A normal synchronous binder call would not be influenced by an
interrupted thread. With the move to asynchronous keystore IPC we wait
on a future which can throw an interrupted exception. The Java crypto
API does not expect the implementation to throw interrupted exceptions
though. So to preserve the expected behavior we wrap the Future.get()
calls in a loop that handles the interrupted exception and sets the
interrupted state after the get completed successfully.
Bug: 147398412
Bug: 155254932
Test: atest android.keystore.cts.CipherTest#testEncryptsAndDecryptsInterrupted
Change-Id: I066180e8028cc426fa1b3739fa007faa17c8c012
Merged-In: I066180e8028cc426fa1b3739fa007faa17c8c012
Update the KeyChain.createInstallIntent method documentation to reflect
the change where CA certificates can no longer be installed using
this intent.
Bug: 156941631
Test: m docs
Change-Id: I3cf2c677c4c772698c8df5f25224dd67d12b5606
Add API to allow inclusion of device base properties to the
attestation certificate generated with a Key in Keystore.
Test: atest KeyAttestationTest
Bug: 152945378
Change-Id: Iaf282709f800501aa4c988ebf51cf3238583f9b6
The getKeyInfo check was not updated to use the new integer representing
an auth per operation key.
Bug: 152618140
Test: atest AuthBoundKeyTest
Change-Id: Ifa6d37ac878ba267761ed7ae32c544cd4b662d25
Update keyguard locked state from TrustManagerService
TrustManagerService holds the ground truth about whether a user is
locked or not, so update keystore using the information there,
instead of doing it from KeyguardStateMonitor. This fixes the issue
of work profile locked state not being correctly pushed to keystore.
Note: since this change is likely to be backported as a security
patch, I'm refraining from doing major refactoring right now.
Bug: 141329041
Bug: 144430870
Test: manually with KeyPairSampleApp
Change-Id: I3472ece73d573a775345ebcceeeb2cc460374c9b
(cherry picked from commit f9418dbb2c)
SIDs were not being properly applied to key parameters under the new
authentication rework. Now that biometric/credential unlocks are valid
for either auth-per-op or timeout auth bound keys, the SIDs need to be
tacked on appropriately in each authentication flow.
Bug: 148425329
Test: CtsVerifier
Change-Id: I73733b00d2da5ac78db6d77c53de144f4473bb54
The default timeout and authentication type is being updated to offer a
correct default that matches the old behavior.
Bug: 148425329
Bug: 149931201
Test: CtsVerifier
Test: atest KeyguardLockedTests
Change-Id: Id20097b04ce881e7028609d2ba1c30c26ba3c8cf
This is a completely new API so callers can follow the new pattern of
using 0 to require auth for every use of the key.
Supporting both -1 and 0 to require auth for every use of the key
increases CtsVerifier complexity exponentially (strongbox,
invalidated by enrollment, etc).
Fixes: 150823346
Test: builds
Change-Id: Ieef53a8b50f5119c5e52656e930bf16b1e8e3d89
The default timeout and authentication type is being updated to offer a
correct default that matches the old behavior.
Bug: 149931201
Test: CtsVerifier
Change-Id: I3f3d4f8d5b02455c285a882933fd6c37739ee44a
Fix the documentation for USE_INDIVIDUAL_ATTESTATION which was
copy-pasted from another attestation ID type.
Bug: 149475774
Test: That it compiles.
Change-Id: I9366870c8875997321c93fe1db216e91f374b1db
1) BiometricService / AuthService always need to be started, since on
Android 11 and later, the public credential auth API comes through this
path.
2) Consolidate getAuthenticatorId() and expose via AuthService. This is
used only by the platform during key generation. Instead of asking
each individual service, AuthService will return a list of IDs for
sensors which are enrolled and meet the required strength.
Test: atest com.android.server.biometrics
Test: fingerprint device, CtsVerifier biometric section
Test: face unlock device, CtsVerifier biometric section
Test: remove biometrics from device, CtsVerifier biometric section
Bug: 148419762
Bug: 149795050
Change-Id: I2c5385b1cd4f343fabb0010e1fe6fb1ea8283391
This stops KeyChain from throwing AssertionError when binding to
service fails due to user being locked, which would have crashed
the entire system server.
