AttestedKeyPair: Address API review comments

Make AttestedKeyPair c'tor accept a List<Certificate> rather than Certificate[] to match the getter method on this class. To make it easier to use this class from other framework code I've re-instantiated the c'tor with a certificate array which will convert the array to a list. Bug: 139092002 Test: cts-tradefed run commandAndExit cts-dev -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.MixedDeviceOwnerTest#testKeyManagement Change-Id: Ie80dcb28f112efa89d3cc6fdceb1b9e5e26c58b1
2019-08-23 13:37:43 +01:00 · 2019-08-23 13:37:43 +01:00 · e7a65b65e5
commit e7a65b65e5
parent e1025e8228
2 changed files with 18 additions and 7 deletions
--- a/api/current.txt
+++ b/api/current.txt
@ -40629,7 +40629,7 @@ package android.se.omapi {
 package android.security {

  public final class AttestedKeyPair {
-    ctor public AttestedKeyPair(@Nullable java.security.KeyPair, @Nullable java.security.cert.Certificate[]);
+    ctor public AttestedKeyPair(@Nullable java.security.KeyPair, @NonNull java.util.List<java.security.cert.Certificate>);
    method @NonNull public java.util.List<java.security.cert.Certificate> getAttestationRecord();
    method @Nullable public java.security.KeyPair getKeyPair();
  }
--- a/keystore/java/android/security/AttestedKeyPair.java
+++ b/keystore/java/android/security/AttestedKeyPair.java
@ -23,6 +23,7 @@ import java.security.KeyPair;
 import java.security.cert.Certificate;
 import java.util.ArrayList;
 import java.util.Arrays;
+import java.util.Collections;
 import java.util.List;

 /**
@ -36,7 +37,7 @@ import java.util.List;

 public final class AttestedKeyPair {
    private final KeyPair mKeyPair;
-    private final Certificate[] mAttestationRecord;
+    private final List<Certificate> mAttestationRecord;

    /**
     * Public constructor for creating a new instance (useful for testing).
@ -44,11 +45,24 @@ public final class AttestedKeyPair {
     * @param keyPair the key pair associated with the attestation record.
     * @param attestationRecord attestation record for the provided key pair.
     */
-    public AttestedKeyPair(@Nullable KeyPair keyPair, @Nullable Certificate[] attestationRecord) {
+    public AttestedKeyPair(
+            @Nullable KeyPair keyPair, @NonNull List<Certificate> attestationRecord) {
        mKeyPair = keyPair;
        mAttestationRecord = attestationRecord;
    }

+    /**
+     * @hide used by platform.
+     */
+    public AttestedKeyPair(@Nullable KeyPair keyPair, @Nullable Certificate[] attestationRecord) {
+        mKeyPair = keyPair;
+        if (attestationRecord == null) {
+            mAttestationRecord = new ArrayList();
+        } else {
+            mAttestationRecord = Arrays.asList(attestationRecord);
+        }
+    }
+
    /**
     * Returns the generated key pair associated with the attestation record
     * in this instance.
@ -73,9 +87,6 @@ public final class AttestedKeyPair {
     * Key Attestation</a> for the format of the attestation record inside the certificate.
     */
    public @NonNull List<Certificate> getAttestationRecord() {
-        if (mAttestationRecord == null) {
-            return new ArrayList();
-        }
-        return Arrays.asList(mAttestationRecord);
+        return Collections.unmodifiableList(mAttestationRecord);
    }
 }