Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 3f5fd1db authored by Shawn Willden's avatar Shawn Willden Committed by Android (Google) Code Review
Browse files

Merge "Revert "Revert "Add option to allow key validity after fingerprint... 

Merge "Revert "Revert "Add option to allow key validity after fingerprint enrollment.""" into nyc-dev
parents 0df7c98a c38eae52

api/current.txt

+5 −0
Original line number Diff line number Diff line
@@ -34115,6 +34115,7 @@ package android.security.keystore { 
    method public java.lang.String[] getSignaturePaddings();

    method public int getUserAuthenticationValidityDurationSeconds();

    method public boolean isDigestsSpecified();

    method public boolean isInvalidatedByBiometricEnrollment();

    method public boolean isRandomizedEncryptionRequired();

    method public boolean isUserAuthenticationRequired();

    method public boolean isUserAuthenticationValidWhileOnBody();
@@ -34132,6 +34133,7 @@ package android.security.keystore { 
    method public android.security.keystore.KeyGenParameterSpec.Builder setCertificateSubject(javax.security.auth.x500.X500Principal);

    method public android.security.keystore.KeyGenParameterSpec.Builder setDigests(java.lang.String...);

    method public android.security.keystore.KeyGenParameterSpec.Builder setEncryptionPaddings(java.lang.String...);

    method public android.security.keystore.KeyGenParameterSpec.Builder setInvalidatedByBiometricEnrollment(boolean);

    method public android.security.keystore.KeyGenParameterSpec.Builder setKeySize(int);

    method public android.security.keystore.KeyGenParameterSpec.Builder setKeyValidityEnd(java.util.Date);

    method public android.security.keystore.KeyGenParameterSpec.Builder setKeyValidityForConsumptionEnd(java.util.Date);
@@ -34158,6 +34160,7 @@ package android.security.keystore { 
    method public java.lang.String[] getSignaturePaddings();

    method public int getUserAuthenticationValidityDurationSeconds();

    method public boolean isInsideSecureHardware();

    method public boolean isInvalidatedByBiometricEnrollment();

    method public boolean isUserAuthenticationRequired();

    method public boolean isUserAuthenticationRequirementEnforcedBySecureHardware();

    method public boolean isUserAuthenticationValidWhileOnBody();
@@ -34221,6 +34224,7 @@ package android.security.keystore { 
    method public java.lang.String[] getSignaturePaddings();

    method public int getUserAuthenticationValidityDurationSeconds();

    method public boolean isDigestsSpecified();

    method public boolean isInvalidatedByBiometricEnrollment();

    method public boolean isRandomizedEncryptionRequired();

    method public boolean isUserAuthenticationRequired();

    method public boolean isUserAuthenticationValidWhileOnBody();
@@ -34232,6 +34236,7 @@ package android.security.keystore { 
    method public android.security.keystore.KeyProtection.Builder setBlockModes(java.lang.String...);

    method public android.security.keystore.KeyProtection.Builder setDigests(java.lang.String...);

    method public android.security.keystore.KeyProtection.Builder setEncryptionPaddings(java.lang.String...);

    method public android.security.keystore.KeyProtection.Builder setInvalidatedByBiometricEnrollment(boolean);

    method public android.security.keystore.KeyProtection.Builder setKeyValidityEnd(java.util.Date);

    method public android.security.keystore.KeyProtection.Builder setKeyValidityForConsumptionEnd(java.util.Date);

    method public android.security.keystore.KeyProtection.Builder setKeyValidityForOriginationEnd(java.util.Date);

api/system-current.txt

+5 −0
Original line number Diff line number Diff line
@@ -36621,6 +36621,7 @@ package android.security.keystore { 
    method public java.lang.String[] getSignaturePaddings();

    method public int getUserAuthenticationValidityDurationSeconds();

    method public boolean isDigestsSpecified();

    method public boolean isInvalidatedByBiometricEnrollment();

    method public boolean isRandomizedEncryptionRequired();

    method public boolean isUserAuthenticationRequired();

    method public boolean isUserAuthenticationValidWhileOnBody();
@@ -36638,6 +36639,7 @@ package android.security.keystore { 
    method public android.security.keystore.KeyGenParameterSpec.Builder setCertificateSubject(javax.security.auth.x500.X500Principal);