Bug: 149912024
Test: atest KeyChainTests
Change-Id: Ie110a4210e157cc9b111d845478bdf21e948ba4f
Previously, auth per operation keystore keys could only be authorized
with biometrics. There is no reason to restrict this functionality to
biometrics. This change slightly refactors the key parameter builder
interface to allow the caller to specify which authentication types
should be allowed for an auth per op key.
Bug: 147693375
Bug: 140256692
Test: atest keystore
Change-Id: I5cbf3d4e3f0e84d577dbf6b4cb356b1010100925
Mirror KeyProtection.setCriticalToDeviceEncryption so
the flag can also be set on keys generated by keystore.
Bug: 72178550
Test: atest android.security.keystore.KeyGenParameterSpecTest
Test: atest android.security.ParcelableKeyGenParameterSpecTest
Change-Id: I7f102c82e60f211028c694d499ffd2838b89bb2b
Existing annotations in libcore/ and frameworks/ will deleted after the migration. This also means that any java library that compiles @UnsupportedAppUsage requires a direct dependency on "unsupportedappusage" java_library.
Bug: 145132366
Test: m && diff unsupportedappusage_index.csv
Change-Id: I4bc8c9482e4bb1af21363f951affff7ee3fefeab
Merged-In: I4bc8c9482e4bb1af21363f951affff7ee3fefeab
Existing annotations in libcore/ and frameworks/ will deleted after the migration. This also means that any java library that compiles @UnsupportedAppUsage requires a direct dependency on "unsupportedappusage" java_library.
Bug: 145132366
Test: m && diff unsupportedappusage_index.csv
Change-Id: I4bc8c9482e4bb1af21363f951affff7ee3fefeab
Platform VPN profiles keyed by apps must use a different key prefix to
prevent the Settings app from seeing them (and thus exposing potentially
sensitive credential information). Thus, the profiles will be
partitioned as follows:
Custom (Settings-app) based profiles continues using VPN_* prefix
App provisioned profiles will use the new PLATFORM_VPN_* prefix
Bug: 144245359
Test: Compiles, FrameworksNetTests passing
Change-Id: If8762e468c6cbbeb80738f14b066ebbad5cc665f
Properly define the constant for requesting the use of device individual
attestation certificate and use it in AttestationUtils.
This lets callers to DevicePolicyManager.generateKeyPair request the use
of device-unique attestation certificate, on Keymaster implementations
that support this.
Bug: 140193672
Bug: 136494773
Test: atest com.android.cts.devicepolicy.MixedDeviceOwnerTest#testKeyManagement
Change-Id: I74de89e4c121a27b0495dcb99b0775445c3d4eaf
Only send updates when a configurable threshold is met.
For some scenarios this results in a significant performance
improvement. Specifically sign operations should be 10-40% faster.
Bug: 139891753
Test: atest CtsKeystoreTestCases
Change-Id: I233679d4f8582eeaaa6f21e3102cce08110f0482
This additional input will be unused for now, but future changes are
expected to utilize it.
Test: Keystore CTS Tests
Change-Id: I5c388032e3710e3825bdb06b26443a5ae2c034a3
BlockingQueue does not accept null values, change to CountDownLatch for
synchronization.
Bug: 144477553
Test: Enable multiple managed profiles, and run
`atest UserLifecycleTests#managedProfileStopped`
Change-Id: I1a003568896ce7983a5ac14a710944d914c86bac
Two @SystemApi's being added to allow wifi mainline module to access
formal API's:
a) KeyGenParameterSpec.Builder.setUid() to allow wifi to create/store keys
with WIFI_UID.
b) AndroidKeyStoreProvider.getKeyStoreForUid() to allow wifi to get/put
any keys stored with WIFI_UID.
Both of these API's are already permission protected in the lower
layers. There is a map of euid's stored in the native keystore which
limits which uid is allowed to access which other uid's data.
Bug: 142089671
Test: make system-api-stubs-docs-update-current-api
Change-Id: I39b92d2293bcdc26bb0a4a48a1d1e4cc0b20ad0b
In order to keep conformity across the ecosystem, keystore will enforce
that HMAC key sizes coming in through the framework must be limited to
the range of 64-512 bits, inclusive. This will be the case for both TEE
and StrongBox Keymaster implementations.
Bug: 143404829
Test: atest CtsKeystoreTestCases
Change-Id: I2ea867392060f4478b5a01bd747a4345e1fded4c
