diff options
author | Treehugger Robot <android-test-infra-autosubmit@system.gserviceaccount.com> | 2023-10-05 13:30:49 +0000 |
---|---|---|
committer | Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> | 2023-10-05 13:30:49 +0000 |
commit | b569a0c56c46fad4792db68e4c8db720eeee17d1 (patch) | |
tree | 5f1aeed9d54f1fde2fff6293afa3e1e3bc8e928f | |
parent | 28d14d9cb695438bb198a27af404c5f79f849418 (diff) | |
parent | 2bcc7900baa130b696d8e35f596b051e660f1629 (diff) | |
download | base-tmp_amf_298295554.tar.gz |
Merge "biometric: Add support for KeyAgreement to AndroidX's CryptoObject." into main am: 2bcc7900batmp_amf_298295554
Original change: https://android-review.googlesource.com/c/platform/frameworks/base/+/2646885
Change-Id: I75842c7097aaf25a28aa83a348672566ffc64f19
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
5 files changed, 54 insertions, 1 deletions
diff --git a/core/api/current.txt b/core/api/current.txt index 5e03a81013e3..7ee12d1c3ae0 100644 --- a/core/api/current.txt +++ b/core/api/current.txt @@ -18372,8 +18372,10 @@ package android.hardware.biometrics { ctor public BiometricPrompt.CryptoObject(@NonNull javax.crypto.Mac); ctor @Deprecated public BiometricPrompt.CryptoObject(@NonNull android.security.identity.IdentityCredential); ctor public BiometricPrompt.CryptoObject(@NonNull android.security.identity.PresentationSession); + ctor @FlaggedApi("android.hardware.biometrics.add_key_agreement_crypto_object") public BiometricPrompt.CryptoObject(@NonNull javax.crypto.KeyAgreement); method public javax.crypto.Cipher getCipher(); method @Deprecated @Nullable public android.security.identity.IdentityCredential getIdentityCredential(); + method @FlaggedApi("android.hardware.biometrics.add_key_agreement_crypto_object") @Nullable public javax.crypto.KeyAgreement getKeyAgreement(); method public javax.crypto.Mac getMac(); method @Nullable public android.security.identity.PresentationSession getPresentationSession(); method public java.security.Signature getSignature(); diff --git a/core/java/android/hardware/biometrics/BiometricPrompt.java b/core/java/android/hardware/biometrics/BiometricPrompt.java index 2e40f6096ccb..294813d76b99 100644 --- a/core/java/android/hardware/biometrics/BiometricPrompt.java +++ b/core/java/android/hardware/biometrics/BiometricPrompt.java @@ -20,8 +20,10 @@ import static android.Manifest.permission.TEST_BIOMETRIC; import static android.Manifest.permission.USE_BIOMETRIC; import static android.Manifest.permission.USE_BIOMETRIC_INTERNAL; import static android.hardware.biometrics.BiometricManager.Authenticators; +import static android.hardware.biometrics.Flags.FLAG_ADD_KEY_AGREEMENT_CRYPTO_OBJECT; import android.annotation.CallbackExecutor; +import android.annotation.FlaggedApi; import android.annotation.IntDef; import android.annotation.NonNull; import android.annotation.Nullable; @@ -53,6 +55,7 @@ import java.util.List; import java.util.concurrent.Executor; import javax.crypto.Cipher; +import javax.crypto.KeyAgreement; import javax.crypto.Mac; /** @@ -729,7 +732,7 @@ public class BiometricPrompt implements BiometricAuthenticator, BiometricConstan * A wrapper class for the cryptographic operations supported by BiometricPrompt. * * <p>Currently the framework supports {@link Signature}, {@link Cipher}, {@link Mac}, - * {@link IdentityCredential}, and {@link PresentationSession}. + * {@link IdentityCredential}, {@link PresentationSession} and {@link KeyAgreement}. * * <p>Cryptographic operations in Android can be split into two categories: auth-per-use and * time-based. This is specified during key creation via the timeout parameter of the @@ -774,6 +777,11 @@ public class BiometricPrompt implements BiometricAuthenticator, BiometricConstan super(session); } + @FlaggedApi(FLAG_ADD_KEY_AGREEMENT_CRYPTO_OBJECT) + public CryptoObject(@NonNull KeyAgreement keyAgreement) { + super(keyAgreement); + } + /** * Get {@link Signature} object. * @return {@link Signature} object or null if this doesn't contain one. @@ -815,6 +823,15 @@ public class BiometricPrompt implements BiometricAuthenticator, BiometricConstan public @Nullable PresentationSession getPresentationSession() { return super.getPresentationSession(); } + + /** + * Get {@link KeyAgreement} object. + * @return {@link KeyAgreement} object or null if this doesn't contain one. + */ + @FlaggedApi(FLAG_ADD_KEY_AGREEMENT_CRYPTO_OBJECT) + public @Nullable KeyAgreement getKeyAgreement() { + return super.getKeyAgreement(); + } } /** diff --git a/core/java/android/hardware/biometrics/CryptoObject.java