    method public android.security.keystore.KeyGenParameterSpec.Builder setDigests(java.lang.String...);

    method public android.security.keystore.KeyGenParameterSpec.Builder setEncryptionPaddings(java.lang.String...);

    method public android.security.keystore.KeyGenParameterSpec.Builder setInvalidatedByBiometricEnrollment(boolean);

    method public android.security.keystore.KeyGenParameterSpec.Builder setKeySize(int);

    method public android.security.keystore.KeyGenParameterSpec.Builder setKeyValidityEnd(java.util.Date);

    method public android.security.keystore.KeyGenParameterSpec.Builder setKeyValidityForConsumptionEnd(java.util.Date);
@@ -36664,6 +36666,7 @@ package android.security.keystore { 
    method public java.lang.String[] getSignaturePaddings();

    method public int getUserAuthenticationValidityDurationSeconds();

    method public boolean isInsideSecureHardware();

    method public boolean isInvalidatedByBiometricEnrollment();

    method public boolean isUserAuthenticationRequired();

    method public boolean isUserAuthenticationRequirementEnforcedBySecureHardware();

    method public boolean isUserAuthenticationValidWhileOnBody();
@@ -36727,6 +36730,7 @@ package android.security.keystore { 
    method public java.lang.String[] getSignaturePaddings();

    method public int getUserAuthenticationValidityDurationSeconds();

    method public boolean isDigestsSpecified();

    method public boolean isInvalidatedByBiometricEnrollment();

    method public boolean isRandomizedEncryptionRequired();

    method public boolean isUserAuthenticationRequired();

    method public boolean isUserAuthenticationValidWhileOnBody();
@@ -36738,6 +36742,7 @@ package android.security.keystore { 
    method public android.security.keystore.KeyProtection.Builder setBlockModes(java.lang.String...);

    method public android.security.keystore.KeyProtection.Builder setDigests(java.lang.String...);

    method public android.security.keystore.KeyProtection.Builder setEncryptionPaddings(java.lang.String...);

    method public android.security.keystore.KeyProtection.Builder setInvalidatedByBiometricEnrollment(boolean);

    method public android.security.keystore.KeyProtection.Builder setKeyValidityEnd(java.util.Date);

    method public android.security.keystore.KeyProtection.Builder setKeyValidityForConsumptionEnd(java.util.Date);

    method public android.security.keystore.KeyProtection.Builder setKeyValidityForOriginationEnd(java.util.Date);

api/test-current.txt

+5 −0
Original line number Diff line number Diff line
@@ -34130,6 +34130,7 @@ package android.security.keystore { 
    method public java.lang.String[] getSignaturePaddings();

    method public int getUserAuthenticationValidityDurationSeconds();

    method public boolean isDigestsSpecified();

    method public boolean isInvalidatedByBiometricEnrollment();

    method public boolean isRandomizedEncryptionRequired();

    method public boolean isUserAuthenticationRequired();

    method public boolean isUserAuthenticationValidWhileOnBody();
@@ -34147,6 +34148,7 @@ package android.security.keystore { 
    method public android.security.keystore.KeyGenParameterSpec.Builder setCertificateSubject(javax.security.auth.x500.X500Principal);

    method public android.security.keystore.KeyGenParameterSpec.Builder setDigests(java.lang.String...);

    method public android.security.keystore.KeyGenParameterSpec.Builder setEncryptionPaddings(java.lang.String...);

    method public android.security.keystore.KeyGenParameterSpec.Builder setInvalidatedByBiometricEnrollment(boolean);

    method public android.security.keystore.KeyGenParameterSpec.Builder setKeySize(int);

    method public android.security.keystore.KeyGenParameterSpec.Builder setKeyValidityEnd(java.util.Date);

    method public android.security.keystore.KeyGenParameterSpec.Builder setKeyValidityForConsumptionEnd(java.util.Date);
@@ -34173,6 +34175,7 @@ package android.security.keystore { 
    method public java.lang.String[] getSignaturePaddings();

    method public int getUserAuthenticationValidityDurationSeconds();

    method public boolean isInsideSecureHardware();

    method public boolean isInvalidatedByBiometricEnrollment();

    method public boolean isUserAuthenticationRequired();

    method public boolean isUserAuthenticationRequirementEnforcedBySecureHardware();

