Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 2d6a48ab authored by Automerger Merge Worker's avatar Automerger Merge Worker
Browse files

Merge "Fixing default behavior for keys requiring auth" into rvc-dev am: 27deb3b7 am: 80272c82 

Change-Id: I18877c66e0bad767b92048d3ea824dd6872e52f5
parents 112742c0 80272c82

keystore/java/android/security/keystore/KeyGenParameterSpec.java

+5 −3
Original line number Diff line number Diff line
@@ -764,8 +764,9 @@ public final class KeyGenParameterSpec implements AlgorithmParameterSpec, UserAu 
        private @KeyProperties.BlockModeEnum String[] mBlockModes;

        private boolean mRandomizedEncryptionRequired = true;

        private boolean mUserAuthenticationRequired;

        private int mUserAuthenticationValidityDurationSeconds = -1;

        private @KeyProperties.AuthEnum int mUserAuthenticationType;

        private int mUserAuthenticationValidityDurationSeconds = 0;

        private @KeyProperties.AuthEnum int mUserAuthenticationType =

                KeyProperties.AUTH_BIOMETRIC_STRONG;

        private boolean mUserPresenceRequired = false;

        private byte[] mAttestationChallenge = null;

        private boolean mUniqueIdIncluded = false;
@@ -1240,7 +1241,8 @@ public final class KeyGenParameterSpec implements AlgorithmParameterSpec, UserAu 
            if (seconds == -1) {

                return setUserAuthenticationParameters(0, KeyProperties.AUTH_BIOMETRIC_STRONG);

            }

            return setUserAuthenticationParameters(seconds, KeyProperties.AUTH_BIOMETRIC_STRONG);

            return setUserAuthenticationParameters(seconds, KeyProperties.AUTH_DEVICE_CREDENTIAL

                                                            | KeyProperties.AUTH_BIOMETRIC_STRONG);

        }



        /**

keystore/java/android/security/keystore/KeyProtection.java

+5 −3
Original line number Diff line number Diff line
@@ -562,8 +562,9 @@ public final class KeyProtection implements ProtectionParameter, UserAuthArgs { 
        private @KeyProperties.BlockModeEnum String[] mBlockModes;

        private boolean mRandomizedEncryptionRequired = true;

        private boolean mUserAuthenticationRequired;

        private @KeyProperties.AuthEnum int mUserAuthenticationType;

        private int mUserAuthenticationValidityDurationSeconds = -1;

        private int mUserAuthenticationValidityDurationSeconds = 0;

        private @KeyProperties.AuthEnum int mUserAuthenticationType =

                KeyProperties.AUTH_BIOMETRIC_STRONG;

        private boolean mUserPresenceRequired = false;

        private boolean mUserAuthenticationValidWhileOnBody;

        private boolean mInvalidatedByBiometricEnrollment = true;
@@ -870,7 +871,8 @@ public final class KeyProtection implements ProtectionParameter, UserAuthArgs { 
            if (seconds == -1) {

                return setUserAuthenticationParameters(0, KeyProperties.AUTH_BIOMETRIC_STRONG);

            }

            return setUserAuthenticationParameters(seconds, KeyProperties.AUTH_BIOMETRIC_STRONG);

            return setUserAuthenticationParameters(seconds, KeyProperties.AUTH_DEVICE_CREDENTIAL

                                                            | KeyProperties.AUTH_BIOMETRIC_STRONG);

        }



        /**

keystore/java/android/security/keystore/KeymasterUtils.java

+1 −2
Original line number Diff line number Diff line
@@ -165,8 +165,7 @@ public abstract class KeymasterUtils { 
            }

            args.addUnsignedLong(KeymasterDefs.KM_TAG_USER_SECURE_ID,

                    KeymasterArguments.toUint64(sid));

            args.addEnum(KeymasterDefs.KM_TAG_USER_AUTH_TYPE,

                    KeymasterDefs.HW_AUTH_PASSWORD | KeymasterDefs.HW_AUTH_BIOMETRIC);

            args.addEnum(KeymasterDefs.KM_TAG_USER_AUTH_TYPE, spec.getUserAuthenticationType());

            args.addUnsignedInt(KeymasterDefs.KM_TAG_AUTH_TIMEOUT,

                    spec.getUserAuthenticationValidityDurationSeconds());

            if (spec.isUserAuthenticationValidWhileOnBody()) {