Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 2f4c9957 authored by David Zeuthen's avatar David Zeuthen Committed by Automerger Merge Worker
Browse files

Merge "PackageManager: Add FEATURE_HARDWARE_KEYSTORE, modify... 

Merge "PackageManager: Add FEATURE_HARDWARE_KEYSTORE, modify FEATURE_STRONGBOX_KEYSTORE." am: b0a08c82 am: a911b5da am: d91def89 am: 0b2f572e

Original change: https://android-review.googlesource.com/c/platform/frameworks/base/+/1626660

Change-Id: I997d13be8b50aa4bb3f9b954acddf678db7e487a
parents a0f5dca7 0b2f572e

core/api/current.txt

+1 −0
Original line number Diff line number Diff line
@@ -12608,6 +12608,7 @@ package android.content.pm { 
    field public static final String FEATURE_FINGERPRINT = "android.hardware.fingerprint";

    field public static final String FEATURE_FREEFORM_WINDOW_MANAGEMENT = "android.software.freeform_window_management";

    field public static final String FEATURE_GAMEPAD = "android.hardware.gamepad";

    field public static final String FEATURE_HARDWARE_KEYSTORE = "android.hardware.hardware_keystore";

    field public static final String FEATURE_HIFI_SENSORS = "android.hardware.sensor.hifi_sensors";

    field public static final String FEATURE_HOME_SCREEN = "android.software.home_screen";

    field public static final String FEATURE_IDENTITY_CREDENTIAL_HARDWARE = "android.hardware.identity_credential";

core/java/android/content/pm/PackageManager.java

+51 −2
Original line number Diff line number Diff line
@@ -3511,8 +3511,57 @@ public abstract class PackageManager { 
    public static final String FEATURE_VR_HEADTRACKING = "android.hardware.vr.headtracking";



    /**

     * Feature for {@link #getSystemAvailableFeatures} and {@link #hasSystemFeature}:

     * The device has a StrongBox hardware-backed Keystore.

     * Feature for {@link #getSystemAvailableFeatures} and

     * {@link #hasSystemFeature(String, int)}: If this feature is supported, the device implements

     * the Android Keystore backed by an isolated execution environment. The version indicates

     * which features are implemented in the isolated execution environment:

     * <ul>

     * <li>100: Hardware support for ECDH (see {@link javax.crypto.KeyAgreement}) and support

     * for app-generated attestation keys (see {@link

     * android.security.keystore.KeyGenParameterSpec.Builder#setAttestKeyAlias(String)}).

     * <li>41: Hardware enforcement of device-unlocked keys (see {@link

     * android.security.keystore.KeyGenParameterSpec.Builder#setUnlockedDeviceRequired(boolean)}).

     * <li>40: Support for wrapped key import (see {@link

     * android.security.keystore.WrappedKeyEntry}), optional support for ID attestation (see {@link

     * android.security.keystore.KeyGenParameterSpec.Builder#setDevicePropertiesAttestationIncluded(boolean)}),

     * attestation (see {@link

     * android.security.keystore.KeyGenParameterSpec.Builder#setAttestationChallenge(byte[])}),

     * AES, HMAC, ECDSA and RSA support where the secret or private key never leaves secure

     * hardware, and support for requiring user authentication before a key can be used.

     * </ul>

     * This feature version is guaranteed to be set for all devices launching with Android 12 and

     * may be set on devices launching with an earlier version. If the feature version is set, it

     * will at least have the value 40. If it's not set the device may have a version of

     * hardware-backed keystore but it may not support all features listed above.

     */

    @SdkConstant(SdkConstantType.FEATURE)

    public static final String FEATURE_HARDWARE_KEYSTORE = "android.hardware.hardware_keystore";



    /**

     * Feature for {@link #getSystemAvailableFeatures}, {@link #hasSystemFeature(String)}, and

     * {@link #hasSystemFeature(String, int)}: If this feature is supported, the device implements

     * the Android Keystore backed by a dedicated secure processor referred to as

     * <a href="https://source.android.com/security/best-practices/hardware#strongbox-keymaster">

     * StrongBox</a>. If this feature has a version, the version number indicates which features are

     * implemented in StrongBox:

     * <ul>

     * <li>100: Hardware support for ECDH (see {@link javax.crypto.KeyAgreement}) and support

     * for app-generated attestation keys (see {@link

     * android.security.keystore.KeyGenParameterSpec.Builder#setAttestKeyAlias(String)}).

     * <li>41: Hardware enforcement of device-unlocked keys (see {@link

     * android.security.keystore.KeyGenParameterSpec.Builder#setUnlockedDeviceRequired(boolean)}).

     * <li>40: Support for wrapped key import (see {@link

     * android.security.keystore.WrappedKeyEntry}), optional support for ID attestation (see {@link

     * android.security.keystore.KeyGenParameterSpec.Builder#setDevicePropertiesAttestationIncluded(boolean)}),

     * attestation (see {@link

     * android.security.keystore.KeyGenParameterSpec.Builder#setAttestationChallenge(byte[])}),

     * AES, HMAC, ECDSA and RSA support where the secret or private key never leaves secure

     * hardware, and support for requiring user authentication before a key can be used.

     * </ul>

     * If a device has StrongBox, this feature version number is guaranteed to be set for all

     * devices launching with Android 12 and may be set on devices launching with an earlier

     * version. If the feature version is set, it will at least have the value 40. If it's not

     * set the device may have StrongBox but it may not support all features listed above.

     */

    @SdkConstant(SdkConstantType.FEATURE)

    public static final String FEATURE_STRONGBOX_KEYSTORE =