Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 8ec1eb1e authored by Eric Biggers's avatar Eric Biggers Committed by Gerrit Code Review
Browse files

Merge changes from topic "offbody-key-expiration" into main 

* changes:
  Remove onDeviceOffBody()
  Document that setUserAuthenticationValidWhileOnBody() doesn't actually work
parents c8ad1861 3d2020c8

keystore/java/android/security/AndroidKeyStoreMaintenance.java

+0 −14
Original line number Diff line number Diff line
@@ -174,20 +174,6 @@ public class AndroidKeyStoreMaintenance { 
        }

    }



    /**

     * Informs Keystore 2.0 that an off body event was detected.

     */

    public static void onDeviceOffBody() {

        StrictMode.noteDiskWrite();

        try {

            getService().onDeviceOffBody();

        } catch (Exception e) {

            // TODO This fails open. This is not a regression with respect to keystore1 but it

            //      should get fixed.

            Log.e(TAG, "Error while reporting device off body event.", e);

        }

    }



    /**

     * Migrates a key given by the source descriptor to the location designated by the destination

     * descriptor.

keystore/java/android/security/KeyStore.java

+0 −7
Original line number Diff line number Diff line
@@ -56,11 +56,4 @@ public class KeyStore { 


        return Authorization.addAuthToken(authToken);

    }



    /**

     * Notify keystore that the device went off-body.

     */

    public void onDeviceOffBody() {

        AndroidKeyStoreMaintenance.onDeviceOffBody();

    }

}

keystore/java/android/security/keystore/KeyGenParameterSpec.java

+9 −9
Original line number Diff line number Diff line
@@ -1670,16 +1670,16 @@ public final class KeyGenParameterSpec implements AlgorithmParameterSpec, UserAu 
         * {@link #setUserAuthenticationValidityDurationSeconds} and

         * {@link #setUserAuthenticationRequired}). Once the device has been removed from the

         * user's body, the key will be considered unauthorized and the user will need to

         * re-authenticate to use it. For keys without an authentication validity period this

         * parameter has no effect.

         *

         * <p>Similarly, on devices that do not have an on-body sensor, this parameter will have no

         * effect; the device will always be considered to be "on-body" and the key will therefore

         * remain authorized until the validity period ends.

         * re-authenticate to use it. If the device does not have an on-body sensor or the key does

         * not have an authentication validity period, this parameter has no effect.

         * <p>

         * Since Android 12 (API level 31), this parameter has no effect even on devices that have

         * an on-body sensor. A future version of Android may restore enforcement of this parameter.

         * Meanwhile, it is recommended to not use it.

         *

         * @param remainsValid if {@code true}, and if the device supports on-body detection, key

         * will be invalidated when the device is removed from the user's body or when the

         * authentication validity expires, whichever occurs first.

         * @param remainsValid if {@code true}, and if the device supports enforcement of this

         * parameter, the key will be invalidated when the device is removed from the user's body or

         * when the authentication validity expires, whichever occurs first.

         */

        @NonNull

        public Builder setUserAuthenticationValidWhileOnBody(boolean remainsValid) {

keystore/java/android/security/keystore/KeyProtection.java

+9 −9
Original line number Diff line number Diff line
@@ -1037,16 +1037,16 @@ public final class KeyProtection implements ProtectionParameter, UserAuthArgs { 
         * {@link #setUserAuthenticationValidityDurationSeconds} and

         * {@link #setUserAuthenticationRequired}). Once the device has been removed from the

         * user's body, the key will be considered unauthorized and the user will need to

         * re-authenticate to use it. For keys without an authentication validity period this

         * parameter has no effect.

         *

         * <p>Similarly, on devices that do not have an on-body sensor, this parameter will have no

         * effect; the device will always be considered to be "on-body" and the key will therefore

         * remain authorized until the validity period ends.

         * re-authenticate to use it. If the device does not have an on-body sensor or the key does

         * not have an authentication validity period, this parameter has no effect.

         * <p>

         * Since Android 12 (API level 31), this parameter has no effect even on devices that have

         * an on-body sensor. A future version of Android may restore enforcement of this parameter.

         * Meanwhile, it is recommended to not use it.

         *

         * @param remainsValid if {@code true}, and if the device supports on-body detection, key

         * will be invalidated when the device is removed from the user's body or when the

         * authentication validity expires, whichever occurs first.

         * @param remainsValid if {@code true}, and if the device supports enforcement of this

         * parameter, the key will be invalidated when the device is removed from the user's body or

         * when the authentication validity expires, whichever occurs first.

         */

        @NonNull

        public Builder setUserAuthenticationValidWhileOnBody(boolean remainsValid) {