Merge "keystore: Change superclass of UserPresenceUnavailableException." into pi-dev

api/current.txt

@@ -38754,7 +38754,7 @@ package android.security.keystore {
     ctor public UserNotAuthenticatedException(java.lang.String, java.lang.Throwable);
   }
 
-  public class UserPresenceUnavailableException extends java.security.InvalidAlgorithmParameterException {
+  public class UserPresenceUnavailableException extends java.security.InvalidKeyException {
     ctor public UserPresenceUnavailableException();
     ctor public UserPresenceUnavailableException(java.lang.String);
     ctor public UserPresenceUnavailableException(java.lang.String, java.lang.Throwable);

keystore/java/android/security/keystore/KeyProtection.java

@@ -445,6 +445,9 @@ public final class KeyProtection implements ProtectionParameter, UserAuthArgs {
     /**
      * Returns {@code true} if the key is authorized to be used only if a test of user presence has
      * been performed between the {@code Signature.initSign()} and {@code Signature.sign()} calls.
+     * It requires that the KeyStore implementation have a direct way to validate the user presence
+     * for example a KeyStore hardware backed strongbox can use a button press that is observable
+     * in hardware.
      */
     public boolean isUserPresenceRequired() {
         return mUserPresenceRequred;

keystore/java/android/security/keystore/UserPresenceUnavailableException.java

@@ -16,13 +16,13 @@
 
 package android.security.keystore;
 
-import java.security.InvalidAlgorithmParameterException;
+import java.security.InvalidKeyException;
 
 /**
  * Indicates the condition that a proof of user-presence was
  * requested but this proof was not presented.
  */
-public class UserPresenceUnavailableException extends InvalidAlgorithmParameterException {
+public class UserPresenceUnavailableException extends InvalidKeyException {
     /**
      * Constructs a {@code UserPresenceUnavailableException} without a detail message or cause.
      */