Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit e5b6686b authored by Max Bires's avatar Max Bires Committed by Kevin Chyn
Browse files

Fixing default behavior for keys requiring auth 

The default timeout and authentication type is being updated to offer a
correct default that matches the old behavior.

Bug: 149931201
Test: CtsVerifier
Change-Id: I3f3d4f8d5b02455c285a882933fd6c37739ee44a
parent abe3d7bd

keystore/java/android/security/keystore/KeyGenParameterSpec.java

+3 −2
Original line number Diff line number Diff line
@@ -764,8 +764,9 @@ public final class KeyGenParameterSpec implements AlgorithmParameterSpec, UserAu 
        private @KeyProperties.BlockModeEnum String[] mBlockModes;

        private boolean mRandomizedEncryptionRequired = true;

        private boolean mUserAuthenticationRequired;

        private int mUserAuthenticationValidityDurationSeconds = -1;

        private @KeyProperties.AuthEnum int mUserAuthenticationType;

        private int mUserAuthenticationValidityDurationSeconds = 0;

        private @KeyProperties.AuthEnum int mUserAuthenticationType =

                KeyProperties.AUTH_BIOMETRIC_STRONG;

        private boolean mUserPresenceRequired = false;

        private byte[] mAttestationChallenge = null;

        private boolean mUniqueIdIncluded = false;

keystore/java/android/security/keystore/KeyProtection.java

+3 −2
Original line number Diff line number Diff line
@@ -562,8 +562,9 @@ public final class KeyProtection implements ProtectionParameter, UserAuthArgs { 
        private @KeyProperties.BlockModeEnum String[] mBlockModes;

        private boolean mRandomizedEncryptionRequired = true;

        private boolean mUserAuthenticationRequired;

        private @KeyProperties.AuthEnum int mUserAuthenticationType;

        private int mUserAuthenticationValidityDurationSeconds = -1;

        private @KeyProperties.AuthEnum int mUserAuthenticationType =

                KeyProperties.AUTH_BIOMETRIC_STRONG;

        private int mUserAuthenticationValidityDurationSeconds = 0;

        private boolean mUserPresenceRequired = false;

        private boolean mUserAuthenticationValidWhileOnBody;

        private boolean mInvalidatedByBiometricEnrollment = true;

keystore/java/android/security/keystore/KeymasterUtils.java

+1 −2
Original line number Diff line number Diff line
@@ -165,8 +165,7 @@ public abstract class KeymasterUtils { 
            }

            args.addUnsignedLong(KeymasterDefs.KM_TAG_USER_SECURE_ID,

                    KeymasterArguments.toUint64(sid));

            args.addEnum(KeymasterDefs.KM_TAG_USER_AUTH_TYPE,

                    KeymasterDefs.HW_AUTH_PASSWORD | KeymasterDefs.HW_AUTH_BIOMETRIC);

            args.addEnum(KeymasterDefs.KM_TAG_USER_AUTH_TYPE, spec.getUserAuthenticationType());

            args.addUnsignedInt(KeymasterDefs.KM_TAG_AUTH_TIMEOUT,

                    spec.getUserAuthenticationValidityDurationSeconds());

            if (spec.isUserAuthenticationValidWhileOnBody()) {