Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 040337d1 authored by Brian Young's avatar Brian Young Committed by android-build-merger
Browse files

Merge changes from topics "niap-asym-write-pi-dev", "niap-asym-write-api-pi-dev" into pi-dev

am: 0186b42f

Change-Id: I18cba5e8695246b45972186e2c79d5d36a61c316
parents 2a3399c3 0186b42f
Loading
Loading
Loading
Loading
+4 −1
Original line number Diff line number Diff line
@@ -16,6 +16,7 @@

package android.security;

import android.app.ActivityManager;
import android.app.ActivityThread;
import android.app.Application;
import android.app.KeyguardManager;
@@ -546,7 +547,9 @@ public class KeyStore {
        try {
            args = args != null ? args : new KeymasterArguments();
            entropy = entropy != null ? entropy : new byte[0];
            // TODO(67752510): Apply USER_ID tag
            if (!args.containsTag(KeymasterDefs.KM_TAG_USER_ID)) {
                args.addUnsignedInt(KeymasterDefs.KM_TAG_USER_ID, ActivityManager.getCurrentUser());
            }
            return mBinder.begin(getToken(), alias, purpose, pruneable, args, entropy, uid);
        } catch (RemoteException e) {
            Log.w(TAG, "Cannot connect to keystore", e);
+6 −3
Original line number Diff line number Diff line
@@ -16,9 +16,8 @@

package android.security.keystore;

import android.util.Log;
import android.app.ActivityManager;
import android.hardware.fingerprint.FingerprintManager;
import android.os.UserHandle;
import android.security.GateKeeper;
import android.security.KeyStore;
import android.security.keymaster.KeymasterArguments;
@@ -102,7 +101,7 @@ public abstract class KeymasterUtils {
     *         require user authentication.
     */
    public static void addUserAuthArgs(KeymasterArguments args, UserAuthArgs spec) {
        // TODO (67752510): Implement "unlocked device required"
        args.addUnsignedInt(KeymasterDefs.KM_TAG_USER_ID, ActivityManager.getCurrentUser());

        if (spec.isUserConfirmationRequired()) {
            args.addBoolean(KeymasterDefs.KM_TAG_TRUSTED_CONFIRMATION_REQUIRED);
@@ -112,6 +111,10 @@ public abstract class KeymasterUtils {
            args.addBoolean(KeymasterDefs.KM_TAG_TRUSTED_USER_PRESENCE_REQUIRED);
        }

        if (spec.isUnlockedDeviceRequired()) {
            args.addBoolean(KeymasterDefs.KM_TAG_UNLOCKED_DEVICE_REQUIRED);
        }

        if (!spec.isUserAuthenticationRequired()) {
            args.addBoolean(KeymasterDefs.KM_TAG_NO_AUTH_REQUIRED);
            return;
+1 −0
Original line number Diff line number Diff line
@@ -33,5 +33,6 @@ public interface UserAuthArgs {
    boolean isUserConfirmationRequired();
    long getBoundToSpecificSecureUserId();
    boolean isTrustedUserPresenceRequired();
    boolean isUnlockedDeviceRequired();

}
+13 −0
Original line number Diff line number Diff line
@@ -19,6 +19,8 @@ package com.android.server.policy.keyguard;
import android.app.ActivityManager;
import android.content.Context;
import android.os.RemoteException;
import android.os.ServiceManager;
import android.security.IKeystoreService;
import android.util.Slog;

import com.android.internal.policy.IKeyguardService;
@@ -51,11 +53,16 @@ public class KeyguardStateMonitor extends IKeyguardStateCallback.Stub {
    private final LockPatternUtils mLockPatternUtils;
    private final StateCallback mCallback;

    IKeystoreService mKeystoreService;

    public KeyguardStateMonitor(Context context, IKeyguardService service, StateCallback callback) {
        mLockPatternUtils = new LockPatternUtils(context);
        mCurrentUserId = ActivityManager.getCurrentUser();
        mCallback = callback;

        mKeystoreService = IKeystoreService.Stub.asInterface(ServiceManager
                .getService("android.security.keystore"));

        try {
            service.addStateMonitorCallback(this);
        } catch (RemoteException e) {
@@ -86,6 +93,12 @@ public class KeyguardStateMonitor extends IKeyguardStateCallback.Stub {
    @Override // Binder interface
    public void onShowingStateChanged(boolean showing) {
        mIsShowing = showing;

        try {
            mKeystoreService.onKeyguardVisibilityChanged(showing, mCurrentUserId);
        } catch (RemoteException e) {
            Slog.e(TAG, "Error informing keystore of screen lock", e);
        }
    }

    @Override // Binder interface