am bb785c6a: am c37c7d9d: Merge "Do not require USE_FINGERPRINT for getAuthenticatorId." into mnc-dev

* commit 'bb785c6a5c103b1221047f202eb42d8f4c32d8d8': Do not require USE_FINGERPRINT for getAuthenticatorId.
2015-06-12 00:51:52 +00:00
parent 6d8281cf6a bb785c6a5c
commit e268113bef
3 changed files with 25 additions and 23 deletions
--- a/keystore/java/android/security/KeyStore.java
+++ b/keystore/java/android/security/KeyStore.java
@@ -108,15 +108,10 @@ public class KeyStore {
    }

    public static Context getApplicationContext() {
-        ActivityThread activityThread = ActivityThread.currentActivityThread();
-        if (activityThread == null) {
-            throw new IllegalStateException(
-                    "Failed to obtain application Context: no ActivityThread");
-        }
-        Application application = activityThread.getApplication();
+        Application application = ActivityThread.currentApplication();
        if (application == null) {
            throw new IllegalStateException(
-                    "Failed to obtain application Context: no Application");
+                    "Failed to obtain application Context from ActivityThread");
        }
        return application;
    }
@@ -698,16 +693,13 @@ public class KeyStore {
    }

    private long getFingerprintOnlySid() {
-        FingerprintManager fingerprintManager =
-                mContext.getSystemService(FingerprintManager.class);
+        FingerprintManager fingerprintManager = mContext.getSystemService(FingerprintManager.class);
        if (fingerprintManager == null) {
            return 0;
        }

-        if (!fingerprintManager.isHardwareDetected()) {
-            return 0;
-        }
-
+        // TODO: Restore USE_FINGERPRINT permission check in
+        // FingerprintManager.getAuthenticatorId once the ID is no longer needed here.
        return fingerprintManager.getAuthenticatorId();
    }

--- a/keystore/java/android/security/keystore/KeymasterUtils.java
+++ b/keystore/java/android/security/keystore/KeymasterUtils.java
@@ -101,13 +101,10 @@ public abstract class KeymasterUtils {
            // fingerprint-only auth.
            FingerprintManager fingerprintManager =
                    KeyStore.getApplicationContext().getSystemService(FingerprintManager.class);
-            if ((fingerprintManager == null) || (!fingerprintManager.isHardwareDetected())) {
-                throw new IllegalStateException(
-                        "This device does not support keys which require authentication for every"
-                        + " use -- this requires fingerprint authentication which is not"
-                        + " available on this device");
-            }
-            long fingerprintOnlySid = fingerprintManager.getAuthenticatorId();
+            // TODO: Restore USE_FINGERPRINT permission check in
+            // FingerprintManager.getAuthenticatorId once the ID is no longer needed here.
+            long fingerprintOnlySid =
+                    (fingerprintManager != null) ? fingerprintManager.getAuthenticatorId() : 0;
            if (fingerprintOnlySid == 0) {
                throw new IllegalStateException(
                        "At least one fingerprint must be enrolled to create keys requiring user"
--- a/services/core/java/com/android/server/fingerprint/FingerprintService.java
+++ b/services/core/java/com/android/server/fingerprint/FingerprintService.java
@@ -706,9 +706,22 @@ public class FingerprintService extends SystemService implements IBinder.DeathRe

        @Override // Binder call
        public long getAuthenticatorId(String opPackageName) {
-            if (!canUseFingerprint(opPackageName)) {
-                return 0;
-            }
+            // In this method, we're not checking whether the caller is permitted to use fingerprint
+            // API because current authenticator ID is leaked (in a more contrived way) via Android
+            // Keystore (android.security.keystore package): the user of that API can create a key
+            // which requires fingerprint authentication for its use, and then query the key's
+            // characteristics (hidden API) which returns, among other things, fingerprint
+            // authenticator ID which was active at key creation time.
+            //
+            // Reason: The part of Android Keystore which runs inside an app's process invokes this
+            // method in certain cases. Those cases are not always where the developer demonstrates
+            // explicit intent to use fingerprint functionality. Thus, to avoiding throwing an
+            // unexpected SecurityException this method does not check whether its caller is
+            // permitted to use fingerprint API.
+            //
+            // The permission check should be restored once Android Keystore no longer invokes this
+            // method from inside app processes.
+
            return FingerprintService.this.getAuthenticatorId();
        }
    }