Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 27deb3b7 authored by Kevin Chyn's avatar Kevin Chyn Committed by Android (Google) Code Review
Browse files

Merge "Fixing default behavior for keys requiring auth" into rvc-dev

parents 3604fffb a811787a

keystore/java/android/security/keystore/KeyGenParameterSpec.java

+5 −3
Original line number Diff line number Diff line
@@ -764,8 +764,9 @@ public final class KeyGenParameterSpec implements AlgorithmParameterSpec, UserAu 
        private @KeyProperties.BlockModeEnum String[] mBlockModes;

        private boolean mRandomizedEncryptionRequired = true;

        private boolean mUserAuthenticationRequired;

        private int mUserAuthenticationValidityDurationSeconds = -1;

        private @KeyProperties.AuthEnum int mUserAuthenticationType;

        private int mUserAuthenticationValidityDurationSeconds = 0;

        private @KeyProperties.AuthEnum int mUserAuthenticationType =

                KeyProperties.AUTH_BIOMETRIC_STRONG;

        private boolean mUserPresenceRequired = false;

        private byte[] mAttestationChallenge = null;

        private boolean mUniqueIdIncluded = false;
@@ -1240,7 +1241,8 @@ public final class KeyGenParameterSpec implements AlgorithmParameterSpec, UserAu 
            if (seconds == -1) {

                return setUserAuthenticationParameters(0, KeyProperties.AUTH_BIOMETRIC_STRONG);

            }

            return setUserAuthenticationParameters(seconds, KeyProperties.AUTH_BIOMETRIC_STRONG);

            return setUserAuthenticationParameters(seconds, KeyProperties.AUTH_DEVICE_CREDENTIAL

                                                            | KeyProperties.AUTH_BIOMETRIC_STRONG);

        }



        /**

keystore/java/android/security/keystore/KeyProtection.java

+5 −3
Original line number Diff line number Diff line
@@ -562,8 +562,9 @@ public final class KeyProtection implements ProtectionParameter, UserAuthArgs { 
        private @KeyProperties.BlockModeEnum String[] mBlockModes;

        private boolean mRandomizedEncryptionRequired = true;

        private boolean mUserAuthenticationRequired;

        private @KeyProperties.AuthEnum int mUserAuthenticationType;

        private int mUserAuthenticationValidityDurationSeconds = -1;

        private int mUserAuthenticationValidityDurationSeconds = 0;

        private @KeyProperties.AuthEnum int mUserAuthenticationType =

                KeyProperties.AUTH_BIOMETRIC_STRONG;

        private boolean mUserPresenceRequired = false;

        private boolean mUserAuthenticationValidWhileOnBody;

        private boolean mInvalidatedByBiometricEnrollment = true;
@@ -870,7 +871,8 @@ public final class KeyProtection implements ProtectionParameter, UserAuthArgs { 
            if (seconds == -1) {

                return setUserAuthenticationParameters(0, KeyProperties.AUTH_BIOMETRIC_STRONG);

            }

            return setUserAuthenticationParameters(seconds, KeyProperties.AUTH_BIOMETRIC_STRONG);

            return setUserAuthenticationParameters(seconds, KeyProperties.AUTH_DEVICE_CREDENTIAL

                                                            | KeyProperties.AUTH_BIOMETRIC_STRONG);

        }



        /**

keystore/java/android/security/keystore/KeymasterUtils.java

+1 −2
Original line number Diff line number Diff line
@@ -165,8 +165,7 @@ public abstract class KeymasterUtils { 
            }

            args.addUnsignedLong(KeymasterDefs.KM_TAG_USER_SECURE_ID,

                    KeymasterArguments.toUint64(sid));

            args.addEnum(KeymasterDefs.KM_TAG_USER_AUTH_TYPE,

                    KeymasterDefs.HW_AUTH_PASSWORD | KeymasterDefs.HW_AUTH_BIOMETRIC);

            args.addEnum(KeymasterDefs.KM_TAG_USER_AUTH_TYPE, spec.getUserAuthenticationType());

            args.addUnsignedInt(KeymasterDefs.KM_TAG_AUTH_TIMEOUT,

                    spec.getUserAuthenticationValidityDurationSeconds());

            if (spec.isUserAuthenticationValidWhileOnBody()) {