Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 297d2d1f authored by Grace Cheng's avatar Grace Cheng
Browse files

Rename isSecureLockDeviceAvailable and return type

Renames isSecureLockDeviceAvailable to getSecureLockDeviceAvailability
and renames IntDef return type IsSecureLockDeviceAvailableRequestStatus
to GetSecureLockDeviceAvailabilityRequestStatus.

Flag: android.security.secure_lock_device
Fixes: 420637357
Fixes: 420636407
Test: atest SecureLockDeviceServiceTest
Change-Id: Ibac25b08b1a94d1eea07cb30878745501f622fcd
parent a39bea6b
Loading
Loading
Loading
Loading
+1 −1
Original line number Original line Diff line number Diff line
@@ -13007,7 +13007,7 @@ package android.security.authenticationpolicy {
  @FlaggedApi("android.security.secure_lockdown") public final class AuthenticationPolicyManager {
  @FlaggedApi("android.security.secure_lockdown") public final class AuthenticationPolicyManager {
    method @FlaggedApi("android.security.secure_lockdown") @RequiresPermission(android.Manifest.permission.MANAGE_SECURE_LOCK_DEVICE) public int disableSecureLockDevice(@NonNull android.security.authenticationpolicy.DisableSecureLockDeviceParams);
    method @FlaggedApi("android.security.secure_lockdown") @RequiresPermission(android.Manifest.permission.MANAGE_SECURE_LOCK_DEVICE) public int disableSecureLockDevice(@NonNull android.security.authenticationpolicy.DisableSecureLockDeviceParams);
    method @FlaggedApi("android.security.secure_lockdown") @RequiresPermission(android.Manifest.permission.MANAGE_SECURE_LOCK_DEVICE) public int enableSecureLockDevice(@NonNull android.security.authenticationpolicy.EnableSecureLockDeviceParams);
    method @FlaggedApi("android.security.secure_lockdown") @RequiresPermission(android.Manifest.permission.MANAGE_SECURE_LOCK_DEVICE) public int enableSecureLockDevice(@NonNull android.security.authenticationpolicy.EnableSecureLockDeviceParams);
    method @FlaggedApi("android.security.secure_lock_device") @RequiresPermission(android.Manifest.permission.MANAGE_SECURE_LOCK_DEVICE) public int isSecureLockDeviceAvailable();
    method @FlaggedApi("android.security.secure_lock_device") @RequiresPermission(android.Manifest.permission.MANAGE_SECURE_LOCK_DEVICE) public int getSecureLockDeviceAvailability();
    method @FlaggedApi("android.security.secure_lock_device") @RequiresPermission(android.Manifest.permission.MANAGE_SECURE_LOCK_DEVICE) public boolean isSecureLockDeviceEnabled();
    method @FlaggedApi("android.security.secure_lock_device") @RequiresPermission(android.Manifest.permission.MANAGE_SECURE_LOCK_DEVICE) public boolean isSecureLockDeviceEnabled();
    method @FlaggedApi("android.security.secure_lock_device") @RequiresPermission(android.Manifest.permission.MANAGE_SECURE_LOCK_DEVICE) public void registerSecureLockDeviceStatusListener(@NonNull java.util.concurrent.Executor, @NonNull android.security.authenticationpolicy.AuthenticationPolicyManager.SecureLockDeviceStatusListener);
    method @FlaggedApi("android.security.secure_lock_device") @RequiresPermission(android.Manifest.permission.MANAGE_SECURE_LOCK_DEVICE) public void registerSecureLockDeviceStatusListener(@NonNull java.util.concurrent.Executor, @NonNull android.security.authenticationpolicy.AuthenticationPolicyManager.SecureLockDeviceStatusListener);
    method @FlaggedApi("android.security.secure_lock_device") @RequiresPermission(android.Manifest.permission.MANAGE_SECURE_LOCK_DEVICE) public void unregisterSecureLockDeviceStatusListener(@NonNull android.security.authenticationpolicy.AuthenticationPolicyManager.SecureLockDeviceStatusListener);
    method @FlaggedApi("android.security.secure_lock_device") @RequiresPermission(android.Manifest.permission.MANAGE_SECURE_LOCK_DEVICE) public void unregisterSecureLockDeviceStatusListener(@NonNull android.security.authenticationpolicy.AuthenticationPolicyManager.SecureLockDeviceStatusListener);
+18 −15
Original line number Original line Diff line number Diff line
@@ -63,7 +63,7 @@ import java.util.concurrent.Executor;
 *
 *
 * <p>
 * <p>
 * To check if the device meets the requirements to enable secure lock, call
 * To check if the device meets the requirements to enable secure lock, call
 * {@link #isSecureLockDeviceAvailable}. This will require the caller to have the
 * {@link #getSecureLockDeviceAvailability}. This will require the caller to have the
 * {@link android.Manifest.permission#MANAGE_SECURE_LOCK_DEVICE} permission.
 * {@link android.Manifest.permission#MANAGE_SECURE_LOCK_DEVICE} permission.
 *
 *
 * <p>
 * <p>
@@ -237,7 +237,7 @@ public final class AuthenticationPolicyManager {
            ERROR_INSUFFICIENT_BIOMETRICS,
            ERROR_INSUFFICIENT_BIOMETRICS,
    })
    })
    @Retention(RetentionPolicy.SOURCE)
    @Retention(RetentionPolicy.SOURCE)
    public @interface IsSecureLockDeviceAvailableRequestStatus {}
    public @interface GetSecureLockDeviceAvailabilityRequestStatus {}


