commit 5fd9f786c46787cb0736622b3805482d9eeb1a85
author Sherif Eid <sherifeid@google.com> Thu Jun 26 15:03:43 2025 +0000
committer Sherif Eid <sherifeid@google.com> Fri Aug 01 14:00:34 2025 +0000
tree 81795f02931d8b92fcc28721e3bec184b43fe1ee
parent 8cf3d9afa328cc5546ce70d22564542388cfa7c6

Use AdbdKeyStoreStorage for system keys

Test: AdbDebuggingManagerTest
Bug: 420613813
Flag: EXEMPT refactor

Change-Id: I30d206d80613d4638e9dcef4e2f536916804c1af

services/core/java/com/android/server/adb/AdbDebuggingManager.java

diff --git a/services/core/java/com/android/server/adb/AdbDebuggingManager.java b/services/core/java/com/android/server/adb/AdbDebuggingManager.java
index 69a8f5b..6088be3 100644
--- a/services/core/java/com/android/server/adb/AdbDebuggingManager.java
+++ b/services/core/java/com/android/server/adb/AdbDebuggingManager.java
@@ -78,11 +78,9 @@
 import org.xmlpull.v1.XmlPullParser;
 import org.xmlpull.v1.XmlPullParserException;
 
-import java.io.BufferedReader;
 import java.io.File;
 import java.io.FileInputStream;
 import java.io.FileOutputStream;
-import java.io.FileReader;
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.OutputStream;
@@ -1556,7 +1554,14 @@
             mAdbKeyUser = new AdbdKeyStoreStorage(mUserKeyFile);
             initKeyFile();
             readTempKeysFile();
-            mSystemKeys = getSystemKeysFromFile(SYSTEM_KEY_FILE);
+
+            // The system keystore handles keys pre-loaded into the read-only system partition at
+            // /adb_keys. Unlike the user keystore (/data/misc/adb/adb_keys), these
+            // system keys are considered permanently trusted, are not subject to expiration, and
+            // cannot be modified by the user.
+            AdbdKeyStoreStorage systemKeyStore = new AdbdKeyStoreStorage(
+                    new File(SYSTEM_KEY_FILE));
+            mSystemKeys = systemKeyStore.loadKeys();
             addExistingUserKeysToKeyStore();
         }
 
@@ -1612,26 +1617,9 @@
             }
         }
 
-        private Set<String> getSystemKeysFromFile(String fileName) {
-            Set<String> systemKeys = new HashSet<>();
-            File systemKeyFile = new File(fileName);
-            if (systemKeyFile.exists()) {
-                try (BufferedReader in = new BufferedReader(new FileReader(systemKeyFile))) {
-                    String key;
-                    while ((key = in.readLine()) != null) {
-                        key = key.trim();
-                        if (key.length() > 0) {
-                            systemKeys.add(key);
-                        }
-                    }
-                } catch (IOException e) {
-                    Slog.e(TAG, "Caught an exception reading " + fileName + ": " + e);
-                }
-            }
-            return systemKeys;
-        }
-
-        /** Returns whether there are any 'always allowed' keys in the keystore. */
+        /**
+         * Returns whether there are any 'always allowed' keys in the keystore.
+         */
         public boolean isEmpty() {
             return mKeyMap.isEmpty();
         }