Add option to allow key validity after fingerprint enrollment. (ada0fc1b) · Commits · e / os / android_frameworks_base

api/current.txt

+5 −0

Original line number	Diff line number	Diff line
		@@ -34092,6 +34092,7 @@ package android.security.keystore {
		method public java.lang.String[] getSignaturePaddings();
		method public int getUserAuthenticationValidityDurationSeconds();
		method public boolean isDigestsSpecified();
		method public boolean isInvalidatedByBiometricEnrollment();
		method public boolean isRandomizedEncryptionRequired();
		method public boolean isUserAuthenticationRequired();
		method public boolean isUserAuthenticationValidWhileOnBody();
		@@ -34109,6 +34110,7 @@ package android.security.keystore {
		method public android.security.keystore.KeyGenParameterSpec.Builder setCertificateSubject(javax.security.auth.x500.X500Principal);
		method public android.security.keystore.KeyGenParameterSpec.Builder setDigests(java.lang.String...);
		method public android.security.keystore.KeyGenParameterSpec.Builder setEncryptionPaddings(java.lang.String...);
		method public android.security.keystore.KeyGenParameterSpec.Builder setInvalidatedByBiometricEnrollment(boolean);
		method public android.security.keystore.KeyGenParameterSpec.Builder setKeySize(int);
		method public android.security.keystore.KeyGenParameterSpec.Builder setKeyValidityEnd(java.util.Date);
		method public android.security.keystore.KeyGenParameterSpec.Builder setKeyValidityForConsumptionEnd(java.util.Date);
		@@ -34135,6 +34137,7 @@ package android.security.keystore {
		method public java.lang.String[] getSignaturePaddings();
		method public int getUserAuthenticationValidityDurationSeconds();
		method public boolean isInsideSecureHardware();
		method public boolean isInvalidatedByBiometricEnrollment();
		method public boolean isUserAuthenticationRequired();
		method public boolean isUserAuthenticationRequirementEnforcedBySecureHardware();
		method public boolean isUserAuthenticationValidWhileOnBody();
		@@ -34198,6 +34201,7 @@ package android.security.keystore {
		method public java.lang.String[] getSignaturePaddings();
		method public int getUserAuthenticationValidityDurationSeconds();
		method public boolean isDigestsSpecified();
		method public boolean isInvalidatedByBiometricEnrollment();
		method public boolean isRandomizedEncryptionRequired();
		method public boolean isUserAuthenticationRequired();
		method public boolean isUserAuthenticationValidWhileOnBody();
		@@ -34209,6 +34213,7 @@ package android.security.keystore {
		method public android.security.keystore.KeyProtection.Builder setBlockModes(java.lang.String...);
		method public android.security.keystore.KeyProtection.Builder setDigests(java.lang.String...);
		method public android.security.keystore.KeyProtection.Builder setEncryptionPaddings(java.lang.String...);
		method public android.security.keystore.KeyProtection.Builder setInvalidatedByBiometricEnrollment(boolean);
		method public android.security.keystore.KeyProtection.Builder setKeyValidityEnd(java.util.Date);
		method public android.security.keystore.KeyProtection.Builder setKeyValidityForConsumptionEnd(java.util.Date);
		method public android.security.keystore.KeyProtection.Builder setKeyValidityForOriginationEnd(java.util.Date);

