Merge SP1A.210208.001

Change-Id: I7d4929024872b369444e276a60ded06e37b1fefb
author: Daniel Norman <danielnorman@google.com> 2021-02-08 11:11:18 -0800
committer: Daniel Norman <danielnorman@google.com> 2021-02-17 08:39:59 -0800
commit: 337095f9d277c566cb888bc3adbac16576f1ae70 (patch)
tree: 8818a5cd44fdfa89f7ef4d8570dbc67239e087dd /keystore/java/android/security/KeyStore2.java
parent: 80b7ed3f7373212a33fe42af8a7b7fc0ebcb187c (diff)
parent: a66768631e6f47e1f7ffcf4ec86f96d6e8f35282 (diff)
1 files changed, 38 insertions, 1 deletions
diff --git a/keystore/java/android/security/KeyStore2.java b/keystore/java/android/security/KeyStore2.java
index 92d87aa0fed6..f7477bf92c81 100644
--- a/keystore/java/android/security/KeyStore2.java
+++ b/keystore/java/android/security/KeyStore2.java
@@ -23,6 +23,7 @@ import android.os.Build;
 import android.os.RemoteException;
 import android.os.ServiceManager;
 import android.os.ServiceSpecificException;
+import android.security.keymaster.KeymasterDefs;
 import android.system.keystore2.IKeystoreService;
 import android.system.keystore2.KeyDescriptor;
 import android.system.keystore2.KeyEntryResponse;
@@ -107,7 +108,7 @@ public class KeyStore2 {
                 return request.execute(service);
             } catch (ServiceSpecificException e) {
                 Log.e(TAG, "KeyStore exception", e);
-                throw new KeyStoreException(e.errorCode, "");
+                throw getKeyStoreException(e.errorCode);
             } catch (RemoteException e) {
                 if (firstTry) {
                     Log.w(TAG, "Looks like we may have lost connection to the Keystore "
@@ -274,4 +275,40 @@ public class KeyStore2 {
         }
     }
 
+    static KeyStoreException getKeyStoreException(int errorCode) {
+        if (errorCode > 0) {
+            // KeyStore layer error
+            switch (errorCode) {
+                case ResponseCode.LOCKED:
+                    return new KeyStoreException(errorCode, "User authentication required");
+                case ResponseCode.UNINITIALIZED:
+                    return new KeyStoreException(errorCode, "Keystore not initialized");
+                case ResponseCode.SYSTEM_ERROR:
+                    return new KeyStoreException(errorCode, "System error");
+                case ResponseCode.PERMISSION_DENIED:
+                    return new KeyStoreException(errorCode, "Permission denied");
+                case ResponseCode.KEY_NOT_FOUND:
+                    return new KeyStoreException(errorCode, "Key not found");
+                case ResponseCode.VALUE_CORRUPTED:
+                    return new KeyStoreException(errorCode, "Key blob corrupted");
+                case ResponseCode.KEY_PERMANENTLY_INVALIDATED:
+                    return new KeyStoreException(errorCode, "Key permanently invalidated");
+                default:
+                    return new KeyStoreException(errorCode, String.valueOf(errorCode));
+            }
+        } else {
+            // Keymaster layer error
+            switch (errorCode) {
+                case KeymasterDefs.KM_ERROR_INVALID_AUTHORIZATION_TIMEOUT:
+                    // The name of this parameter significantly differs between Keymaster and
+                    // framework APIs. Use the framework wording to make life easier for developers.
+                    return new KeyStoreException(errorCode,
+                            "Invalid user authentication validity duration");
+                default:
+                    return new KeyStoreException(errorCode,
+                            KeymasterDefs.getErrorMessage(errorCode));
+            }
+        }
+    }
+
 }
author	Daniel Norman <danielnorman@google.com>	2021-02-08 11:11:18 -0800
committer	Daniel Norman <danielnorman@google.com>	2021-02-17 08:39:59 -0800
commit	337095f9d277c566cb888bc3adbac16576f1ae70 (patch)
tree	8818a5cd44fdfa89f7ef4d8570dbc67239e087dd /keystore/java/android/security/KeyStore2.java
parent	80b7ed3f7373212a33fe42af8a7b7fc0ebcb187c (diff)
parent	a66768631e6f47e1f7ffcf4ec86f96d6e8f35282 (diff)