Skip to content
Snippets Groups Projects
Commit a7a9e7af authored by Janis Danisevskis's avatar Janis Danisevskis
Browse files

Keystore 2.0: Add human readable strings to Keystore exceptions. 

Test: N/A
Change-Id: Ic07ca2329c6ebf3dacddf687cc85935e2bfa0cdd
parent 49e239ec
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
keystore/java/android/security/KeyStore2.java
+ 38
1
View file @ a7a9e7af
......@@ -23,6 +23,7 @@ import android.os.Build;
import android.os.RemoteException;
import android.os.ServiceManager;
import android.os.ServiceSpecificException;
import android.security.keymaster.KeymasterDefs;
import android.system.keystore2.IKeystoreService;
import android.system.keystore2.KeyDescriptor;
import android.system.keystore2.KeyEntryResponse;
......@@ -107,7 +108,7 @@ public class KeyStore2 {
return request.execute(service);
} catch (ServiceSpecificException e) {
Log.e(TAG, "KeyStore exception", e);
throw new KeyStoreException(e.errorCode, "");
throw getKeyStoreException(e.errorCode);
} catch (RemoteException e) {
if (firstTry) {
Log.w(TAG, "Looks like we may have lost connection to the Keystore "
......@@ -274,4 +275,40 @@ public class KeyStore2 {
}
}
static KeyStoreException getKeyStoreException(int errorCode) {
if (errorCode > 0) {
// KeyStore layer error
switch (errorCode) {
case ResponseCode.LOCKED:
return new KeyStoreException(errorCode, "User authentication required");
case ResponseCode.UNINITIALIZED:
return new KeyStoreException(errorCode, "Keystore not initialized");
case ResponseCode.SYSTEM_ERROR:
return new KeyStoreException(errorCode, "System error");
case ResponseCode.PERMISSION_DENIED:
return new KeyStoreException(errorCode, "Permission denied");
case ResponseCode.KEY_NOT_FOUND:
return new KeyStoreException(errorCode, "Key not found");
case ResponseCode.VALUE_CORRUPTED:
return new KeyStoreException(errorCode, "Key blob corrupted");
case ResponseCode.KEY_PERMANENTLY_INVALIDATED:
return new KeyStoreException(errorCode, "Key permanently invalidated");
default:
return new KeyStoreException(errorCode, String.valueOf(errorCode));
}
} else {
// Keymaster layer error
switch (errorCode) {
case KeymasterDefs.KM_ERROR_INVALID_AUTHORIZATION_TIMEOUT:
// The name of this parameter significantly differs between Keymaster and
// framework APIs. Use the framework wording to make life easier for developers.
return new KeyStoreException(errorCode,
"Invalid user authentication validity duration");
default:
return new KeyStoreException(errorCode,
KeymasterDefs.getErrorMessage(errorCode));
}
}
}
}
keystore/java/android/security/KeyStoreOperation.java
+ 1
2
View file @ a7a9e7af
......@@ -73,8 +73,7 @@ public class KeyStoreOperation {
);
}
default:
// TODO Human readable string. Use something like KeyStore.getKeyStoreException
throw new KeyStoreException(e.errorCode, "");
throw KeyStore2.getKeyStoreException(e.errorCode);
}
} catch (RemoteException e) {
// Log exception and report invalid operation handle.
......
keystore/java/android/security/KeyStoreSecurityLevel.java
+ 2
2
View file @ a7a9e7af
......@@ -52,7 +52,7 @@ public class KeyStoreSecurityLevel {
try {
return request.execute();
} catch (ServiceSpecificException e) {
throw new KeyStoreException(e.errorCode, "");
throw KeyStore2.getKeyStoreException(e.errorCode);
} catch (RemoteException e) {
// Log exception and report invalid operation handle.
// This should prompt the caller drop the reference to this operation and retry.
......@@ -114,7 +114,7 @@ public class KeyStoreSecurityLevel {
break;
}
default:
throw new KeyStoreException(e.errorCode, "");
throw KeyStore2.getKeyStoreException(e.errorCode);
}
} catch (RemoteException e) {
Log.w(TAG, "Cannot connect to keystore", e);
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment