Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 15e1f8f5 authored by Treehugger Robot's avatar Treehugger Robot Committed by Automerger Merge Worker
Browse files

Merge changes Ib3c9affb,I1dbe3d02,I88681f21 am: 1f65c6b6 am: f2abffe1 am: df8410e6 

Original change: https://android-review.googlesource.com/c/platform/frameworks/base/+/1451015

Change-Id: I654b14fb0386d5bea6d22e37a394b00c1f66a87c
parents 7c40b323 df8410e6

Android.bp

+1 −0
Original line number Diff line number Diff line
@@ -480,6 +480,7 @@ java_library { 
        "android.hardware.vibrator-V1.1-java",

        "android.hardware.vibrator-V1.2-java",

        "android.hardware.vibrator-V1.3-java",

        "android.system.keystore2-java",

        "devicepolicyprotosnano",



        "com.android.sysprop.apex",

api/current.txt

+5 −0
Original line number Diff line number Diff line
@@ -42880,6 +42880,11 @@ package android.security.keystore { 
    field public static final int PURPOSE_SIGN = 4; // 0x4

    field public static final int PURPOSE_VERIFY = 8; // 0x8

    field public static final int PURPOSE_WRAP_KEY = 32; // 0x20

    field public static final int SECURITY_LEVEL_SOFTWARE = 0; // 0x0

    field public static final int SECURITY_LEVEL_STRONGBOX = 2; // 0x2

    field public static final int SECURITY_LEVEL_TRUSTED_ENVIRONMENT = 1; // 0x1

    field public static final int SECURITY_LEVEL_UNKNOWN = -2; // 0xfffffffe

    field public static final int SECURITY_LEVEL_UNKNOWN_SECURE = -1; // 0xffffffff

    field public static final String SIGNATURE_PADDING_RSA_PKCS1 = "PKCS1";

    field public static final String SIGNATURE_PADDING_RSA_PSS = "PSS";

  }

core/api/current.txt

+5 −0
Original line number Diff line number Diff line
@@ -41048,6 +41048,11 @@ package android.security.keystore { 
    field public static final int PURPOSE_SIGN = 4; // 0x4

    field public static final int PURPOSE_VERIFY = 8; // 0x8

    field public static final int PURPOSE_WRAP_KEY = 32; // 0x20

    field public static final int SECURITY_LEVEL_SOFTWARE = 0; // 0x0

    field public static final int SECURITY_LEVEL_STRONGBOX = 2; // 0x2

    field public static final int SECURITY_LEVEL_TRUSTED_ENVIRONMENT = 1; // 0x1

    field public static final int SECURITY_LEVEL_UNKNOWN = -2; // 0xfffffffe

    field public static final int SECURITY_LEVEL_UNKNOWN_SECURE = -1; // 0xffffffff

    field public static final String SIGNATURE_PADDING_RSA_PKCS1 = "PKCS1";

    field public static final String SIGNATURE_PADDING_RSA_PSS = "PSS";

  }

core/java/android/security/keymaster/KeymasterDefs.java

+5 −0
Original line number Diff line number Diff line
@@ -157,6 +157,11 @@ public final class KeymasterDefs { 
    public static final int HW_AUTH_PASSWORD = 1 << 0;

    public static final int HW_AUTH_BIOMETRIC = 1 << 1;



    // Security Levels.

    public static final int KM_SECURITY_LEVEL_SOFTWARE = 0;

    public static final int KM_SECURITY_LEVEL_TRUSTED_ENVIRONMENT = 1;

    public static final int KM_SECURITY_LEVEL_STRONGBOX = 2;



    // Error codes.

    public static final int KM_ERROR_OK = 0;

    public static final int KM_ERROR_ROOT_OF_TRUST_ALREADY_SET = -1;

keystore/java/android/security/keystore/KeyProperties.java

+90 −4
Original line number Diff line number Diff line
@@ -496,10 +496,16 @@ public abstract class KeyProperties { 
     */

    public static final String SIGNATURE_PADDING_RSA_PSS = "PSS";



    static abstract class SignaturePadding {

    /**

     * @hide

     */

    public abstract static class SignaturePadding {

        private SignaturePadding() {}



        static int toKeymaster(@NonNull @SignaturePaddingEnum String padding) {

        /**

         * @hide

         */

        public static int toKeymaster(@NonNull @SignaturePaddingEnum String padding) {

            switch (padding.toUpperCase(Locale.US)) {

                case SIGNATURE_PADDING_RSA_PKCS1:

                    return KeymasterDefs.KM_PAD_RSA_PKCS1_1_5_SIGN;
@@ -512,7 +518,7 @@ public abstract class KeyProperties { 
        }



        @NonNull

        static @SignaturePaddingEnum String fromKeymaster(int padding) {

        public static @SignaturePaddingEnum String fromKeymaster(int padding) {

            switch (padding) {

                case KeymasterDefs.KM_PAD_RSA_PKCS1_1_5_SIGN:

                    return SIGNATURE_PADDING_RSA_PKCS1;
@@ -524,7 +530,7 @@ public abstract class KeyProperties { 
        }



        @NonNull

        static int[] allToKeymaster(@Nullable @SignaturePaddingEnum String[] paddings) {

        public static int[] allToKeymaster(@Nullable @SignaturePaddingEnum String[] paddings) {

            if ((paddings == null) || (paddings.length == 0)) {

                return EmptyArray.INT;

            }
@@ -771,4 +777,84 @@ public abstract class KeyProperties { 
        }

        return result;

    }



    /**

     * @hide

     */

    @Retention(RetentionPolicy.SOURCE)

    @IntDef(prefix = { "SECURITY_LEVEL_" }, value = {

            SECURITY_LEVEL_UNKNOWN,

            SECURITY_LEVEL_UNKNOWN_SECURE,

            SECURITY_LEVEL_SOFTWARE,

            SECURITY_LEVEL_TRUSTED_ENVIRONMENT,

            SECURITY_LEVEL_STRONGBOX,

    })

    public @interface SecurityLevelEnum {}



    /**

     * This security level indicates that no assumptions can be made about the security level of the

     * respective key.

     */

    public static final int SECURITY_LEVEL_UNKNOWN = -2;

    /**

     * This security level indicates that due to the target API level of the caller no exact

     * statement can be made about the security level of the key, however, the security level

     * can be considered is at least equivalent to {@link #SECURITY_LEVEL_TRUSTED_ENVIRONMENT}.

     */

    public static final int SECURITY_LEVEL_UNKNOWN_SECURE = -1;



    /** Indicates enforcement by system software. */

    public static final int SECURITY_LEVEL_SOFTWARE = 0;



    /** Indicates enforcement by a trusted execution environment. */

    public static final int SECURITY_LEVEL_TRUSTED_ENVIRONMENT = 1;



    /**

     * Indicates enforcement by environment meeting the Strongbox security profile,

     * such as a secure element.

     */

    public static final int SECURITY_LEVEL_STRONGBOX = 2;



    /**

     * @hide

     */

    public abstract static class SecurityLevel {

        private SecurityLevel() {}



        /**

         * @hide

         */

        public static int toKeymaster(int securityLevel) {

            switch (securityLevel) {

                case SECURITY_LEVEL_SOFTWARE:

                    return KeymasterDefs.KM_SECURITY_LEVEL_SOFTWARE;

                case SECURITY_LEVEL_TRUSTED_ENVIRONMENT:

                    return KeymasterDefs.KM_SECURITY_LEVEL_TRUSTED_ENVIRONMENT;

                case SECURITY_LEVEL_STRONGBOX:

                    return KeymasterDefs.KM_SECURITY_LEVEL_STRONGBOX;

                default:

                    throw new IllegalArgumentException("Unsupported security level: "

                            + securityLevel);

            }

        }



        /**

         * @hide

         */

        @NonNull

        public static int fromKeymaster(int securityLevel) {

            switch (securityLevel) {

                case KeymasterDefs.KM_SECURITY_LEVEL_SOFTWARE:

                    return SECURITY_LEVEL_SOFTWARE;

                case KeymasterDefs.KM_SECURITY_LEVEL_TRUSTED_ENVIRONMENT:

                    return SECURITY_LEVEL_TRUSTED_ENVIRONMENT;

                case KeymasterDefs.KM_SECURITY_LEVEL_STRONGBOX:

                    return SECURITY_LEVEL_STRONGBOX;

                default:

                    throw new IllegalArgumentException("Unsupported security level: "

                            + securityLevel);

            }

        }

    }



}