Merge "Use local status for convert profile"
diff --git a/core/java/android/os/SystemClock.java b/core/java/android/os/SystemClock.java
index 7379443..d03a87d 100644
--- a/core/java/android/os/SystemClock.java
+++ b/core/java/android/os/SystemClock.java
@@ -352,7 +352,7 @@
}
long currentNanos = elapsedRealtimeNanos();
long deltaMs = (currentNanos - time.getElapsedRealtimeNanos()) / 1000000L;
- return time.getTime() + deltaMs;
+ return time.getUnixEpochTimeMillis() + deltaMs;
}
};
}
diff --git a/core/java/android/security/keymaster/KeymasterDefs.java b/core/java/android/security/keymaster/KeymasterDefs.java
index f900558..8efc5eb 100644
--- a/core/java/android/security/keymaster/KeymasterDefs.java
+++ b/core/java/android/security/keymaster/KeymasterDefs.java
@@ -68,6 +68,8 @@
public static final int KM_TAG_RSA_PUBLIC_EXPONENT = Tag.RSA_PUBLIC_EXPONENT; // KM_ULONG | 200;
public static final int KM_TAG_INCLUDE_UNIQUE_ID = Tag.INCLUDE_UNIQUE_ID; // KM_BOOL | 202;
+ public static final int KM_TAG_RSA_OAEP_MGF_DIGEST = Tag.RSA_OAEP_MGF_DIGEST;
+ // KM_ENUM_REP | 203;
public static final int KM_TAG_ACTIVE_DATETIME = Tag.ACTIVE_DATETIME; // KM_DATE | 400;
public static final int KM_TAG_ORIGINATION_EXPIRE_DATETIME =
diff --git a/core/java/android/text/format/DateFormat.java b/core/java/android/text/format/DateFormat.java
index 537dffc..d48d566 100755
--- a/core/java/android/text/format/DateFormat.java
+++ b/core/java/android/text/format/DateFormat.java
@@ -170,7 +170,7 @@
* mean using 12-hour in some locales and, in this case, is duplicated as the 'a' field.
*/
@ChangeId
- @EnabledSince(targetSdkVersion = Build.VERSION_CODES.CUR_DEVELOPMENT)
+ @EnabledSince(targetSdkVersion = Build.VERSION_CODES.UPSIDE_DOWN_CAKE)
static final long DISALLOW_DUPLICATE_FIELD_IN_SKELETON = 170233598L;
/**
diff --git a/core/jni/OWNERS b/core/jni/OWNERS
index 14699e7..a068008 100644
--- a/core/jni/OWNERS
+++ b/core/jni/OWNERS
@@ -22,7 +22,7 @@
# WindowManager
per-file android_graphics_BLASTBufferQueue.cpp = file:/services/core/java/com/android/server/wm/OWNERS
per-file android_view_Surface* = file:/services/core/java/com/android/server/wm/OWNERS
-per-file android_window_WindowInfosListener.cpp = file:/services/core/java/com/android/server/wm/OWNERS
+per-file android_window_* = file:/services/core/java/com/android/server/wm/OWNERS
# Resources
per-file android_content_res_* = file:/core/java/android/content/res/OWNERS
diff --git a/keystore/java/android/security/keystore/KeyProperties.java b/keystore/java/android/security/keystore/KeyProperties.java
index d9a7994..dbd918e 100644
--- a/keystore/java/android/security/keystore/KeyProperties.java
+++ b/keystore/java/android/security/keystore/KeyProperties.java
@@ -29,6 +29,8 @@
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
+import java.security.spec.AlgorithmParameterSpec;
+import java.security.spec.MGF1ParameterSpec;
import java.util.Collection;
import java.util.Locale;
@@ -675,6 +677,26 @@
}
}
+ /**
+ * @hide
+ */
+ @NonNull public static @DigestEnum
+ AlgorithmParameterSpec fromKeymasterToMGF1ParameterSpec(int digest) {
+ switch (digest) {
+ default:
+ case KeymasterDefs.KM_DIGEST_SHA1:
+ return MGF1ParameterSpec.SHA1;
+ case KeymasterDefs.KM_DIGEST_SHA_2_224:
+ return MGF1ParameterSpec.SHA224;
+ case KeymasterDefs.KM_DIGEST_SHA_2_256:
+ return MGF1ParameterSpec.SHA256;
+ case KeymasterDefs.KM_DIGEST_SHA_2_384:
+ return MGF1ParameterSpec.SHA384;
+ case KeymasterDefs.KM_DIGEST_SHA_2_512:
