Loading keystore/java/android/security/KeyStore.java +4 −1 Original line number Diff line number Diff line Loading @@ -16,6 +16,7 @@ package android.security; import android.app.ActivityManager; import android.app.ActivityThread; import android.app.Application; import android.app.KeyguardManager; Loading Loading @@ -546,7 +547,9 @@ public class KeyStore { try { args = args != null ? args : new KeymasterArguments(); entropy = entropy != null ? entropy : new byte[0]; // TODO(67752510): Apply USER_ID tag if (!args.containsTag(KeymasterDefs.KM_TAG_USER_ID)) { args.addUnsignedInt(KeymasterDefs.KM_TAG_USER_ID, ActivityManager.getCurrentUser()); } return mBinder.begin(getToken(), alias, purpose, pruneable, args, entropy, uid); } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); Loading keystore/java/android/security/keystore/KeymasterUtils.java +6 −3 Original line number Diff line number Diff line Loading @@ -16,9 +16,8 @@ package android.security.keystore; import android.util.Log; import android.app.ActivityManager; import android.hardware.fingerprint.FingerprintManager; import android.os.UserHandle; import android.security.GateKeeper; import android.security.KeyStore; import android.security.keymaster.KeymasterArguments; Loading Loading @@ -102,7 +101,7 @@ public abstract class KeymasterUtils { * require user authentication. */ public static void addUserAuthArgs(KeymasterArguments args, UserAuthArgs spec) { // TODO (67752510): Implement "unlocked device required" args.addUnsignedInt(KeymasterDefs.KM_TAG_USER_ID, ActivityManager.getCurrentUser()); if (spec.isUserConfirmationRequired()) { args.addBoolean(KeymasterDefs.KM_TAG_TRUSTED_CONFIRMATION_REQUIRED); Loading @@ -112,6 +111,10 @@ public abstract class KeymasterUtils { args.addBoolean(KeymasterDefs.KM_TAG_TRUSTED_USER_PRESENCE_REQUIRED); } if (spec.isUnlockedDeviceRequired()) { args.addBoolean(KeymasterDefs.KM_TAG_UNLOCKED_DEVICE_REQUIRED); } if (!spec.isUserAuthenticationRequired()) { args.addBoolean(KeymasterDefs.KM_TAG_NO_AUTH_REQUIRED); return; Loading keystore/java/android/security/keystore/UserAuthArgs.java +1 −0 Original line number Diff line number Diff line Loading @@ -33,5 +33,6 @@ public interface UserAuthArgs { boolean isUserConfirmationRequired(); long getBoundToSpecificSecureUserId(); boolean isTrustedUserPresenceRequired(); boolean isUnlockedDeviceRequired(); } services/core/java/com/android/server/policy/keyguard/KeyguardStateMonitor.java +13 −0 Original line number Diff line number Diff line Loading @@ -19,6 +19,8 @@ package com.android.server.policy.keyguard; import android.app.ActivityManager; import android.content.Context; import android.os.RemoteException; import android.os.ServiceManager; import android.security.IKeystoreService; import android.util.Slog; import com.android.internal.policy.IKeyguardService; Loading Loading @@ -51,11 +53,16 @@ public class KeyguardStateMonitor extends IKeyguardStateCallback.Stub { private final LockPatternUtils mLockPatternUtils; private final StateCallback mCallback; IKeystoreService mKeystoreService; public KeyguardStateMonitor(Context context, IKeyguardService service, StateCallback callback) { mLockPatternUtils = new LockPatternUtils(context); mCurrentUserId = ActivityManager.getCurrentUser(); mCallback = callback; mKeystoreService = IKeystoreService.Stub.asInterface(ServiceManager .getService("android.security.keystore")); try { service.addStateMonitorCallback(this); } catch (RemoteException e) { Loading Loading @@ -86,6 +93,12 @@ public class KeyguardStateMonitor extends IKeyguardStateCallback.Stub { @Override // Binder interface public void onShowingStateChanged(boolean showing) { mIsShowing = showing; try { mKeystoreService.onKeyguardVisibilityChanged(showing, mCurrentUserId); } catch (RemoteException e) { Slog.e(TAG, "Error informing keystore of screen lock", e); } } @Override // Binder interface Loading Loading
