Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit c38eae52 authored by Shawn Willden's avatar Shawn Willden
Browse files

Revert "Revert "Add option to allow key validity after fingerprint enrollment."" 

This reverts commit 512c132f.

Change-Id: Iac381dfebcfe42f0468569eb2395ebeb97a95887
parent f5725e65

api/current.txt

+5 −0
Original line number Diff line number Diff line
@@ -34112,6 +34112,7 @@ package android.security.keystore { 
    method public java.lang.String[] getSignaturePaddings();

    method public int getUserAuthenticationValidityDurationSeconds();

    method public boolean isDigestsSpecified();

    method public boolean isInvalidatedByBiometricEnrollment();

    method public boolean isRandomizedEncryptionRequired();

    method public boolean isUserAuthenticationRequired();

    method public boolean isUserAuthenticationValidWhileOnBody();
@@ -34129,6 +34130,7 @@ package android.security.keystore { 
    method public android.security.keystore.KeyGenParameterSpec.Builder setCertificateSubject(javax.security.auth.x500.X500Principal);

    method public android.security.keystore.KeyGenParameterSpec.Builder setDigests(java.lang.String...);

    method public android.security.keystore.KeyGenParameterSpec.Builder setEncryptionPaddings(java.lang.String...);

    method public android.security.keystore.KeyGenParameterSpec.Builder setInvalidatedByBiometricEnrollment(boolean);

    method public android.security.keystore.KeyGenParameterSpec.Builder setKeySize(int);

    method public android.security.keystore.KeyGenParameterSpec.Builder setKeyValidityEnd(java.util.Date);

    method public android.security.keystore.KeyGenParameterSpec.Builder setKeyValidityForConsumptionEnd(java.util.Date);
@@ -34155,6 +34157,7 @@ package android.security.keystore { 
    method public java.lang.String[] getSignaturePaddings();

    method public int getUserAuthenticationValidityDurationSeconds();

    method public boolean isInsideSecureHardware();

    method public boolean isInvalidatedByBiometricEnrollment();

    method public boolean isUserAuthenticationRequired();

    method public boolean isUserAuthenticationRequirementEnforcedBySecureHardware();

    method public boolean isUserAuthenticationValidWhileOnBody();
@@ -34218,6 +34221,7 @@ package android.security.keystore { 
    method public java.lang.String[] getSignaturePaddings();

    method public int getUserAuthenticationValidityDurationSeconds();

    method public boolean isDigestsSpecified();

    method public boolean isInvalidatedByBiometricEnrollment();

    method public boolean isRandomizedEncryptionRequired();

    method public boolean isUserAuthenticationRequired();

    method public boolean isUserAuthenticationValidWhileOnBody();
@@ -34229,6 +34233,7 @@ package android.security.keystore { 
    method public android.security.keystore.KeyProtection.Builder setBlockModes(java.lang.String...);

    method public android.security.keystore.KeyProtection.Builder setDigests(java.lang.String...);

    method public android.security.keystore.KeyProtection.Builder setEncryptionPaddings(java.lang.String...);

    method public android.security.keystore.KeyProtection.Builder setInvalidatedByBiometricEnrollment(boolean);

    method public android.security.keystore.KeyProtection.Builder setKeyValidityEnd(java.util.Date);

    method public android.security.keystore.KeyProtection.Builder setKeyValidityForConsumptionEnd(java.util.Date);

    method public android.security.keystore.KeyProtection.Builder setKeyValidityForOriginationEnd(java.util.Date);

api/system-current.txt

+5 −0
Original line number Diff line number Diff line
@@ -36608,6 +36608,7 @@ package android.security.keystore { 
    method public java.lang.String[] getSignaturePaddings();

    method public int getUserAuthenticationValidityDurationSeconds();

    method public boolean isDigestsSpecified();

    method public boolean isInvalidatedByBiometricEnrollment();

    method public boolean isRandomizedEncryptionRequired();

    method public boolean isUserAuthenticationRequired();

    method public boolean isUserAuthenticationValidWhileOnBody();
@@ -36625,6 +36626,7 @@ package android.security.keystore { 
    method public android.security.keystore.KeyGenParameterSpec.Builder setCertificateSubject(javax.security.auth.x500.X500Principal);

    method public android.security.keystore.KeyGenParameterSpec.Builder setDigests(java.lang.String...);

    method public android.security.keystore.KeyGenParameterSpec.Builder setEncryptionPaddings(java.lang.String...);

    method public android.security.keystore.KeyGenParameterSpec.Builder setInvalidatedByBiometricEnrollment(boolean);

    method public android.security.keystore.KeyGenParameterSpec.Builder setKeySize(int);

    method public android.security.keystore.KeyGenParameterSpec.Builder setKeyValidityEnd(java.util.Date);

    method public android.security.keystore.KeyGenParameterSpec.Builder setKeyValidityForConsumptionEnd(java.util.Date);
@@ -36651,6 +36653,7 @@ package android.security.keystore { 
    method public java.lang.String[] getSignaturePaddings();

    method public int getUserAuthenticationValidityDurationSeconds();

    method public boolean isInsideSecureHardware();

    method public boolean isInvalidatedByBiometricEnrollment();

    method public boolean isUserAuthenticationRequired();

    method public boolean isUserAuthenticationRequirementEnforcedBySecureHardware();

    method public boolean isUserAuthenticationValidWhileOnBody();
@@ -36714,6 +36717,7 @@ package android.security.keystore { 
    method public java.lang.String[] getSignaturePaddings();

    method public int getUserAuthenticationValidityDurationSeconds();

    method public boolean isDigestsSpecified();

    method public boolean isInvalidatedByBiometricEnrollment();

    method public boolean isRandomizedEncryptionRequired();

    method public boolean isUserAuthenticationRequired();

    method public boolean isUserAuthenticationValidWhileOnBody();
@@ -36725,6 +36729,7 @@ package android.security.keystore { 
    method public android.security.keystore.KeyProtection.Builder setBlockModes(java.lang.String...);

    method public android.security.keystore.KeyProtection.Builder setDigests(java.lang.String...);

    method public android.security.keystore.KeyProtection.Builder setEncryptionPaddings(java.lang.String...);

    method public android.security.keystore.KeyProtection.Builder setInvalidatedByBiometricEnrollment(boolean);

    method public android.security.keystore.KeyProtection.Builder setKeyValidityEnd(java.util.Date);

    method public android.security.keystore.KeyProtection.Builder setKeyValidityForConsumptionEnd(java.util.Date);

    method public android.security.keystore.KeyProtection.Builder setKeyValidityForOriginationEnd(java.util.Date);

api/test-current.txt

+5 −0
Original line number Diff line number Diff line
@@ -34127,6 +34127,7 @@ package android.security.keystore { 
    method public java.lang.String[] getSignaturePaddings();

    method public int getUserAuthenticationValidityDurationSeconds();

    method public boolean isDigestsSpecified();

    method public boolean isInvalidatedByBiometricEnrollment();

    method public boolean isRandomizedEncryptionRequired();

    method public boolean isUserAuthenticationRequired();

    method public boolean isUserAuthenticationValidWhileOnBody();
@@ -34144,6 +34145,7 @@ package android.security.keystore { 
    method public android.security.keystore.KeyGenParameterSpec.Builder setCertificateSubject(javax.security.auth.x500.X500Principal);

    method public android.security.keystore.KeyGenParameterSpec.Builder setDigests(java.lang.String...);

    method public android.security.keystore.KeyGenParameterSpec.Builder setEncryptionPaddings(java.lang.String...);

    method public android.security.keystore.KeyGenParameterSpec.Builder setInvalidatedByBiometricEnrollment(boolean);

    method public android.security.keystore.KeyGenParameterSpec.Builder setKeySize(int);

    method public android.security.keystore.KeyGenParameterSpec.Builder setKeyValidityEnd(java.util.Date);

    method public android.security.keystore.KeyGenParameterSpec.Builder setKeyValidityForConsumptionEnd(java.util.Date);
@@ -34170,6 +34172,7 @@ package android.security.keystore { 
    method public java.lang.String[] getSignaturePaddings();

    method public int getUserAuthenticationValidityDurationSeconds();

    method public boolean isInsideSecureHardware();

    method public boolean isInvalidatedByBiometricEnrollment();

    method public boolean isUserAuthenticationRequired();

    method public boolean isUserAuthenticationRequirementEnforcedBySecureHardware();

