Loading core/java/android/security/IKeystoreService.aidl +2 −2 Original line number Diff line number Diff line Loading @@ -37,9 +37,9 @@ interface IKeystoreService { int exist(String name, int uid); String[] saw(String namePrefix, int uid); int reset(); int password(String password); int onUserPasswordChanged(int userId, String newPassword); int lock(); int unlock(String password); int unlock(int userId, String userPassword); int zero(); int generate(String name, int uid, int keyType, int keySize, int flags, in KeystoreArguments args); Loading keystore/java/android/security/KeyStore.java +43 −11 Original line number Diff line number Diff line Loading @@ -24,8 +24,10 @@ import android.content.Context; import android.hardware.fingerprint.FingerprintManager; import android.os.Binder; import android.os.IBinder; import android.os.Process; import android.os.RemoteException; import android.os.ServiceManager; import android.os.UserHandle; import android.security.keymaster.ExportResult; import android.security.keymaster.KeyCharacteristics; import android.security.keymaster.KeymasterArguments; Loading Loading @@ -212,15 +214,6 @@ public class KeyStore { } } public boolean password(String password) { try { return mBinder.password(password) == NO_ERROR; } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); return false; } } public boolean lock() { try { return mBinder.lock() == NO_ERROR; Loading @@ -230,9 +223,20 @@ public class KeyStore { } } public boolean unlock(String password) { /** * Attempt to unlock the keystore for {@code user} with the password {@code password}. * This is required before keystore entries created with FLAG_ENCRYPTED can be accessed or * created. * * @param user Android user ID to operate on * @param password user's keystore password. Should be the most recent value passed to * {@link #onUserPasswordChanged} for the user. * * @return whether the keystore was unlocked. */ public boolean unlock(int userId, String password) { try { mError = mBinder.unlock(password); mError = mBinder.unlock(userId, password); return mError == NO_ERROR; } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); Loading @@ -240,6 +244,10 @@ public class KeyStore { } } public boolean unlock(String password) { return unlock(UserHandle.getUserId(Process.myUid()), password); } public boolean isEmpty() { try { return mBinder.zero() == KEY_NOT_FOUND; Loading Loading @@ -539,6 +547,30 @@ public class KeyStore { } } /** * Notify keystore that a user's password has changed. * * @param userId the user whose password changed. * @param newPassword the new password or "" if the password was removed. */ public boolean onUserPasswordChanged(int userId, String newPassword) { // Parcel.cpp doesn't support deserializing null strings and treats them as "". Make that // explicit here. if (newPassword == null) { newPassword = ""; } try { return mBinder.onUserPasswordChanged(userId, newPassword) == NO_ERROR; } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); return false; } } public boolean onUserPasswordChanged(String newPassword) { return onUserPasswordChanged(UserHandle.getUserId(Process.myUid()), newPassword); } /** * Returns a {@link KeyStoreException} corresponding to the provided keystore/keymaster error * code. Loading keystore/tests/src/android/security/AndroidKeyPairGeneratorTest.java +2 −2 Original line number Diff line number Diff line Loading @@ -73,7 +73,7 @@ public class AndroidKeyPairGeneratorTest extends AndroidTestCase { } private void setupPassword() { assertTrue(mAndroidKeyStore.password("1111")); assertTrue(mAndroidKeyStore.onUserPasswordChanged("1111")); assertTrue(mAndroidKeyStore.isUnlocked()); String[] aliases = mAndroidKeyStore.saw(""); Loading Loading @@ -288,7 +288,7 @@ public class AndroidKeyPairGeneratorTest extends AndroidTestCase { } catch (IllegalStateException expected) { } assertTrue(mAndroidKeyStore.password("1111")); assertTrue(mAndroidKeyStore.onUserPasswordChanged("1111")); assertTrue(mAndroidKeyStore.isUnlocked()); final KeyPair pair2 = mGenerator.generateKeyPair(); Loading keystore/tests/src/android/security/AndroidKeyStoreTest.java +2 −2 Original line number Diff line number Diff line Loading @@ -736,7 +736,7 @@ public class AndroidKeyStoreTest extends AndroidTestCase { } private void setupPassword() { assertTrue(mAndroidKeyStore.password("1111")); assertTrue(mAndroidKeyStore.onUserPasswordChanged("1111")); assertTrue(mAndroidKeyStore.isUnlocked()); assertEquals(0, mAndroidKeyStore.saw("").length); Loading Loading @@ -2089,7 +2089,7 @@ public class AndroidKeyStoreTest extends AndroidTestCase { } catch (KeyStoreException success) { } assertTrue(mAndroidKeyStore.password("1111")); assertTrue(mAndroidKeyStore.onUserPasswordChanged("1111")); assertTrue(mAndroidKeyStore.isUnlocked()); mKeyStore.setEntry(TEST_ALIAS_1, entry, Loading keystore/tests/src/android/security/KeyStoreTest.java +67 −43 File changed.Preview size limit exceeded, changes collapsed. Show changes Loading
core/java/android/security/IKeystoreService.aidl +2 −2 Original line number Diff line number Diff line Loading @@ -37,9 +37,9 @@ interface IKeystoreService { int exist(String name, int uid); String[] saw(String namePrefix, int uid); int reset(); int password(String password); int onUserPasswordChanged(int userId, String newPassword); int lock(); int unlock(String password); int unlock(int userId, String userPassword); int zero(); int generate(String name, int uid, int keyType, int keySize, int flags, in KeystoreArguments args); Loading
keystore/java/android/security/KeyStore.java +43 −11 Original line number Diff line number Diff line Loading @@ -24,8 +24,10 @@ import android.content.Context; import android.hardware.fingerprint.FingerprintManager; import android.os.Binder; import android.os.IBinder; import android.os.Process; import android.os.RemoteException; import android.os.ServiceManager; import android.os.UserHandle; import android.security.keymaster.ExportResult; import android.security.keymaster.KeyCharacteristics; import android.security.keymaster.KeymasterArguments; Loading Loading @@ -212,15 +214,6 @@ public class KeyStore { } } public boolean password(String password) { try { return mBinder.password(password) == NO_ERROR; } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); return false; } } public boolean lock() { try { return mBinder.lock() == NO_ERROR; Loading @@ -230,9 +223,20 @@ public class KeyStore { } } public boolean unlock(String password) { /** * Attempt to unlock the keystore for {@code user} with the password {@code password}. * This is required before keystore entries created with FLAG_ENCRYPTED can be accessed or * created. * * @param user Android user ID to operate on * @param password user's keystore password. Should be the most recent value passed to * {@link #onUserPasswordChanged} for the user. * * @return whether the keystore was unlocked. */ public boolean unlock(int userId, String password) { try { mError = mBinder.unlock(password); mError = mBinder.unlock(userId, password); return mError == NO_ERROR; } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); Loading @@ -240,6 +244,10 @@ public class KeyStore { } } public boolean unlock(String password) { return unlock(UserHandle.getUserId(Process.myUid()), password); } public boolean isEmpty() { try { return mBinder.zero() == KEY_NOT_FOUND; Loading Loading @@ -539,6 +547,30 @@ public class KeyStore { } } /** * Notify keystore that a user's password has changed. * * @param userId the user whose password changed. * @param newPassword the new password or "" if the password was removed. */ public boolean onUserPasswordChanged(int userId, String newPassword) { // Parcel.cpp doesn't support deserializing null strings and treats them as "". Make that // explicit here. if (newPassword == null) { newPassword = ""; } try { return mBinder.onUserPasswordChanged(userId, newPassword) == NO_ERROR; } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); return false; } } public boolean onUserPasswordChanged(String newPassword) { return onUserPasswordChanged(UserHandle.getUserId(Process.myUid()), newPassword); } /** * Returns a {@link KeyStoreException} corresponding to the provided keystore/keymaster error * code. Loading
keystore/tests/src/android/security/AndroidKeyPairGeneratorTest.java +2 −2 Original line number Diff line number Diff line Loading @@ -73,7 +73,7 @@ public class AndroidKeyPairGeneratorTest extends AndroidTestCase { } private void setupPassword() { assertTrue(mAndroidKeyStore.password("1111")); assertTrue(mAndroidKeyStore.onUserPasswordChanged("1111")); assertTrue(mAndroidKeyStore.isUnlocked()); String[] aliases = mAndroidKeyStore.saw(""); Loading Loading @@ -288,7 +288,7 @@ public class AndroidKeyPairGeneratorTest extends AndroidTestCase { } catch (IllegalStateException expected) { } assertTrue(mAndroidKeyStore.password("1111")); assertTrue(mAndroidKeyStore.onUserPasswordChanged("1111")); assertTrue(mAndroidKeyStore.isUnlocked()); final KeyPair pair2 = mGenerator.generateKeyPair(); Loading
keystore/tests/src/android/security/AndroidKeyStoreTest.java +2 −2 Original line number Diff line number Diff line Loading @@ -736,7 +736,7 @@ public class AndroidKeyStoreTest extends AndroidTestCase { } private void setupPassword() { assertTrue(mAndroidKeyStore.password("1111")); assertTrue(mAndroidKeyStore.onUserPasswordChanged("1111")); assertTrue(mAndroidKeyStore.isUnlocked()); assertEquals(0, mAndroidKeyStore.saw("").length); Loading Loading @@ -2089,7 +2089,7 @@ public class AndroidKeyStoreTest extends AndroidTestCase { } catch (KeyStoreException success) { } assertTrue(mAndroidKeyStore.password("1111")); assertTrue(mAndroidKeyStore.onUserPasswordChanged("1111")); assertTrue(mAndroidKeyStore.isUnlocked()); mKeyStore.setEntry(TEST_ALIAS_1, entry, Loading
keystore/tests/src/android/security/KeyStoreTest.java +67 −43 File changed.Preview size limit exceeded, changes collapsed. Show changes
