diff options
| author | 2024-01-09 18:25:36 +0000 | |
|---|---|---|
| committer | 2024-02-06 18:28:01 +0000 | |
| commit | d6b54f47158b1d6bb015ba55cb06db1e7204aafa (patch) | |
| tree | c65dc82db5aa342be3dda8d6c78a670bd942c67d | |
| parent | 792d5b0e2d2800d6bf58784406cb3e1a8587ec2b (diff) | |
Add getter for apps with auth-bound keys
Add a method to get the list of apps that have auth-bound keys bound to
a specific SID.
Bug: 302109605
Test: Manual, installed an app that creates auth-bound keys and observed
it is included in the list of apps that have auth-bound keys.
A CtsVerifier is forthcoming.
Change-Id: Id41398bd29e6f80f963b142bb16719761308198e
| -rw-r--r-- | keystore/java/android/security/AndroidKeyStoreMaintenance.java | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/keystore/java/android/security/AndroidKeyStoreMaintenance.java b/keystore/java/android/security/AndroidKeyStoreMaintenance.java index 2beb434566e5..2430e8d8e662 100644 --- a/keystore/java/android/security/AndroidKeyStoreMaintenance.java +++ b/keystore/java/android/security/AndroidKeyStoreMaintenance.java @@ -18,6 +18,7 @@ package android.security; import android.annotation.NonNull; import android.annotation.Nullable; +import android.os.RemoteException; import android.os.ServiceManager; import android.os.ServiceSpecificException; import android.os.StrictMode; @@ -218,4 +219,28 @@ public class AndroidKeyStoreMaintenance { return SYSTEM_ERROR; } } + + /** + * Returns the list of Application UIDs that have auth-bound keys that are bound to + * the given SID. This enables warning the user when they are about to invalidate + * a SID (for example, removing the LSKF). + * + * @param userId - The ID of the user the SID is associated with. + * @param userSecureId - The SID in question. + * + * @return A list of app UIDs. + */ + public static long[] getAllAppUidsAffectedBySid(int userId, long userSecureId) + throws KeyStoreException { + StrictMode.noteDiskWrite(); + try { + return getService().getAppUidsAffectedBySid(userId, userSecureId); + } catch (RemoteException | NullPointerException e) { + throw new KeyStoreException(SYSTEM_ERROR, + "Failure to connect to Keystore while trying to get apps affected by SID."); + } catch (ServiceSpecificException e) { + throw new KeyStoreException(e.errorCode, + "Keystore error while trying to get apps affected by SID."); + } + } } |