    method public boolean isUserAuthenticationValidWhileOnBody();
@@ -34233,6 +34236,7 @@ package android.security.keystore { 
    method public java.lang.String[] getSignaturePaddings();

    method public int getUserAuthenticationValidityDurationSeconds();

    method public boolean isDigestsSpecified();

    method public boolean isInvalidatedByBiometricEnrollment();

    method public boolean isRandomizedEncryptionRequired();

    method public boolean isUserAuthenticationRequired();

    method public boolean isUserAuthenticationValidWhileOnBody();
@@ -34244,6 +34248,7 @@ package android.security.keystore { 
    method public android.security.keystore.KeyProtection.Builder setBlockModes(java.lang.String...);

    method public android.security.keystore.KeyProtection.Builder setDigests(java.lang.String...);

    method public android.security.keystore.KeyProtection.Builder setEncryptionPaddings(java.lang.String...);

    method public android.security.keystore.KeyProtection.Builder setInvalidatedByBiometricEnrollment(boolean);

    method public android.security.keystore.KeyProtection.Builder setKeyValidityEnd(java.util.Date);

    method public android.security.keystore.KeyProtection.Builder setKeyValidityForConsumptionEnd(java.util.Date);

    method public android.security.keystore.KeyProtection.Builder setKeyValidityForOriginationEnd(java.util.Date);

keystore/java/android/security/keystore/AndroidKeyStoreKeyGeneratorSpi.java

+4 −2
Original line number Diff line number Diff line
@@ -234,7 +234,8 @@ public abstract class AndroidKeyStoreKeyGeneratorSpi extends KeyGeneratorSpi { 
                KeymasterUtils.addUserAuthArgs(new KeymasterArguments(),

                        spec.isUserAuthenticationRequired(),

                        spec.getUserAuthenticationValidityDurationSeconds(),

                        spec.isUserAuthenticationValidWhileOnBody());

                        spec.isUserAuthenticationValidWhileOnBody(),

                        spec.isInvalidatedByBiometricEnrollment());

            } catch (IllegalStateException | IllegalArgumentException e) {

                throw new InvalidAlgorithmParameterException(e);

            }
@@ -273,7 +274,8 @@ public abstract class AndroidKeyStoreKeyGeneratorSpi extends KeyGeneratorSpi { 
        KeymasterUtils.addUserAuthArgs(args,

                spec.isUserAuthenticationRequired(),

                spec.getUserAuthenticationValidityDurationSeconds(),

                spec.isUserAuthenticationValidWhileOnBody());

                spec.isUserAuthenticationValidWhileOnBody(),

                spec.isInvalidatedByBiometricEnrollment());

        KeymasterUtils.addMinMacLengthAuthorizationIfNecessary(

                args,

                mKeymasterAlgorithm,

keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java

+4 −2
Original line number Diff line number Diff line
@@ -345,7 +345,8 @@ public abstract class AndroidKeyStoreKeyPairGeneratorSpi extends KeyPairGenerato 
                KeymasterUtils.addUserAuthArgs(new KeymasterArguments(),

                        mSpec.isUserAuthenticationRequired(),

                        mSpec.getUserAuthenticationValidityDurationSeconds(),

                        mSpec.isUserAuthenticationValidWhileOnBody());

                        mSpec.isUserAuthenticationValidWhileOnBody(),

                        mSpec.isInvalidatedByBiometricEnrollment());

            } catch (IllegalArgumentException | IllegalStateException e) {

                throw new InvalidAlgorithmParameterException(e);

            }
@@ -531,7 +532,8 @@ public abstract class AndroidKeyStoreKeyPairGeneratorSpi extends KeyPairGenerato 
        KeymasterUtils.addUserAuthArgs(args,

                mSpec.isUserAuthenticationRequired(),

                mSpec.getUserAuthenticationValidityDurationSeconds(),

                mSpec.isUserAuthenticationValidWhileOnBody());

                mSpec.isUserAuthenticationValidWhileOnBody(),

                mSpec.isInvalidatedByBiometricEnrollment());

        args.addDateIfNotNull(KeymasterDefs.KM_TAG_ACTIVE_DATETIME, mSpec.getKeyValidityStart());

        args.addDateIfNotNull(KeymasterDefs.KM_TAG_ORIGINATION_EXPIRE_DATETIME,

                mSpec.getKeyValidityForOriginationEnd());