+ return MGF1ParameterSpec.SHA512;
+ }
+ }
+
@NonNull
public static @DigestEnum String fromKeymasterToSignatureAlgorithmDigest(int digest) {
switch (digest) {
diff --git a/keystore/java/android/security/keystore2/AndroidKeyStoreCipherSpiBase.java b/keystore/java/android/security/keystore2/AndroidKeyStoreCipherSpiBase.java
index e808c5c..7571e44 100644
--- a/keystore/java/android/security/keystore2/AndroidKeyStoreCipherSpiBase.java
+++ b/keystore/java/android/security/keystore2/AndroidKeyStoreCipherSpiBase.java
@@ -69,6 +69,7 @@
*/
abstract class AndroidKeyStoreCipherSpiBase extends CipherSpi implements KeyStoreCryptoOperation {
private static final String TAG = "AndroidKeyStoreCipherSpiBase";
+ public static final String DEFAULT_MGF1_DIGEST = "SHA-1";
// Fields below are populated by Cipher.init and KeyStore.begin and should be preserved after
// doFinal finishes.
@@ -133,24 +134,28 @@
if ("RSA/ECB/OAEPWithSHA-224AndMGF1Padding".equals(transform)) {
OAEPParameterSpec spec =
new OAEPParameterSpec("SHA-224", "MGF1",
- new MGF1ParameterSpec("SHA1"), PSource.PSpecified.DEFAULT);
+ new MGF1ParameterSpec(DEFAULT_MGF1_DIGEST),
+ PSource.PSpecified.DEFAULT);
mCipher.init(opmode, key, spec, random);
} else if ("RSA/ECB/OAEPWithSHA-256AndMGF1Padding".equals(transform)) {
OAEPParameterSpec spec =
new OAEPParameterSpec("SHA-256", "MGF1",
- new MGF1ParameterSpec("SHA1"), PSource.PSpecified.DEFAULT);
+ new MGF1ParameterSpec(DEFAULT_MGF1_DIGEST),
+ PSource.PSpecified.DEFAULT);
mCipher.init(opmode, key, spec, random);
} else if ("RSA/ECB/OAEPWithSHA-384AndMGF1Padding".equals(transform)) {
OAEPParameterSpec spec =
new OAEPParameterSpec("SHA-384", "MGF1",
- new MGF1ParameterSpec("SHA1"), PSource.PSpecified.DEFAULT);
+ new MGF1ParameterSpec(DEFAULT_MGF1_DIGEST),
+ PSource.PSpecified.DEFAULT);
mCipher.init(opmode, key, spec, random);
} else if ("RSA/ECB/OAEPWithSHA-512AndMGF1Padding".equals(transform)) {
OAEPParameterSpec spec =
new OAEPParameterSpec("SHA-512", "MGF1",
- new MGF1ParameterSpec("SHA1"), PSource.PSpecified.DEFAULT);
+ new MGF1ParameterSpec(DEFAULT_MGF1_DIGEST),
+ PSource.PSpecified.DEFAULT);
mCipher.init(opmode, key, spec, random);
} else {
mCipher.init(opmode, key, random);
diff --git a/keystore/java/android/security/keystore2/AndroidKeyStoreKeyPairGeneratorSpi.java b/keystore/java/android/security/keystore2/AndroidKeyStoreKeyPairGeneratorSpi.java
index cdc1085..acc0005 100644
--- a/keystore/java/android/security/keystore2/AndroidKeyStoreKeyPairGeneratorSpi.java
+++ b/keystore/java/android/security/keystore2/AndroidKeyStoreKeyPairGeneratorSpi.java
@@ -16,6 +16,8 @@
package android.security.keystore2;
+import static android.security.keystore2.AndroidKeyStoreCipherSpiBase.DEFAULT_MGF1_DIGEST;
+
import android.annotation.NonNull;
import android.annotation.Nullable;
import android.app.ActivityThread;
@@ -908,6 +910,26 @@
params.add(KeyStore2ParameterUtils.makeEnum(
KeymasterDefs.KM_TAG_PADDING, padding
));
+ if (padding == KeymasterDefs.KM_PAD_RSA_OAEP) {
+ final boolean[] hasDefaultMgf1DigestBeenAdded = {false};
+ ArrayUtils.forEach(mKeymasterDigests, (digest) -> {
+ params.add(KeyStore2ParameterUtils.makeEnum(
+ KeymasterDefs.KM_TAG_RSA_OAEP_MGF_DIGEST, digest
+ ));
+ hasDefaultMgf1DigestBeenAdded[0] |=
+ digest.equals(KeyProperties.Digest.toKeymaster(DEFAULT_MGF1_DIGEST));
+ });
+ /* Because of default MGF1 digest is SHA-1. It has to be added in Key
+ * characteristics. Otherwise, crypto operations will fail with Incompatible
+ * MGF1 digest.
