",
        "android.hardware.vibrator-V1.3-java",
        "android.security.apc-java",
-        "android.security.authorization-java",
        "android.system.keystore2-java",
        "android.system.suspend.control.internal-java",
        "devicepolicyprotosnano",

--- a/keystore/java/android/security/AuthTokenUtils.java
+++ b/keystore/java/android/security/AuthTokenUtils.java
-/*
- * Copyright (C) 2020 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package android.security;
-
-import android.annotation.NonNull;
-import android.hardware.security.keymint.HardwareAuthToken;
-import android.hardware.security.keymint.Timestamp;
-
-import java.nio.ByteBuffer;
-import java.nio.ByteOrder;
-
-/**
- * @hide This Utils class provides method(s) for AuthToken conversion.
- */
-public class AuthTokenUtils {
-
-    private AuthTokenUtils(){
-    }
-
-    /**
-     * Build a HardwareAuthToken from a byte array
-     * @param array byte array representing an auth token
-     * @return HardwareAuthToken representation of an auth token
-     */
-    public static @NonNull HardwareAuthToken toHardwareAuthToken(@NonNull byte[] array) {
-        final HardwareAuthToken hardwareAuthToken = new HardwareAuthToken();
-
-        // First byte is version, which does not exist in HardwareAuthToken anymore
-        // Next 8 bytes is the challenge.
-        hardwareAuthToken.challenge =
-                ByteBuffer.wrap(array, 1, 8).order(ByteOrder.nativeOrder()).getLong();
-
-        // Next 8 bytes is the userId
-        hardwareAuthToken.userId =
-                ByteBuffer.wrap(array, 9, 8).order(ByteOrder.nativeOrder()).getLong();
-
-        // Next 8 bytes is the authenticatorId.
-        hardwareAuthToken.authenticatorId =
-                ByteBuffer.wrap(array, 17, 8).order(ByteOrder.nativeOrder()).getLong();
-
-        // while the other fields are in machine byte order, authenticatorType and timestamp
-        // are in network byte order.
-        // Next 4 bytes is the authenticatorType.
-        hardwareAuthToken.authenticatorType =
-                ByteBuffer.wrap(array, 25, 4).order(ByteOrder.BIG_ENDIAN).getInt();
-        // Next 8 bytes is the timestamp.
-        final Timestamp timestamp = new Timestamp();
-        timestamp.milliSeconds =
-                ByteBuffer.wrap(array, 29, 8).order(ByteOrder.BIG_ENDIAN).getLong();
-        hardwareAuthToken.timestamp = timestamp;
-
-        // Last 32 bytes is the mac, 37:69
-        hardwareAuthToken.mac = new byte[32];
-        System.arraycopy(array, 37 /* srcPos */,
-                hardwareAuthToken.mac,
-                0 /* destPos */,
-                32 /* length */);
-
-        return hardwareAuthToken;
-    }
-}
--- a/keystore/java/android/security/Authorization.java
+++ b/keystore/java/android/security/Authorization.java
-/*
- * Copyright (C) 2020 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package android.security;
-
-import android.annotation.NonNull;
-import android.hardware.security.keymint.HardwareAuthToken;
-import android.os.RemoteException;
-import android.os.ServiceManager;
-import android.os.ServiceSpecificException;
-import android.security.authorization.IKeystoreAuthorization;
-import android.system.keystore2.ResponseCode;
-import android.util.Log;
-
-/**
- * @hide This is the client side for IKeystoreAuthorization AIDL.
- * It shall only be used by biometric authentication providers and Gatekeeper.
- */
-public class Authorization {
-    private static final String TAG = "KeystoreAuthorization";
-    private static IKeystoreAuthorization sIKeystoreAuthorization;
-
-    public static final int SYSTEM_ERROR = ResponseCode.SYSTEM_ERROR;
-
-    public Authorization() {
-        sIKeystoreAuthorization = null;
-    }
-
-    private static synchronized IKeystoreAuthorization getService() {
-        if (sIKeystoreAuthorization == null) {
-            sIKeystoreAuthorization = IKeystoreAuthorization.Stub.asInterface(
-                    ServiceManager.getService("android.security.authorization"));
-        }
-        return sIKeystoreAuthorization;
-    }
-
-    /**
-     * Adds an auth token to keystore2.
-     *
-     * @param authToken created by Android authenticators.
-     * @return 0 if successful or {@code ResponseCode.SYSTEM_ERROR}.
-     */
-    public int addAuthToken(@NonNull HardwareAuthToken authToken) {
-        if (!android.security.keystore2.AndroidKeyStoreProvider.isInstalled()) return 0;
-        try {
-            getService().addAuthToken(authToken);
-            return 0;
-        } catch (RemoteException e) {
-            Log.w(TAG, "Can not connect to keystore", e);
-            return SYSTEM_ERROR;
-        } catch (ServiceSpecificException e) {
-            return e.errorCode;
-        }
-    }
-
-    /**
-     * Add an auth token to Keystore 2.0 in the legacy serialized auth token format.
-     * @param authToken
-     * @return 0 if successful or a {@code ResponseCode}.
-     */
-    public int addAuthToken(@NonNull byte[] authToken) {
-        return addAuthToken(AuthTokenUtils.toHardwareAuthToken(authToken));
-    }
-
-}
--- a/keystore/java/android/security/KeyStore.java
+++ b/keystore/java/android/security/KeyStore.java
@@ -996,7 +996,6 @@ public class KeyStore {
     */
    public int addAuthToken(byte[] authToken) {
        try {
-            new Authorization().addAuthToken(authToken);
            return mBinder.addAuthToken(authToken);
        } catch (RemoteException e) {
            Log.w(TAG, "Cannot connect to keystore", e);