Merge "Add fingerprint-specific API to KeyPairGeneratorSpec." (7e3a19ac) · Commits · e / os / android_frameworks_base

keystore/java/android/security/KeyPairGeneratorSpec.java

+39 −3

Original line number	Diff line number	Diff line
		@@ -97,6 +97,8 @@ public final class KeyPairGeneratorSpec implements AlgorithmParameterSpec {

		private final Integer mUserAuthenticationValidityDurationSeconds;

		private final boolean mInvalidatedOnNewFingerprintEnrolled;

		/**
		* Parameter specification for the "{@code AndroidKeyPairGenerator}"
		* instance of the {@link java.security.KeyPairGenerator} API. The
		@@ -142,7 +144,8 @@ public final class KeyPairGeneratorSpec implements AlgorithmParameterSpec {
		Integer minSecondsBetweenOperations,
		Integer maxUsesPerBoot,
		Set<Integer> userAuthenticators,
		Integer userAuthenticationValidityDurationSeconds) {
		Integer userAuthenticationValidityDurationSeconds,
		boolean invalidatedOnNewFingerprintEnrolled) {
		if (context == null) {
		throw new IllegalArgumentException("context == null");
		} else if (TextUtils.isEmpty(keyStoreAlias)) {
		@@ -186,6 +189,7 @@ public final class KeyPairGeneratorSpec implements AlgorithmParameterSpec {
		? new HashSet<Integer>(userAuthenticators)
		: Collections.<Integer>emptySet();
		mUserAuthenticationValidityDurationSeconds = userAuthenticationValidityDurationSeconds;
		mInvalidatedOnNewFingerprintEnrolled = invalidatedOnNewFingerprintEnrolled;
		}

		/**
		@@ -197,7 +201,7 @@ public final class KeyPairGeneratorSpec implements AlgorithmParameterSpec {
		Date startDate, Date endDate, int flags) {
		this(context, keyStoreAlias, keyType, keySize, spec, subjectDN, serialNumber, startDate,
		endDate, flags, startDate, endDate, endDate, null, null, null, null, null, null,
		null, null);
		null, null, false);
		}

		/**
		@@ -425,6 +429,19 @@ public final class KeyPairGeneratorSpec implements AlgorithmParameterSpec {
		return mUserAuthenticationValidityDurationSeconds;
		}

		/**
		* Returns {@code true} if this key must be permanently invalidated once a new fingerprint is
		* enrolled. This constraint only has effect if fingerprint reader is one of the user
		* authenticators protecting access to this key.
		*
		* @see #getUserAuthenticators()
		*
		* @hide
		*/
		public boolean isInvalidatedOnNewFingerprintEnrolled() {
		return mInvalidatedOnNewFingerprintEnrolled;
		}

		/**
		* Builder class for {@link KeyPairGeneratorSpec} objects.
		* <p>
		@@ -489,6 +506,8 @@ public final class KeyPairGeneratorSpec implements AlgorithmParameterSpec {

		private Integer mUserAuthenticationValidityDurationSeconds;

		private boolean mInvalidatedOnNewFingerprintEnrolled;

		/**
		* Creates a new instance of the {@code Builder} with the given
		* {@code context}. The {@code context} passed in may be used to pop up
		@@ -799,6 +818,22 @@ public final class KeyPairGeneratorSpec implements AlgorithmParameterSpec {
		return this;
		}

		/**
		* Sets whether this key must be invalidated (permanently) once a new fingerprint is
		* enrolled. This only has effect if fingerprint reader is one of the user authenticators
		* protecting access to the key.
		*
		* <p>By default, enrolling a new fingerprint does not invalidate the key.
		*
		* @see #setUserAuthenticators(Set)
		*
		* @hide
		*/
		public Builder setInvalidatedOnNewFingerprintEnrolled(boolean invalidated) {
		mInvalidatedOnNewFingerprintEnrolled = invalidated;
		return this;
		}

		/**
		* Builds the instance of the {@code KeyPairGeneratorSpec}.
		*
		@@ -826,7 +861,8 @@ public final class KeyPairGeneratorSpec implements AlgorithmParameterSpec {
		mMinSecondsBetweenOperations,
		mMaxUsesPerBoot,
		mUserAuthenticators,
		mUserAuthenticationValidityDurationSeconds);
		mUserAuthenticationValidityDurationSeconds,
		mInvalidatedOnNewFingerprintEnrolled);
		}
		}
		}