+ */
+ if (!hasDefaultMgf1DigestBeenAdded[0]) {
+ params.add(KeyStore2ParameterUtils.makeEnum(
+ KeymasterDefs.KM_TAG_RSA_OAEP_MGF_DIGEST,
+ KeyProperties.Digest.toKeymaster(DEFAULT_MGF1_DIGEST)
+ ));
+ }
+ }
});
ArrayUtils.forEach(mKeymasterSignaturePaddings, (padding) -> {
params.add(KeyStore2ParameterUtils.makeEnum(
diff --git a/keystore/java/android/security/keystore2/AndroidKeyStoreRSACipherSpi.java b/keystore/java/android/security/keystore2/AndroidKeyStoreRSACipherSpi.java
index 5848247..e9b66aa 100644
--- a/keystore/java/android/security/keystore2/AndroidKeyStoreRSACipherSpi.java
+++ b/keystore/java/android/security/keystore2/AndroidKeyStoreRSACipherSpi.java
@@ -161,10 +161,11 @@
*/
abstract static class OAEPWithMGF1Padding extends AndroidKeyStoreRSACipherSpi {
- private static final String MGF_ALGORITGM_MGF1 = "MGF1";
+ private static final String MGF_ALGORITHM_MGF1 = "MGF1";
private int mKeymasterDigest = -1;
private int mDigestOutputSizeBytes;
+ private int mKeymasterMgf1Digest = KeymasterDefs.KM_DIGEST_SHA1; // Default MGF1 digest
OAEPWithMGF1Padding(int keymasterDigest) {
super(KeymasterDefs.KM_PAD_RSA_OAEP);
@@ -189,10 +190,10 @@
+ ". Only OAEPParameterSpec supported");
}
OAEPParameterSpec spec = (OAEPParameterSpec) params;
- if (!MGF_ALGORITGM_MGF1.equalsIgnoreCase(spec.getMGFAlgorithm())) {
+ if (!MGF_ALGORITHM_MGF1.equalsIgnoreCase(spec.getMGFAlgorithm())) {
throw new InvalidAlgorithmParameterException(
"Unsupported MGF: " + spec.getMGFAlgorithm()
- + ". Only " + MGF_ALGORITGM_MGF1 + " supported");
+ + ". Only " + MGF_ALGORITHM_MGF1 + " supported");
}
String jcaDigest = spec.getDigestAlgorithm();
int keymasterDigest;
@@ -225,11 +226,6 @@
}
MGF1ParameterSpec mgfSpec = (MGF1ParameterSpec) mgfParams;
String mgf1JcaDigest = mgfSpec.getDigestAlgorithm();
- if (!KeyProperties.DIGEST_SHA1.equalsIgnoreCase(mgf1JcaDigest)) {
- throw new InvalidAlgorithmParameterException(
- "Unsupported MGF1 digest: " + mgf1JcaDigest
- + ". Only " + KeyProperties.DIGEST_SHA1 + " supported");
- }
PSource pSource = spec.getPSource();
if (!(pSource instanceof PSource.PSpecified)) {
throw new InvalidAlgorithmParameterException(
@@ -244,6 +240,7 @@
+ ". Only pSpecifiedEmpty (PSource.PSpecified.DEFAULT) supported");
}
mKeymasterDigest = keymasterDigest;
+ mKeymasterMgf1Digest = KeyProperties.Digest.toKeymaster(mgf1JcaDigest);
mDigestOutputSizeBytes =
(KeymasterUtils.getDigestOutputSizeBits(keymasterDigest) + 7) / 8;
}
@@ -273,10 +270,10 @@
protected final AlgorithmParameters engineGetParameters() {
OAEPParameterSpec spec =
new OAEPParameterSpec(
- KeyProperties.Digest.fromKeymaster(mKeymasterDigest),
- MGF_ALGORITGM_MGF1,
- MGF1ParameterSpec.SHA1,
- PSource.PSpecified.DEFAULT);
+ KeyProperties.Digest.fromKeymaster(mKeymasterDigest),
+ MGF_ALGORITHM_MGF1,
+ KeyProperties.Digest.fromKeymasterToMGF1ParameterSpec(mKeymasterMgf1Digest),
+ PSource.PSpecified.DEFAULT);
