Remove KeyStore#state()

Remove AndroidKeyStoreMaintenance#getState() and both overloads of KeyStore#state(). None of these are used by platform code anymore. The two KeyStore#state() methods do have @UnsupportedAppUsage, as do two values of the State enum: UNLOCKED and LOCKED. However, there is a clear public API equivalent for apps that may be checking these states: UserManager#isUserUnlocked(). Therefore, according to the policy on unsupported usage of internal APIs, we can remove these internal APIs. Also, the non-SDK dashboard has no runtime results for either method, and only one static analysis result which is from unused code in one app. This is consistent with these methods being entirely unused. Part of the motivation for removing these internal APIs is that upcoming changes to the lifetime of keystore superencryption keys would change the behavior of getState. So it seems like a good time to remove this unused/unsupported code instead of wasting time maintaining it. Bug: 296464083 Test: atest -p --include-subdirs system/security/keystore2 Change-Id: Iff821bbdeac5ee0653c9c71867fd53d38cb4d48f

Remove KeyStore#state()
c230e33f · Eric Biggers · 7df13d67 · c230e33f · c230e33f
Commit c230e33f authored 1 year ago by Eric Biggers
--- a/keystore/java/android/security/AndroidKeyStoreMaintenance.java
+++ b/keystore/java/android/security/AndroidKeyStoreMaintenance.java
@@ -127,25 +127,6 @@ public class AndroidKeyStoreMaintenance {
        }
    }

-    /**
-     * Queries user state from Keystore 2.0.
-     *
-     * @param userId - Android user id of the user.
-     * @return UserState enum variant as integer if successful or an error
-     */
-    public static int getState(int userId) {
-        StrictMode.noteDiskRead();
-        try {
-            return getService().getState(userId);
-        } catch (ServiceSpecificException e) {
-            Log.e(TAG, "getState failed", e);
-            return e.errorCode;
-        } catch (Exception e) {
-            Log.e(TAG, "Can not connect to keystore", e);
-            return SYSTEM_ERROR;
-        }
-    }
-
    /**
     * Informs Keystore 2.0 that an off body event was detected.
     */

--- a/keystore/java/android/security/KeyStore.java
+++ b/keystore/java/android/security/KeyStore.java
@@ -19,8 +19,6 @@ package android.security;
 import android.compat.annotation.UnsupportedAppUsage;
 import android.os.Build;
 import android.os.StrictMode;
-import android.os.UserHandle;
-import android.security.maintenance.UserState;

 /**
 * @hide This should not be made public in its present form because it
@@ -37,15 +35,6 @@ public class KeyStore {
    // Used for UID field to indicate the calling UID.
    public static final int UID_SELF = -1;

-    // States
-    public enum State {
-        @UnsupportedAppUsage
-        UNLOCKED,
-        @UnsupportedAppUsage
-        LOCKED,
-        UNINITIALIZED
-    };
-
    private static final KeyStore KEY_STORE = new KeyStore();

    @UnsupportedAppUsage
@@ -53,28 +42,6 @@ public class KeyStore {
        return KEY_STORE;
    }

-    /** @hide */
-    @UnsupportedAppUsage(maxTargetSdk = Build.VERSION_CODES.R, trackingBug = 170729553)
-    public State state(int userId) {
-        int userState = AndroidKeyStoreMaintenance.getState(userId);
-        switch (userState) {
-            case UserState.UNINITIALIZED:
-                return KeyStore.State.UNINITIALIZED;
-            case UserState.LSKF_UNLOCKED:
-                return KeyStore.State.UNLOCKED;
-            case UserState.LSKF_LOCKED:
-                return KeyStore.State.LOCKED;
-            default:
-                throw new AssertionError(userState);
-        }
-    }
-
-    /** @hide */
-    @UnsupportedAppUsage
-    public State state() {
-        return state(UserHandle.myUserId());
-    }
-
    /** @hide */
    @UnsupportedAppUsage(maxTargetSdk = Build.VERSION_CODES.R, trackingBug = 170729553)
    public byte[] get(String key) {