api/system-current.txt

+5 −0

Original line number	Diff line number	Diff line
		@@ -36581,6 +36581,7 @@ package android.security.keystore {
		method public java.lang.String[] getSignaturePaddings();
		method public int getUserAuthenticationValidityDurationSeconds();
		method public boolean isDigestsSpecified();
		method public boolean isInvalidatedByBiometricEnrollment();
		method public boolean isRandomizedEncryptionRequired();
		method public boolean isUserAuthenticationRequired();
		method public boolean isUserAuthenticationValidWhileOnBody();
		@@ -36598,6 +36599,7 @@ package android.security.keystore {
		method public android.security.keystore.KeyGenParameterSpec.Builder setCertificateSubject(javax.security.auth.x500.X500Principal);
		method public android.security.keystore.KeyGenParameterSpec.Builder setDigests(java.lang.String...);
		method public android.security.keystore.KeyGenParameterSpec.Builder setEncryptionPaddings(java.lang.String...);
		method public android.security.keystore.KeyGenParameterSpec.Builder setInvalidatedByBiometricEnrollment(boolean);
		method public android.security.keystore.KeyGenParameterSpec.Builder setKeySize(int);
		method public android.security.keystore.KeyGenParameterSpec.Builder setKeyValidityEnd(java.util.Date);
		method public android.security.keystore.KeyGenParameterSpec.Builder setKeyValidityForConsumptionEnd(java.util.Date);
		@@ -36624,6 +36626,7 @@ package android.security.keystore {
		method public java.lang.String[] getSignaturePaddings();
		method public int getUserAuthenticationValidityDurationSeconds();
		method public boolean isInsideSecureHardware();
		method public boolean isInvalidatedByBiometricEnrollment();
		method public boolean isUserAuthenticationRequired();
		method public boolean isUserAuthenticationRequirementEnforcedBySecureHardware();
		method public boolean isUserAuthenticationValidWhileOnBody();
		@@ -36687,6 +36690,7 @@ package android.security.keystore {
		method public java.lang.String[] getSignaturePaddings();
		method public int getUserAuthenticationValidityDurationSeconds();
		method public boolean isDigestsSpecified();
		method public boolean isInvalidatedByBiometricEnrollment();
		method public boolean isRandomizedEncryptionRequired();
		method public boolean isUserAuthenticationRequired();
		method public boolean isUserAuthenticationValidWhileOnBody();
		@@ -36698,6 +36702,7 @@ package android.security.keystore {
		method public android.security.keystore.KeyProtection.Builder setBlockModes(java.lang.String...);
		method public android.security.keystore.KeyProtection.Builder setDigests(java.lang.String...);
		method public android.security.keystore.KeyProtection.Builder setEncryptionPaddings(java.lang.String...);
		method public android.security.keystore.KeyProtection.Builder setInvalidatedByBiometricEnrollment(boolean);
		method public android.security.keystore.KeyProtection.Builder setKeyValidityEnd(java.util.Date);
		method public android.security.keystore.KeyProtection.Builder setKeyValidityForConsumptionEnd(java.util.Date);
		method public android.security.keystore.KeyProtection.Builder setKeyValidityForOriginationEnd(java.util.Date);

api/test-current.txt

+5 −0

Original line number	Diff line number	Diff line
		@@ -34107,6 +34107,7 @@ package android.security.keystore {
		method public java.lang.String[] getSignaturePaddings();
		method public int getUserAuthenticationValidityDurationSeconds();
		method public boolean isDigestsSpecified();
		method public boolean isInvalidatedByBiometricEnrollment();
		method public boolean isRandomizedEncryptionRequired();
		method public boolean isUserAuthenticationRequired();
		method public boolean isUserAuthenticationValidWhileOnBody();
		@@ -34124,6 +34125,7 @@ package android.security.keystore {
		method public android.security.keystore.KeyGenParameterSpec.Builder setCertificateSubject(javax.security.auth.x500.X500Principal);
		method public android.security.keystore.KeyGenParameterSpec.Builder setDigests(java.lang.String...);
		method public android.security.keystore.KeyGenParameterSpec.Builder setEncryptionPaddings(java.lang.String...);
		method public android.security.keystore.KeyGenParameterSpec.Builder setInvalidatedByBiometricEnrollment(boolean);
		method public android.security.keystore.KeyGenParameterSpec.Builder setKeySize(int);
		method public android.security.keystore.KeyGenParameterSpec.Builder setKeyValidityEnd(java.util.Date);
		method public android.security.keystore.KeyGenParameterSpec.Builder setKeyValidityForConsumptionEnd(java.util.Date);
		@@ -34150,6 +34152,7 @@ package android.security.keystore {
		method public java.lang.String[] getSignaturePaddings();
		method public int getUserAuthenticationValidityDurationSeconds();
		method public boolean isInsideSecureHardware();
		method public boolean isInvalidatedByBiometricEnrollment();
		method public boolean isUserAuthenticationRequired();
		method public boolean isUserAuthenticationRequirementEnforcedBySecureHardware();
		method public boolean isUserAuthenticationValidWhileOnBody();
		@@ -34213,6 +34216,7 @@ package android.security.keystore {
		method public java.lang.String[] getSignaturePaddings();
		method public int getUserAuthenticationValidityDurationSeconds();
		method public boolean isDigestsSpecified();
		method public boolean isInvalidatedByBiometricEnrollment();
		method public boolean isRandomizedEncryptionRequired();
		method public boolean isUserAuthenticationRequired();
		method public boolean isUserAuthenticationValidWhileOnBody();
		@@ -34224,6 +34228,7 @@ package android.security.keystore {
		method public android.security.keystore.KeyProtection.Builder setBlockModes(java.lang.String...);
		method public android.security.keystore.KeyProtection.Builder setDigests(java.lang.String...);
		method public android.security.keystore.KeyProtection.Builder setEncryptionPaddings(java.lang.String...);
		method public android.security.keystore.KeyProtection.Builder setInvalidatedByBiometricEnrollment(boolean);
		method public android.security.keystore.KeyProtection.Builder setKeyValidityEnd(java.util.Date);
		method public android.security.keystore.KeyProtection.Builder setKeyValidityForConsumptionEnd(java.util.Date);
		method public android.security.keystore.KeyProtection.Builder setKeyValidityForOriginationEnd(java.util.Date);