    /** @hide */
    /** @hide */
    public AuthenticationPolicyManager(@NonNull Context context,
    public AuthenticationPolicyManager(@NonNull Context context,
@@ -266,12 +266,13 @@ public final class AuthenticationPolicyManager {
        /**
        /**
         * Called when the availability of secure lock device changes for the listening user.
         * Called when the availability of secure lock device changes for the listening user.
         * @param available An int of type
         * @param available An int of type
         * {@link AuthenticationPolicyManager.IsSecureLockDeviceAvailableRequestStatus} that
         * {@link AuthenticationPolicyManager.GetSecureLockDeviceAvailabilityRequestStatus} that
         *                  indicates if the listening user has the necessary requirements to
         *                  indicates if the listening user has the necessary requirements to
         *                  enable secure lock device ({@link #SUCCESS} if the user can enable
         *                  enable secure lock device ({@link #SUCCESS} if the user can enable
         *                  secure lock device).
         *                  secure lock device).
         */
         */
        void onSecureLockDeviceAvailableStatusChanged(int available);
        void onSecureLockDeviceAvailableStatusChanged(
                @GetSecureLockDeviceAvailabilityRequestStatus int available);
    }
    }


    /**
    /**
@@ -323,7 +324,8 @@ public final class AuthenticationPolicyManager {
            }
            }