b/core/java/android/hardware/biometrics/CryptoObject.java index 267ef3637ce7..151f819329c9 100644 --- a/core/java/android/hardware/biometrics/CryptoObject.java +++ b/core/java/android/hardware/biometrics/CryptoObject.java @@ -16,6 +16,9 @@ package android.hardware.biometrics; +import static android.hardware.biometrics.Flags.FLAG_ADD_KEY_AGREEMENT_CRYPTO_OBJECT; + +import android.annotation.FlaggedApi; import android.annotation.NonNull; import android.security.identity.IdentityCredential; import android.security.identity.PresentationSession; @@ -24,6 +27,7 @@ import android.security.keystore2.AndroidKeyStoreProvider; import java.security.Signature; import javax.crypto.Cipher; +import javax.crypto.KeyAgreement; import javax.crypto.Mac; /** @@ -62,6 +66,11 @@ public class CryptoObject { mCrypto = session; } + @FlaggedApi(FLAG_ADD_KEY_AGREEMENT_CRYPTO_OBJECT) + public CryptoObject(@NonNull KeyAgreement keyAgreement) { + mCrypto = keyAgreement; + } + /** * Get {@link Signature} object. * @return {@link Signature} object or null if this doesn't contain one. @@ -105,6 +114,15 @@ public class CryptoObject { } /** + * Get {@link PresentationSession} object. + * @return {@link PresentationSession} object or null if this doesn't contain one. + */ + @FlaggedApi(FLAG_ADD_KEY_AGREEMENT_CRYPTO_OBJECT) + public KeyAgreement getKeyAgreement() { + return mCrypto instanceof KeyAgreement ? (KeyAgreement) mCrypto : null; + } + + /** * @hide * @return the opId associated with this object or 0 if none */ diff --git a/core/java/android/hardware/fingerprint/FingerprintManager.java b/core/java/android/hardware/fingerprint/FingerprintManager.java index 01977f6195ff..44d8397ba77a 100644 --- a/core/java/android/hardware/fingerprint/FingerprintManager.java +++ b/core/java/android/hardware/fingerprint/FingerprintManager.java @@ -24,12 +24,14 @@ import static android.Manifest.permission.USE_BIOMETRIC; import static android.Manifest.permission.USE_BIOMETRIC_INTERNAL; import static android.Manifest.permission.USE_FINGERPRINT; import static android.hardware.biometrics.BiometricConstants.BIOMETRIC_LOCKOUT_NONE; +import static android.hardware.biometrics.Flags.FLAG_ADD_KEY_AGREEMENT_CRYPTO_OBJECT; import static android.hardware.fingerprint.FingerprintSensorProperties.TYPE_POWER_BUTTON; import static com.android.internal.util.FrameworkStatsLog.AUTH_DEPRECATED_APIUSED__DEPRECATED_API__API_FINGERPRINT_MANAGER_AUTHENTICATE; import static com.android.internal.util.FrameworkStatsLog.AUTH_DEPRECATED_APIUSED__DEPRECATED_API__API_FINGERPRINT_MANAGER_HAS_ENROLLED_FINGERPRINTS; import static com.android.internal.util.FrameworkStatsLog.AUTH_DEPRECATED_APIUSED__DEPRECATED_API__API_FINGERPRINT_MANAGER_IS_HARDWARE_DETECTED; +import android.annotation.FlaggedApi; import android.annotation.IntDef; import android.annotation.NonNull; import android.annotation.Nullable; @@ -76,6 +78,7 @@ import java.util.List; import java.util.concurrent.Executor; import javax.crypto.Cipher; +import javax.crypto.KeyAgreement; import javax.crypto.Mac; /** @@ -293,6 +296,16 @@ public class FingerprintManager implements BiometricAuthenticator, BiometricFing public PresentationSession getPresentationSession() { return super.getPresentationSession(); } + + /** + * Get {@link KeyAgreement} object. + * @return {@link KeyAgreement} object or null if this doesn't contain one. + * @hide + */ + @FlaggedApi(FLAG_ADD_KEY_AGREEMENT_CRYPTO_OBJECT) + public KeyAgreement getKeyAgreement() { + return super.getKeyAgreement(); + } } /** diff --git a/keystore/java/android/security/keystore2/AndroidKeyStoreProvider.java b/keystore/java/android/security/keystore2/AndroidKeyStoreProvider.java index c55a781ce2a4..11278e84ceaa 100644 --- a/keystore/java/android/security/keystore2/AndroidKeyStoreProvider.java +++ b/keystore/java/android/security/keystore2/AndroidKeyStoreProvider.java @@ -43,6 +43,7 @@ import java.security.interfaces.ECPublicKey; import java.security.interfaces.RSAPublicKey; import javax.crypto.Cipher; +import javax.crypto.KeyAgreement; import javax.crypto.Mac; import javax.crypto.SecretKey; @@ -181,6 +182,8 @@ public class AndroidKeyStoreProvider extends Provider { spi = ((Mac) cryptoPrimitive).getCurrentSpi(); } else if (cryptoPrimitive instanceof Cipher) { spi = ((Cipher) cryptoPrimitive).getCurrentSpi(); + } else if (cryptoPrimitive instanceof KeyAgreement) { + spi = ((KeyAgreement) cryptoPrimitive).getCurrentSpi(); } else { throw new IllegalArgumentException("Unsupported crypto primitive: " + cryptoPrimitive + ". Supported: Signature, Mac, Cipher"); |