keystore/java/android/security/keystore/AndroidKeyStoreKeyGeneratorSpi.java

+4 −2

Original line number	Diff line number	Diff line
		@@ -234,7 +234,8 @@ public abstract class AndroidKeyStoreKeyGeneratorSpi extends KeyGeneratorSpi {
		KeymasterUtils.addUserAuthArgs(new KeymasterArguments(),
		spec.isUserAuthenticationRequired(),
		spec.getUserAuthenticationValidityDurationSeconds(),
		spec.isUserAuthenticationValidWhileOnBody());
		spec.isUserAuthenticationValidWhileOnBody(),
		spec.isInvalidatedByBiometricEnrollment());
		} catch (IllegalStateException \| IllegalArgumentException e) {
		throw new InvalidAlgorithmParameterException(e);
		}
		@@ -273,7 +274,8 @@ public abstract class AndroidKeyStoreKeyGeneratorSpi extends KeyGeneratorSpi {
		KeymasterUtils.addUserAuthArgs(args,
		spec.isUserAuthenticationRequired(),
		spec.getUserAuthenticationValidityDurationSeconds(),
		spec.isUserAuthenticationValidWhileOnBody());
		spec.isUserAuthenticationValidWhileOnBody(),
		spec.isInvalidatedByBiometricEnrollment());
		KeymasterUtils.addMinMacLengthAuthorizationIfNecessary(
		args,
		mKeymasterAlgorithm,

keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java

+4 −2

Original line number	Diff line number	Diff line
		@@ -345,7 +345,8 @@ public abstract class AndroidKeyStoreKeyPairGeneratorSpi extends KeyPairGenerato
		KeymasterUtils.addUserAuthArgs(new KeymasterArguments(),
		mSpec.isUserAuthenticationRequired(),
		mSpec.getUserAuthenticationValidityDurationSeconds(),
		mSpec.isUserAuthenticationValidWhileOnBody());
		mSpec.isUserAuthenticationValidWhileOnBody(),
		mSpec.isInvalidatedByBiometricEnrollment());
		} catch (IllegalArgumentException \| IllegalStateException e) {
		throw new InvalidAlgorithmParameterException(e);
		}
		@@ -531,7 +532,8 @@ public abstract class AndroidKeyStoreKeyPairGeneratorSpi extends KeyPairGenerato
		KeymasterUtils.addUserAuthArgs(args,
		mSpec.isUserAuthenticationRequired(),
		mSpec.getUserAuthenticationValidityDurationSeconds(),
		mSpec.isUserAuthenticationValidWhileOnBody());
		mSpec.isUserAuthenticationValidWhileOnBody(),
		mSpec.isInvalidatedByBiometricEnrollment());
		args.addDateIfNotNull(KeymasterDefs.KM_TAG_ACTIVE_DATETIME, mSpec.getKeyValidityStart());
		args.addDateIfNotNull(KeymasterDefs.KM_TAG_ORIGINATION_EXPIRE_DATETIME,
		mSpec.getKeyValidityForOriginationEnd());