            @Override
            @Override
            public void onSecureLockDeviceAvailableStatusChanged(int available) {
            public void onSecureLockDeviceAvailableStatusChanged(
                    @GetSecureLockDeviceAvailabilityRequestStatus int available) {
                if (!mSecureLockDeviceStatusListeners.containsKey(listener)) {
                if (!mSecureLockDeviceStatusListeners.containsKey(listener)) {
                    if (DEBUG) {
                    if (DEBUG) {
                        Log.d(TAG, "Listener " + listener + " no longer registered. Skipping "
                        Log.d(TAG, "Listener " + listener + " no longer registered. Skipping "
@@ -398,22 +400,23 @@ public final class AuthenticationPolicyManager {
     * Called by a privileged component to indicate if secure lock device is available for the
     * Called by a privileged component to indicate if secure lock device is available for the
     * calling user.
     * calling user.
     *
     *
     * @return {@link IsSecureLockDeviceAvailableRequestStatus} int indicating whether secure lock
     * @return {@link GetSecureLockDeviceAvailabilityRequestStatus} int indicating whether secure
     * device is available for the calling user. This will return {@link #SUCCESS} if the device
     * lock device is available for the calling user. This will return {@link #SUCCESS} if the
     * meets all requirements to enable secure lock device, {@link #ERROR_INSUFFICIENT_BIOMETRICS}
     * device meets all requirements to enable secure lock device,
     * if the device is missing a strong biometric enrollment, {@link #ERROR_NO_BIOMETRICS_ENROLLED}
     * {@link #ERROR_INSUFFICIENT_BIOMETRICS} if the device does not have a biometric sensor of
     * if the device has no biometric enrollments, or {@link #ERROR_UNSUPPORTED} if secure lock
     * sufficient strength, {@link #ERROR_NO_BIOMETRICS_ENROLLED} if the user does not have
     * enrollments on the strong biometric sensor, or {@link #ERROR_UNSUPPORTED} if secure lock
     * device is otherwise unsupported.
     * device is otherwise unsupported.
     *
     *
     * @hide
     * @hide
     */
     */
    @IsSecureLockDeviceAvailableRequestStatus
    @GetSecureLockDeviceAvailabilityRequestStatus
    @RequiresPermission(MANAGE_SECURE_LOCK_DEVICE)
    @RequiresPermission(MANAGE_SECURE_LOCK_DEVICE)
    @SystemApi
    @SystemApi
    @FlaggedApi(FLAG_SECURE_LOCK_DEVICE)
    @FlaggedApi(FLAG_SECURE_LOCK_DEVICE)
    public int isSecureLockDeviceAvailable() {
    public int getSecureLockDeviceAvailability() {
        try {
        try {
            return mAuthenticationPolicyService.isSecureLockDeviceAvailable(mContext.getUser());
            return mAuthenticationPolicyService.getSecureLockDeviceAvailability(mContext.getUser());
        } catch (RemoteException e) {
        } catch (RemoteException e) {
            throw e.rethrowFromSystemServer();
            throw e.rethrowFromSystemServer();
        }
        }
@@ -422,8 +425,8 @@ public final class AuthenticationPolicyManager {


    /**
    /**
     * Called by a privileged component to remotely enable secure lock on the device across all
     * Called by a privileged component to remotely enable secure lock on the device across all
     * users. This operation will first check {@link #isSecureLockDeviceAvailable()} to see if the
     * users. This operation will first check {@link #getSecureLockDeviceAvailability()} to see if
     * calling user meets the requirements to enable secure lock device, including a strong
     * the calling user meets the requirements to enable secure lock device, including a strong
     * biometric enrollment, and will return an error if not.
     * biometric enrollment, and will return an error if not.
     *
     *
     * Secure lock is an enhanced security state that restricts access to sensitive data (app
     * Secure lock is an enhanced security state that restricts access to sensitive data (app
+1 −1
Original line number Original line Diff line number Diff line
@@ -34,7 +34,7 @@ interface IAuthenticationPolicyService {
    int disableSecureLockDevice(in UserHandle user, in DisableSecureLockDeviceParams params);
    int disableSecureLockDevice(in UserHandle user, in DisableSecureLockDeviceParams params);


    @EnforcePermission("MANAGE_SECURE_LOCK_DEVICE")
    @EnforcePermission("MANAGE_SECURE_LOCK_DEVICE")
    int isSecureLockDeviceAvailable(in UserHandle user);
    int getSecureLockDeviceAvailability(in UserHandle user);