keystore/java/android/security/KeyStore.java +4 −1 Original line number Diff line number Diff line Loading @@ -16,6 +16,7 @@ package android.security; import android.app.ActivityManager; import android.app.ActivityThread; import android.app.Application; import android.app.KeyguardManager; Loading Loading @@ -546,7 +547,9 @@ public class KeyStore { try { args = args != null ? args : new KeymasterArguments(); entropy = entropy != null ? entropy : new byte[0]; // TODO(67752510): Apply USER_ID tag if (!args.containsTag(KeymasterDefs.KM_TAG_USER_ID)) { args.addUnsignedInt(KeymasterDefs.KM_TAG_USER_ID, ActivityManager.getCurrentUser()); } return mBinder.begin(getToken(), alias, purpose, pruneable, args, entropy, uid); } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); Loading
keystore/java/android/security/keystore/KeymasterUtils.java +6 −3 Original line number Diff line number Diff line Loading @@ -16,9 +16,8 @@ package android.security.keystore; import android.util.Log; import android.app.ActivityManager; import android.hardware.fingerprint.FingerprintManager; import android.os.UserHandle; import android.security.GateKeeper; import android.security.KeyStore; import android.security.keymaster.KeymasterArguments; Loading Loading @@ -102,7 +101,7 @@ public abstract class KeymasterUtils { * require user authentication. */ public static void addUserAuthArgs(KeymasterArguments args, UserAuthArgs spec) { // TODO (67752510): Implement "unlocked device required" args.addUnsignedInt(KeymasterDefs.KM_TAG_USER_ID, ActivityManager.getCurrentUser()); if (spec.isUserConfirmationRequired()) { args.addBoolean(KeymasterDefs.KM_TAG_TRUSTED_CONFIRMATION_REQUIRED); Loading @@ -112,6 +111,10 @@ public abstract class KeymasterUtils { args.addBoolean(KeymasterDefs.KM_TAG_TRUSTED_USER_PRESENCE_REQUIRED); } if (spec.isUnlockedDeviceRequired()) { args.addBoolean(KeymasterDefs.KM_TAG_UNLOCKED_DEVICE_REQUIRED); } if (!spec.isUserAuthenticationRequired()) { args.addBoolean(KeymasterDefs.KM_TAG_NO_AUTH_REQUIRED); return; Loading
keystore/java/android/security/keystore/UserAuthArgs.java +1 −0 Original line number Diff line number Diff line Loading @@ -33,5 +33,6 @@ public interface UserAuthArgs { boolean isUserConfirmationRequired(); long getBoundToSpecificSecureUserId(); boolean isTrustedUserPresenceRequired(); boolean isUnlockedDeviceRequired(); }
services/core/java/com/android/server/policy/keyguard/KeyguardStateMonitor.java +13 −0 Original line number Diff line number Diff line Loading @@ -19,6 +19,8 @@ package com.android.server.policy.keyguard; import android.app.ActivityManager; import android.content.Context; import android.os.RemoteException; import android.os.ServiceManager; import android.security.IKeystoreService; import android.util.Slog; import com.android.internal.policy.IKeyguardService; Loading Loading @@ -51,11 +53,16 @@ public class KeyguardStateMonitor extends IKeyguardStateCallback.Stub { private final LockPatternUtils mLockPatternUtils; private final StateCallback mCallback; IKeystoreService mKeystoreService; public KeyguardStateMonitor(Context context, IKeyguardService service, StateCallback callback) { mLockPatternUtils = new LockPatternUtils(context); mCurrentUserId = ActivityManager.getCurrentUser(); mCallback = callback; mKeystoreService = IKeystoreService.Stub.asInterface(ServiceManager .getService("android.security.keystore")); try { service.addStateMonitorCallback(this); } catch (RemoteException e) { Loading Loading @@ -86,6 +93,12 @@ public class KeyguardStateMonitor extends IKeyguardStateCallback.Stub { @Override // Binder interface public void onShowingStateChanged(boolean showing) { mIsShowing = showing; try { mKeystoreService.onKeyguardVisibilityChanged(showing, mCurrentUserId); } catch (RemoteException e) { Slog.e(TAG, "Error informing keystore of screen lock", e); } } @Override // Binder interface Loading