    method public boolean isUserAuthenticationValidWhileOnBody();
@@ -34236,6 +34239,7 @@ package android.security.keystore { 
    method public java.lang.String[] getSignaturePaddings();

    method public int getUserAuthenticationValidityDurationSeconds();

    method public boolean isDigestsSpecified();

    method public boolean isInvalidatedByBiometricEnrollment();

    method public boolean isRandomizedEncryptionRequired();

    method public boolean isUserAuthenticationRequired();

    method public boolean isUserAuthenticationValidWhileOnBody();
@@ -34247,6 +34251,7 @@ package android.security.keystore { 
    method public android.security.keystore.KeyProtection.Builder setBlockModes(java.lang.String...);

    method public android.security.keystore.KeyProtection.Builder setDigests(java.lang.String...);

    method public android.security.keystore.KeyProtection.Builder setEncryptionPaddings(java.lang.String...);

    method public android.security.keystore.KeyProtection.Builder setInvalidatedByBiometricEnrollment(boolean);

    method public android.security.keystore.KeyProtection.Builder setKeyValidityEnd(java.util.Date);

    method public android.security.keystore.KeyProtection.Builder setKeyValidityForConsumptionEnd(java.util.Date);

    method public android.security.keystore.KeyProtection.Builder setKeyValidityForOriginationEnd(java.util.Date);

keystore/java/android/security/keystore/AndroidKeyStoreKeyGeneratorSpi.java

+4 −2
Original line number Diff line number Diff line
@@ -234,7 +234,8 @@ public abstract class AndroidKeyStoreKeyGeneratorSpi extends KeyGeneratorSpi { 
                KeymasterUtils.addUserAuthArgs(new KeymasterArguments(),

                        spec.isUserAuthenticationRequired(),

                        spec.getUserAuthenticationValidityDurationSeconds(),

                        spec.isUserAuthenticationValidWhileOnBody());

                        spec.isUserAuthenticationValidWhileOnBody(),

                        spec.isInvalidatedByBiometricEnrollment());

            } catch (IllegalStateException | IllegalArgumentException e) {

                throw new InvalidAlgorithmParameterException(e);

            }
@@ -273,7 +274,8 @@ public abstract class AndroidKeyStoreKeyGeneratorSpi extends KeyGeneratorSpi { 
        KeymasterUtils.addUserAuthArgs(args,

                spec.isUserAuthenticationRequired(),

                spec.getUserAuthenticationValidityDurationSeconds(),

                spec.isUserAuthenticationValidWhileOnBody());

                spec.isUserAuthenticationValidWhileOnBody(),

                spec.isInvalidatedByBiometricEnrollment());

        KeymasterUtils.addMinMacLengthAuthorizationIfNecessary(

                args,

                mKeymasterAlgorithm,

keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java

+4 −2
Original line number Diff line number Diff line
@@ -345,7 +345,8 @@ public abstract class AndroidKeyStoreKeyPairGeneratorSpi extends KeyPairGenerato 
                KeymasterUtils.addUserAuthArgs(new KeymasterArguments(),

                        mSpec.isUserAuthenticationRequired(),

                        mSpec.getUserAuthenticationValidityDurationSeconds(),

                        mSpec.isUserAuthenticationValidWhileOnBody());

                        mSpec.isUserAuthenticationValidWhileOnBody(),

                        mSpec.isInvalidatedByBiometricEnrollment());

            } catch (IllegalArgumentException | IllegalStateException e) {

                throw new InvalidAlgorithmParameterException(e);

            }
@@ -531,7 +532,8 @@ public abstract class AndroidKeyStoreKeyPairGeneratorSpi extends KeyPairGenerato 
        KeymasterUtils.addUserAuthArgs(args,

                mSpec.isUserAuthenticationRequired(),

                mSpec.getUserAuthenticationValidityDurationSeconds(),

                mSpec.isUserAuthenticationValidWhileOnBody());

                mSpec.isUserAuthenticationValidWhileOnBody(),

                mSpec.isInvalidatedByBiometricEnrollment());

        args.addDateIfNotNull(KeymasterDefs.KM_TAG_ACTIVE_DATETIME, mSpec.getKeyValidityStart());

        args.addDateIfNotNull(KeymasterDefs.KM_TAG_ORIGINATION_EXPIRE_DATETIME,

                mSpec.getKeyValidityForOriginationEnd());