    @EnforcePermission("MANAGE_SECURE_LOCK_DEVICE")
    @EnforcePermission("MANAGE_SECURE_LOCK_DEVICE")
    boolean isSecureLockDeviceEnabled();
    boolean isSecureLockDeviceEnabled();
+1 −1
Original line number Original line Diff line number Diff line
@@ -30,7 +30,7 @@ oneway interface ISecureLockDeviceStatusListener {
    /**
    /**
     * Called when the availability of secure lock device changes for the listening user.
     * Called when the availability of secure lock device changes for the listening user.
     * @param available An int of type
     * @param available An int of type
     * {@link AuthenticationPolicyManager.IsSecureLockDeviceAvailableRequestStatus} that
     * {@link AuthenticationPolicyManager.GetSecureLockDeviceAvailabilityRequestStatus} that
     *                  indicates if the listening user has the necessary requirements to
     *                  indicates if the listening user has the necessary requirements to
     *                  enable secure lock device ({@link #SUCCESS} if the user can enable
     *                  enable secure lock device ({@link #SUCCESS} if the user can enable
     *                  secure lock device).
     *                  secure lock device).
+9 −9
Original line number Original line Diff line number Diff line
@@ -54,7 +54,7 @@ import android.proximity.IProximityResultCallback;
import android.security.authenticationpolicy.AuthenticationPolicyManager;
import android.security.authenticationpolicy.AuthenticationPolicyManager;
import android.security.authenticationpolicy.AuthenticationPolicyManager.DisableSecureLockDeviceRequestStatus;
import android.security.authenticationpolicy.AuthenticationPolicyManager.DisableSecureLockDeviceRequestStatus;
import android.security.authenticationpolicy.AuthenticationPolicyManager.EnableSecureLockDeviceRequestStatus;
import android.security.authenticationpolicy.AuthenticationPolicyManager.EnableSecureLockDeviceRequestStatus;
import android.security.authenticationpolicy.AuthenticationPolicyManager.IsSecureLockDeviceAvailableRequestStatus;
import android.security.authenticationpolicy.AuthenticationPolicyManager.GetSecureLockDeviceAvailabilityRequestStatus;
import android.security.authenticationpolicy.DisableSecureLockDeviceParams;
import android.security.authenticationpolicy.DisableSecureLockDeviceParams;
import android.security.authenticationpolicy.EnableSecureLockDeviceParams;
import android.security.authenticationpolicy.EnableSecureLockDeviceParams;
import android.security.authenticationpolicy.IAuthenticationPolicyService;
import android.security.authenticationpolicy.IAuthenticationPolicyService;
@@ -407,23 +407,23 @@ public class AuthenticationPolicyService extends SystemService {


    private final IBinder mService = new IAuthenticationPolicyService.Stub() {
    private final IBinder mService = new IAuthenticationPolicyService.Stub() {
        /**
        /**
         * @see AuthenticationPolicyManager#isSecureLockDeviceAvailable()
         * @see AuthenticationPolicyManager#getSecureLockDeviceAvailability()
         * @param user user associated with the calling context to check for secure lock device
         * @param user user associated with the calling context to check for secure lock device
         *             availability
         *             availability
         * @return {@link IsSecureLockDeviceAvailableRequestStatus} int indicating whether secure
         * @return {@link GetSecureLockDeviceAvailabilityRequestStatus} int indicating whether
         * lock device is available for the calling user
         * secure lock device is available for the calling user
         */
         */
        @Override
        @Override
        @EnforcePermission(MANAGE_SECURE_LOCK_DEVICE)
        @EnforcePermission(MANAGE_SECURE_LOCK_DEVICE)
        @IsSecureLockDeviceAvailableRequestStatus
        @GetSecureLockDeviceAvailabilityRequestStatus
        public int isSecureLockDeviceAvailable(UserHandle user) {
        public int getSecureLockDeviceAvailability(UserHandle user) {
            isSecureLockDeviceAvailable_enforcePermission();
            getSecureLockDeviceAvailability_enforcePermission();
            enforceCrossUserPermission(user, TAG + "#isSecureLockDeviceAvailable");
            enforceCrossUserPermission(user, TAG + "#getSecureLockDeviceAvailability");


            // Required for internal service to acquire necessary system permissions
            // Required for internal service to acquire necessary system permissions
            final long identity = Binder.clearCallingIdentity();
            final long identity = Binder.clearCallingIdentity();
            try {
            try {
                return mSecureLockDeviceService.isSecureLockDeviceAvailable(user);
                return mSecureLockDeviceService.getSecureLockDeviceAvailability(user);
            } finally {
            } finally {
                Binder.restoreCallingIdentity(identity);
                Binder.restoreCallingIdentity(identity);
            }
            }
Loading