try {
AlgorithmParameters params = AlgorithmParameters.getInstance("OAEP");
params.init(spec);
@@ -298,6 +295,9 @@
parameters.add(KeyStore2ParameterUtils.makeEnum(
KeymasterDefs.KM_TAG_DIGEST, mKeymasterDigest
));
+ parameters.add(KeyStore2ParameterUtils.makeEnum(
+ KeymasterDefs.KM_TAG_RSA_OAEP_MGF_DIGEST, mKeymasterMgf1Digest
+ ));
}
@Override
diff --git a/keystore/java/android/security/keystore2/AndroidKeyStoreSpi.java b/keystore/java/android/security/keystore2/AndroidKeyStoreSpi.java
index 33411e1..9d424e9 100644
--- a/keystore/java/android/security/keystore2/AndroidKeyStoreSpi.java
+++ b/keystore/java/android/security/keystore2/AndroidKeyStoreSpi.java
@@ -16,6 +16,8 @@
package android.security.keystore2;
+import static android.security.keystore2.AndroidKeyStoreCipherSpiBase.DEFAULT_MGF1_DIGEST;
+
import android.annotation.NonNull;
import android.hardware.biometrics.BiometricManager;
import android.hardware.security.keymint.HardwareAuthenticatorType;
@@ -511,6 +513,28 @@
KeymasterDefs.KM_TAG_PADDING,
padding
));
+ if (padding == KeymasterDefs.KM_PAD_RSA_OAEP) {
+ if (spec.isDigestsSpecified()) {
+ boolean hasDefaultMgf1DigestBeenAdded = false;
+ for (String digest : spec.getDigests()) {
+ importArgs.add(KeyStore2ParameterUtils.makeEnum(
+ KeymasterDefs.KM_TAG_RSA_OAEP_MGF_DIGEST,
+ KeyProperties.Digest.toKeymaster(digest)
+ ));
+ hasDefaultMgf1DigestBeenAdded |= digest.equals(DEFAULT_MGF1_DIGEST);
+ }
+ /* Because of default MGF1 digest is SHA-1. It has to be added in Key
+ * characteristics. Otherwise, crypto operations will fail with Incompatible
+ * MGF1 digest.
+ */
+ if (!hasDefaultMgf1DigestBeenAdded) {
+ importArgs.add(KeyStore2ParameterUtils.makeEnum(
+ KeymasterDefs.KM_TAG_RSA_OAEP_MGF_DIGEST,
+ KeyProperties.Digest.toKeymaster(DEFAULT_MGF1_DIGEST)
+ ));
+ }
+ }
+ }
}
for (String padding : spec.getSignaturePaddings()) {
importArgs.add(KeyStore2ParameterUtils.makeEnum(
diff --git a/keystore/java/android/security/keystore2/KeyStore2ParameterUtils.java b/keystore/java/android/security/keystore2/KeyStore2ParameterUtils.java
index dcdd7de..54955c6 100644
--- a/keystore/java/android/security/keystore2/KeyStore2ParameterUtils.java
+++ b/keystore/java/android/security/keystore2/KeyStore2ParameterUtils.java
@@ -78,6 +78,7 @@
kp.value = KeyParameterValue.blockMode(v);
break;
case Tag.DIGEST:
+ case Tag.RSA_OAEP_MGF_DIGEST:
kp.value = KeyParameterValue.digest(v);
break;
case Tag.EC_CURVE:
diff --git a/location/java/android/location/LocationTime.java b/location/java/android/location/LocationTime.java
index e5535d1..2f03508 100644
--- a/location/java/android/location/LocationTime.java
+++ b/location/java/android/location/LocationTime.java
@@ -20,28 +20,32 @@
import android.os.Parcel;
import android.os.Parcelable;
+import java.time.Duration;
+import java.time.Instant;
+
/**
- * Data class for passing location derived time.
+ * Data class for passing GNSS-derived time.
* @hide
*/
public final class LocationTime implements Parcelable {
- private final long mTime;
+ private final long mUnixEpochTimeMillis;
private final long mElapsedRealtimeNanos;
- public LocationTime(long time, long elapsedRealtimeNanos) {
- mTime = time;
+ public LocationTime(long unixEpochTimeMillis, long elapsedRealtimeNanos) {
+ mUnixEpochTimeMillis = unixEpochTimeMillis;
mElapsedRealtimeNanos = elapsedRealtimeNanos;
}
/**
- * The current time, according to the Gnss location provider. */
- public long getTime() {
- return mTime;
+ * The Unix epoch time in millis, according to the Gnss location provider.
+ */
+ public long getUnixEpochTimeMillis() {
+ return mUnixEpochTimeMillis;
}
/**
- * The elapsed nanos since boot {@link #getTime} was computed at.
+ * The elapsed nanos since boot when {@link #getUnixEpochTimeMillis} was the current time.
*/
public long getElapsedRealtimeNanos() {
return mElapsedRealtimeNanos;
@@ -49,7 +53,7 @@
@Override
public void writeToParcel(Parcel out, int flags) {
- out.writeLong(mTime);
+ out.writeLong(mUnixEpochTimeMillis);
out.writeLong(mElapsedRealtimeNanos);
}
@@ -58,8 +62,18 @@
return 0;
}
+ @Override
+ public String toString() {
+ return "LocationTime{"
+ + "mUnixEpochTimeMillis=" + Instant.ofEpochMilli(mUnixEpochTimeMillis)
+ + "(" + mUnixEpochTimeMillis + ")"
+ + ", mElapsedRealtimeNanos=" + Duration.ofNanos(mElapsedRealtimeNanos)
+ + "(" + mElapsedRealtimeNanos + ")"
+ + '}';
+ }
+
public static final @NonNull Parcelable.Creator<LocationTime> CREATOR =
- new Parcelable.Creator<LocationTime>() {
+ new Parcelable.Creator<>() {
public LocationTime createFromParcel(Parcel in) {
long time = in.readLong();
long elapsedRealtimeNanos = in.readLong();
diff --git a/packages/CredentialManager/OWNERS b/packages/CredentialManager/OWNERS
new file mode 100644
index 0000000..f3b43c1
--- /dev/null
+++ b/packages/CredentialManager/OWNERS
@@ -0,0 +1 @@
+include /core/java/android/credentials/OWNERS
diff --git a/services/core/java/com/android/server/timedetector/GnssTimeUpdateService.java b/services/core/java/com/android/server/timedetector/GnssTimeUpdateService.java
index 5db6000..6949191 100644
--- a/services/core/java/com/android/server/timedetector/GnssTimeUpdateService.java
+++ b/services/core/java/com/android/server/timedetector/GnssTimeUpdateService.java
@@ -261,10 +261,11 @@
private void suggestGnssTime(LocationTime locationTime) {
logDebug("suggestGnssTime()");
- long gnssTime = locationTime.getTime();
+ long gnssUnixEpochTimeMillis = locationTime.getUnixEpochTimeMillis();
long elapsedRealtimeMs = locationTime.getElapsedRealtimeNanos() / 1_000_000L;
- TimestampedValue<Long> timeSignal = new TimestampedValue<>(elapsedRealtimeMs, gnssTime);
+ TimestampedValue<Long> timeSignal =
+ new TimestampedValue<>(elapsedRealtimeMs, gnssUnixEpochTimeMillis);
mLastSuggestedGnssTime = timeSignal;
GnssTimeSuggestion timeSuggestion = new GnssTimeSuggestion(timeSignal);