Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 7662e81e authored by Janis Danisevskis's avatar Janis Danisevskis Committed by Automerger Merge Worker
Browse files

Merge "Keystore 2.0 SPI: Update KeyInfo and KeyGenParameterSpec" am: 17f24b57 am: 7d49ae70 

Original change: https://android-review.googlesource.com/c/platform/frameworks/base/+/1470091

Change-Id: I6c7bf795d40f6cb28d86b84bbe1162438322301c
parents 8365756b 7d49ae70

api/current.txt

+2 −1
Original line number Diff line number Diff line
@@ -42821,10 +42821,11 @@ package android.security.keystore { 
    method public String getKeystoreAlias();

    method public int getOrigin();

    method public int getPurposes();

    method public int getSecurityLevel();

    method @NonNull public String[] getSignaturePaddings();

    method public int getUserAuthenticationType();

    method public int getUserAuthenticationValidityDurationSeconds();

    method public boolean isInsideSecureHardware();

    method @Deprecated public boolean isInsideSecureHardware();

    method public boolean isInvalidatedByBiometricEnrollment();

    method public boolean isTrustedUserPresenceRequired();

    method public boolean isUserAuthenticationRequired();

api/system-current.txt

+6 −1
Original line number Diff line number Diff line
@@ -9377,8 +9377,13 @@ package android.security.keystore { 
    ctor public DeviceIdAttestationException(@Nullable String, @Nullable Throwable);

  }













  public final class KeyGenParameterSpec implements java.security.spec.AlgorithmParameterSpec {













    method public int getNamespace();













  }



























  public static final class KeyGenParameterSpec.Builder {













    method @NonNull public android.security.keystore.KeyGenParameterSpec.Builder setUid(int);













    method @NonNull public android.security.keystore.KeyGenParameterSpec.Builder setNamespace(int);













    method @Deprecated @NonNull public android.security.keystore.KeyGenParameterSpec.Builder setUid(int);















  }





























}

























core/api/current.txt



+2
−1




























Original line number
Diff line number
Diff line








@@ -40989,10 +40989,11 @@ package android.security.keystore {













    method public String getKeystoreAlias();















    method public int getOrigin();















    method public int getPurposes();













    method public int getSecurityLevel();















    method @NonNull public String[] getSignaturePaddings();















    method public int getUserAuthenticationType();















    method public int getUserAuthenticationValidityDurationSeconds();













    method public boolean isInsideSecureHardware();













    method @Deprecated public boolean isInsideSecureHardware();















    method public boolean isInvalidatedByBiometricEnrollment();















    method public boolean isTrustedUserPresenceRequired();















    method public boolean isUserAuthenticationRequired();

























core/api/system-current.txt



+6
−1




























Original line number
Diff line number
Diff line








@@ -8259,8 +8259,13 @@ package android.security.keystore {













    ctor public DeviceIdAttestationException(@Nullable String, @Nullable Throwable);















  }



























  public final class KeyGenParameterSpec implements java.security.spec.AlgorithmParameterSpec {













    method public int getNamespace();













  }



























  public static final class KeyGenParameterSpec.Builder {













    method @NonNull public android.security.keystore.KeyGenParameterSpec.Builder setUid(int);













    method @NonNull public android.security.keystore.KeyGenParameterSpec.Builder setNamespace(int);













    method @Deprecated @NonNull public android.security.keystore.KeyGenParameterSpec.Builder setUid(int);















  }





























}

























keystore/java/android/security/keystore/AndroidKeyStoreProvider.java



+26
−0




























Original line number
Diff line number
Diff line








@@ -23,6 +23,7 @@ import android.security.KeyStore;













import android.security.keymaster.ExportResult;















import android.security.keymaster.KeyCharacteristics;















import android.security.keymaster.KeymasterDefs;













import android.sysprop.Keystore2Properties;































import java.io.IOException;















import java.security.KeyFactory;










@@ -111,6 +112,26 @@ public class AndroidKeyStoreProvider extends Provider {













        putSecretKeyFactoryImpl("HmacSHA512");















    }





























    private static boolean sKeystore2Enabled;



























    /**













     * This function indicates whether or not Keystore 2.0 is enabled. Some parts of the













     * Keystore SPI must behave subtly differently when Keystore 2.0 is enabled. However,













     * the platform property that indicates that Keystore 2.0 is enabled is not readable













     * by applications. So we set this value when {@code install()} is called because it













     * is called by zygote, which can access Keystore2Properties.













     *













     * This function can be removed once the transition to Keystore 2.0 is complete.













     * b/171305684













     *













     * @return true if Keystore 2.0 is enabled.













     * @hide













     */













    public static boolean isKeystore2Enabled() {













        return sKeystore2Enabled;













    }











































    /**















     * Installs a new instance of this provider (and the















     * {@link AndroidKeyStoreBCWorkaroundProvider}).










@@ -138,6 +159,11 @@ public class AndroidKeyStoreProvider extends Provider {













            // priority.















            Security.addProvider(workaroundProvider);















        }



























        // {@code install()} is run by zygote when this property is still accessible. We store its













        // value so that the Keystore SPI can act accordingly without having to access an internal













        // property.













        sKeystore2Enabled = Keystore2Properties.keystore2_enabled().orElse(false);















    }































    private void putSecretKeyFactoryImpl(String algorithm) {