Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit c6f4118f authored by Nicholas Ambur's avatar Nicholas Ambur
Browse files

remove client token passing active VI service 

Previous implementation relied on client to pass a token which the
service used to verify if it was the active service. This is seen to be
a security concern as there is no way to verify how the client obtained
the token. Instead, a check is done to confirm the caller's UID matches
the UID of the active service.

In the case of voice model enrollment, KeyphraseEnrollmentInfo class is
leveraged. A client is allowed to enroll if it is the active voice
interaction service or if it is a voice model enrollment application
bundled with the system image.

All previous manifest permision checks still apply.

Bug: 148159858
Test: gts-tradefed run gts-dev -m GtsAssistIntentTestCases -t \
com.google.android.assist.gts.KeyphraseModelManagerTest \
\#testShouldEnrollOnlyWhenActiveService

Change-Id: Ie2c4653d365770a9123a22bc69822518b4ccc568
parent 84b79855
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment