From 382e724714f8a253cbd09ec8d5abc413b85b4d1d Mon Sep 17 00:00:00 2001 From: Kenny Root Date: Thu, 5 Mar 2020 16:48:39 +0000 Subject: [PATCH] Revert "Fixing default behavior for keys requiring auth" This reverts commit e5b6686b49c47678f5057b6702da67a42a5d8c7f. Reason for revert: Droidcop-triggered revert due to breakage https://android-build.googleplex.com/builds/quarterdeck?testMethod=testDismissKeyguard&testClass=android.server.wm.KeyguardLockedTests&atpConfigName=cts%2Fframework%2Fgce-presubmit-wm-cloud-tf-2&testModule=CtsWindowManagerDeviceTestCases&fkbb=6265187&lkbb=6266200&lkgb=6265150&testResults=true&badBuildCount=32&branch=git_rvc-dev-plus-aosp&target=aosp_cf_x86_phone-userdebug, bug b/150847441 Bug: 150847441 Change-Id: I1e648e1174172f8077cea1dd175c4167830adcb6 --- .../java/android/security/keystore/KeyGenParameterSpec.java | 5 ++--- keystore/java/android/security/keystore/KeyProtection.java | 5 ++--- keystore/java/android/security/keystore/KeymasterUtils.java | 3 ++- 3 files changed, 6 insertions(+), 7 deletions(-) diff --git a/keystore/java/android/security/keystore/KeyGenParameterSpec.java b/keystore/java/android/security/keystore/KeyGenParameterSpec.java index 926ab27f3c226..d683041fbfdcd 100644 --- a/keystore/java/android/security/keystore/KeyGenParameterSpec.java +++ b/keystore/java/android/security/keystore/KeyGenParameterSpec.java @@ -764,9 +764,8 @@ public final class KeyGenParameterSpec implements AlgorithmParameterSpec, UserAu private @KeyProperties.BlockModeEnum String[] mBlockModes; private boolean mRandomizedEncryptionRequired = true; private boolean mUserAuthenticationRequired; - private int mUserAuthenticationValidityDurationSeconds = 0; - private @KeyProperties.AuthEnum int mUserAuthenticationType = - KeyProperties.AUTH_BIOMETRIC_STRONG; + private int mUserAuthenticationValidityDurationSeconds = -1; + private @KeyProperties.AuthEnum int mUserAuthenticationType; private boolean mUserPresenceRequired = false; private byte[] mAttestationChallenge = null; private boolean mUniqueIdIncluded = false; diff --git a/keystore/java/android/security/keystore/KeyProtection.java b/keystore/java/android/security/keystore/KeyProtection.java index 7ef7b1a7edcb9..e230b7c3708bd 100644 --- a/keystore/java/android/security/keystore/KeyProtection.java +++ b/keystore/java/android/security/keystore/KeyProtection.java @@ -562,9 +562,8 @@ public final class KeyProtection implements ProtectionParameter, UserAuthArgs { private @KeyProperties.BlockModeEnum String[] mBlockModes; private boolean mRandomizedEncryptionRequired = true; private boolean mUserAuthenticationRequired; - private @KeyProperties.AuthEnum int mUserAuthenticationType = - KeyProperties.AUTH_BIOMETRIC_STRONG; - private int mUserAuthenticationValidityDurationSeconds = 0; + private @KeyProperties.AuthEnum int mUserAuthenticationType; + private int mUserAuthenticationValidityDurationSeconds = -1; private boolean mUserPresenceRequired = false; private boolean mUserAuthenticationValidWhileOnBody; private boolean mInvalidatedByBiometricEnrollment = true; diff --git a/keystore/java/android/security/keystore/KeymasterUtils.java b/keystore/java/android/security/keystore/KeymasterUtils.java index bc933ff13825f..4ead253f3eea5 100644 --- a/keystore/java/android/security/keystore/KeymasterUtils.java +++ b/keystore/java/android/security/keystore/KeymasterUtils.java @@ -165,7 +165,8 @@ public abstract class KeymasterUtils { } args.addUnsignedLong(KeymasterDefs.KM_TAG_USER_SECURE_ID, KeymasterArguments.toUint64(sid)); - args.addEnum(KeymasterDefs.KM_TAG_USER_AUTH_TYPE, spec.getUserAuthenticationType()); + args.addEnum(KeymasterDefs.KM_TAG_USER_AUTH_TYPE, + KeymasterDefs.HW_AUTH_PASSWORD | KeymasterDefs.HW_AUTH_BIOMETRIC); args.addUnsignedInt(KeymasterDefs.KM_TAG_AUTH_TIMEOUT, spec.getUserAuthenticationValidityDurationSeconds()); if (spec.isUserAuthenticationValidWhileOnBody()) {