From c98c8436a60e76a4af261c5348d628e13507ec54 Mon Sep 17 00:00:00 2001
From: Bo Zhu <bozhu@google.com>
Date: Sat, 31 Mar 2018 13:08:49 -0700
Subject: [PATCH] Don't allow using raw public keys to init recovery service
 any more

Bug: 75952916
Test: runtest frameworks-services -p
    com.android.server.locksettings.recoverablekeystore

Change-Id: I06ceddbc116396936d53d804d8d5466efee6aaa7
---
 .../recoverablekeystore/RecoverableKeyStoreManager.java    |  8 +-------
 .../RecoverableKeyStoreManagerTest.java                    | 14 ++++++++++----
 2 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/services/core/java/com/android/server/locksettings/recoverablekeystore/RecoverableKeyStoreManager.java b/services/core/java/com/android/server/locksettings/recoverablekeystore/RecoverableKeyStoreManager.java
index 9f6ac10378ba..d2b4c6213a0a 100644
--- a/services/core/java/com/android/server/locksettings/recoverablekeystore/RecoverableKeyStoreManager.java
+++ b/services/core/java/com/android/server/locksettings/recoverablekeystore/RecoverableKeyStoreManager.java
@@ -194,15 +194,9 @@ public class RecoverableKeyStoreManager {
         try {
             certXml = CertXml.parse(recoveryServiceCertFile);
         } catch (CertParsingException e) {
-            // TODO: Do not use raw key bytes anymore once the other components are updated
             Log.d(TAG, "Failed to parse the input as a cert file: " + HexDump.toHexString(
                     recoveryServiceCertFile));
-            PublicKey publicKey = parseEcPublicKey(recoveryServiceCertFile);
-            if (mDatabase.setRecoveryServicePublicKey(userId, uid, publicKey) > 0) {
-                mDatabase.setShouldCreateSnapshot(userId, uid, true);
-            }
-            Log.d(TAG, "Successfully set the input as the raw public key");
-            return;
+            throw new ServiceSpecificException(ERROR_BAD_CERTIFICATE_FORMAT, e.getMessage());
         }
 
         // Check serial number
diff --git a/services/tests/servicestests/src/com/android/server/locksettings/recoverablekeystore/RecoverableKeyStoreManagerTest.java b/services/tests/servicestests/src/com/android/server/locksettings/recoverablekeystore/RecoverableKeyStoreManagerTest.java
index 5efe5d2d655e..41b549b4f483 100644
--- a/services/tests/servicestests/src/com/android/server/locksettings/recoverablekeystore/RecoverableKeyStoreManagerTest.java
+++ b/services/tests/servicestests/src/com/android/server/locksettings/recoverablekeystore/RecoverableKeyStoreManagerTest.java
@@ -440,19 +440,25 @@ public class RecoverableKeyStoreManagerTest {
     }
 
     @Test
-    public void initRecoveryService_succeedsWithRawPublicKey() throws Exception {
+    public void initRecoveryService_throwsIfRawPublicKey() throws Exception {
         int uid = Binder.getCallingUid();
         int userId = UserHandle.getCallingUserId();
         mRecoverableKeyStoreDb.setShouldCreateSnapshot(userId, uid, false);
 
-        mRecoverableKeyStoreManager.initRecoveryService(ROOT_CERTIFICATE_ALIAS, TEST_PUBLIC_KEY);
+        try {
+            mRecoverableKeyStoreManager
+                    .initRecoveryService(ROOT_CERTIFICATE_ALIAS, TEST_PUBLIC_KEY);
+            fail("should have thrown");
+        } catch (ServiceSpecificException e) {
+            assertThat(e.errorCode).isEqualTo(ERROR_BAD_CERTIFICATE_FORMAT);
+        }
 
-        assertThat(mRecoverableKeyStoreDb.getShouldCreateSnapshot(userId, uid)).isTrue();
+        assertThat(mRecoverableKeyStoreDb.getShouldCreateSnapshot(userId, uid)).isFalse();
         assertThat(mRecoverableKeyStoreDb.getRecoveryServiceCertPath(userId, uid,
                 DEFAULT_ROOT_CERT_ALIAS)).isNull();
         assertThat(mRecoverableKeyStoreDb.getRecoveryServiceCertSerial(userId, uid,
                 DEFAULT_ROOT_CERT_ALIAS)).isNull();
-        assertThat(mRecoverableKeyStoreDb.getRecoveryServicePublicKey(userId, uid)).isNotNull();
+        assertThat(mRecoverableKeyStoreDb.getRecoveryServicePublicKey(userId, uid)).isNull();
     }
 
     @Test
-- 
2.11.0