repair merge error

p3dr0rv · p3dr0rv · commit 2caeae112074 · 2025-09-16T19:40:38.000-07:00
diff --git a/common/src/main/java/com/microsoft/identity/common/internal/util/AndroidKeyStoreUtil.java b/common/src/main/java/com/microsoft/identity/common/internal/util/AndroidKeyStoreUtil.java
@@ -483,6 +483,68 @@ public static synchronized SecretKey unwrap(final byte[] wrappedKeyBlob,
         throw clientException;
     }
 
+    /**
+     * Populate attributes from an InvalidKeyException, attempting to extract details from a nested
+     * KeyStoreException if available (API Level 33+).
+     */
+    private static AttributesBuilder createAttributesBuilderFromInvalidKeyException(final InvalidKeyException exception) {
+        String ksMessage;
+        final String errorType;
+        final String ksNumericErrorCode;
+
+        // Check API Level before attempting to extract KeyStoreException details
+        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.TIRAMISU) {
+            final android.security.KeyStoreException keyStoreException = findKeyStoreException(exception);
+            if (keyStoreException != null) {
+                ksMessage = keyStoreException.getMessage();
+                if (ksMessage == null) {
+                    ksMessage = "Keystore exception found, no error message";
+                }
+                errorType = "KeyStoreException";
+                ksNumericErrorCode = String.valueOf(keyStoreException.getNumericErrorCode());
+            } else {
+                ksMessage = "No keystore exception found";
+                errorType = "InvalidKeyException";
+                ksNumericErrorCode = "";
+            }
+        } else {
+            ksMessage = "API Level below 33, keystore exception not available";
+            errorType = "InvalidKeyException";
+            ksNumericErrorCode = "";
+        }
+
+        return Attributes.builder()
+                .put(AttributeName.error_type.name(), errorType)
+                .put(AttributeName.keystore_exception_stack_trace.name(), ThrowableUtil.getStackTraceAsString(exception))
+                .put(AttributeName.keystore_exception_message.name(), ksMessage)
+                .put(AttributeName.keystore_numeric_error_code.name(), ksNumericErrorCode);
+    }
+
+    /**
+     * Searches the causal chain of the given throwable for an instance of
+     * {@link android.security.KeyStoreException}.
+     *
+     * @param throwable The throwable to search.
+     * @return The found KeyStoreException, or null if none was found or the API level is below 33.
+     */
+    private static @Nullable android.security.KeyStoreException findKeyStoreException(@NonNull Throwable throwable) {
+        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.TIRAMISU) {
+            // Check up to a max depth to avoid infinite loops in case of circular references
+            int count = 0;
+            while (throwable != null && count < KEYSTORE_EXCEPTION_CAUSE_CHAIN_MAX_DEPTH) {
+                if (throwable instanceof android.security.KeyStoreException) {
+                    return (android.security.KeyStoreException) throwable;
+                }
+                throwable = throwable.getCause();
+                count++;
+            }
+
+            return null;
+        } else {
+            return null;
+        }
+    }
+
     /**
      * Returns encryption paddings supported by a KeyStore key pair.
      * <p>
@@ -498,19 +560,15 @@ public static synchronized List<String> getKeyPairEncryptionPaddings(@NonNull fi
         try {
             final PrivateKey privateKey = keyPair.getPrivate();
             final KeyFactory keyFactory = KeyFactory.getInstance(privateKey.getAlgorithm(), ANDROID_KEY_STORE_TYPE);
-            if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
-                final KeyInfo keyInfo = keyFactory.getKeySpec(privateKey, KeyInfo.class);
-                final List<String> encryptionPaddings = new ArrayList<>();
-                // keyInfo.getEncryptionPaddings() returns a list of encryption paddings supported by the key.
-                // We remove the "Padding" suffix from each padding name to match the expected format.
-                for (final String padding : keyInfo.getEncryptionPaddings()) {
-                    encryptionPaddings.add(padding.replace("Padding", ""));
-                }
-                Logger.info(methodTag, "Supported encryption paddings: " + encryptionPaddings);
-                return encryptionPaddings;
-            } else {
-                Logger.warn(methodTag, "KeyInfo not available on API < 23");
+            final KeyInfo keyInfo = keyFactory.getKeySpec(privateKey, KeyInfo.class);
+            final List<String> encryptionPaddings = new ArrayList<>();
+            // keyInfo.getEncryptionPaddings() returns a list of encryption paddings supported by the key.
+            // We remove the "Padding" suffix from each padding name to match the expected format.
+            for (final String padding : keyInfo.getEncryptionPaddings()) {
+                encryptionPaddings.add(padding.replace("Padding", ""));
             }
+            Logger.info(methodTag, "Supported encryption paddings: " + encryptionPaddings);
+            return encryptionPaddings;
         } catch (final Exception e) {
             Logger.warn(methodTag, "Failed to retrieve key padding information" + ": " + e.getMessage());
         }
