diff options
author | Eric Biggers <ebiggers@google.com> | 2023-12-07 19:36:14 +0000 |
---|---|---|
committer | Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> | 2023-12-07 19:36:14 +0000 |
commit | 146a86bea95882371d1c0c1c338dbe8e8b6a4bb0 (patch) | |
tree | 7ff2d8bc887e9e46f05eee7ab4976c526af728f8 /keystore | |
parent | 0e782f511650b73c61cfd58fc4674d4e4efcfa1f (diff) | |
parent | ee44db6f51e68dfeea19c0c82b6475c9d4dd07ec (diff) | |
download | base-146a86bea95882371d1c0c1c338dbe8e8b6a4bb0.tar.gz |
Merge "Split Keystore's onLockScreenEvent into onDevice{Unlocked,Locked}" into main am: 20821529ca am: 85c8ac5156 am: ee44db6f51
Original change: https://android-review.googlesource.com/c/platform/frameworks/base/+/2855338
Change-Id: Idd7fed048d11b54d76dba27be2a396d8d09ad88d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
Diffstat (limited to 'keystore')
-rw-r--r-- | keystore/java/android/security/Authorization.java | 40 |
1 files changed, 25 insertions, 15 deletions
diff --git a/keystore/java/android/security/Authorization.java b/keystore/java/android/security/Authorization.java index b4b3e9275035..4ec5e1b67c5d 100644 --- a/keystore/java/android/security/Authorization.java +++ b/keystore/java/android/security/Authorization.java @@ -26,7 +26,6 @@ import android.os.ServiceManager; import android.os.ServiceSpecificException; import android.os.StrictMode; import android.security.authorization.IKeystoreAuthorization; -import android.security.authorization.LockScreenEvent; import android.system.keystore2.ResponseCode; import android.util.Log; @@ -76,26 +75,37 @@ public class Authorization { } /** - * Informs keystore2 about lock screen event. + * Tells Keystore that the device is now unlocked for a user. * - * @param locked - whether it is a lock (true) or unlock (false) event - * @param syntheticPassword - if it is an unlock event with the password, pass the synthetic - * password provided by the LockSettingService - * @param unlockingSids - KeyMint secure user IDs that should be permitted to unlock - * UNLOCKED_DEVICE_REQUIRED keys. + * @param userId - the user's Android user ID + * @param password - a secret derived from the user's synthetic password, if the unlock method + * is LSKF (or equivalent) and thus has made the synthetic password available + * @return 0 if successful or a {@code ResponseCode}. + */ + public static int onDeviceUnlocked(int userId, @Nullable byte[] password) { + StrictMode.noteDiskWrite(); + try { + getService().onDeviceUnlocked(userId, password); + return 0; + } catch (RemoteException | NullPointerException e) { + Log.w(TAG, "Can not connect to keystore", e); + return SYSTEM_ERROR; + } catch (ServiceSpecificException e) { + return e.errorCode; + } + } + + /** + * Tells Keystore that the device is now locked for a user. * + * @param userId - the user's Android user ID + * @param unlockingSids - list of biometric SIDs with which the device may be unlocked again * @return 0 if successful or a {@code ResponseCode}. */ - public static int onLockScreenEvent(@NonNull boolean locked, @NonNull int userId, - @Nullable byte[] syntheticPassword, @Nullable long[] unlockingSids) { + public static int onDeviceLocked(int userId, @NonNull long[] unlockingSids) { StrictMode.noteDiskWrite(); try { - if (locked) { - getService().onLockScreenEvent(LockScreenEvent.LOCK, userId, null, unlockingSids); - } else { - getService().onLockScreenEvent( - LockScreenEvent.UNLOCK, userId, syntheticPassword, unlockingSids); - } + getService().onDeviceLocked(userId, unlockingSids); return 0; } catch (RemoteException | NullPointerException e) { Log.w(TAG, "Can not connect to keystore", e); |