diff options
| author | 2021-03-01 08:06:58 +0000 | |
|---|---|---|
| committer | 2021-03-01 08:06:58 +0000 | |
| commit | fdfc090a986016b713288e7da33dd5149bf385c9 (patch) | |
| tree | fc198f9c36095d5ad223b2c1fa0d1733ca8155e6 | |
| parent | d3cfb31078f84c7140adc8c7fa256c2f054e0782 (diff) | |
| parent | 36dfffbdbe491cffe76924e0b33e0336aecf7dd7 (diff) | |
Merge "Keystore 2.0: Clear Uid/Namesapce" am: a51a74a8c5 am: 6413a11508 am: 36dfffbdbe
Original change: https://android-review.googlesource.com/c/platform/frameworks/base/+/1604089
MUST ONLY BE SUBMITTED BY AUTOMERGER
Change-Id: I6556ce399ddf4444e7655f05d92861073580c2cf
| -rw-r--r-- | keystore/java/android/security/AndroidKeyStoreMaintenance.java | 25 | ||||
| -rw-r--r-- | keystore/java/android/security/KeyStore.java | 4 |
2 files changed, 26 insertions, 3 deletions
diff --git a/keystore/java/android/security/AndroidKeyStoreMaintenance.java b/keystore/java/android/security/AndroidKeyStoreMaintenance.java index c81c8c54d88a..ed789f03f9ba 100644 --- a/keystore/java/android/security/AndroidKeyStoreMaintenance.java +++ b/keystore/java/android/security/AndroidKeyStoreMaintenance.java @@ -21,6 +21,7 @@ import android.annotation.Nullable; import android.os.ServiceManager; import android.os.ServiceSpecificException; import android.security.usermanager.IKeystoreUserManager; +import android.system.keystore2.Domain; import android.system.keystore2.ResponseCode; import android.util.Log; @@ -39,7 +40,7 @@ public class AndroidKeyStoreMaintenance { } /** - * Informs keystore2 about adding a user + * Informs Keystore 2.0 about adding a user * * @param userId - Android user id of the user being added * @return 0 if successful or a {@code ResponseCode} @@ -60,7 +61,7 @@ public class AndroidKeyStoreMaintenance { } /** - * Informs keystore2 about removing a usergit mer + * Informs Keystore 2.0 about removing a usergit mer * * @param userId - Android user id of the user being removed * @return 0 if successful or a {@code ResponseCode} @@ -81,7 +82,7 @@ public class AndroidKeyStoreMaintenance { } /** - * Informs keystore2 about changing user's password + * Informs Keystore 2.0 about changing user's password * * @param userId - Android user id of the user * @param password - a secret derived from the synthetic password provided by the @@ -102,4 +103,22 @@ public class AndroidKeyStoreMaintenance { return SYSTEM_ERROR; } } + + /** + * Informs Keystore 2.0 that an app was uninstalled and the corresponding namspace is to + * be cleared. + */ + public static int clearNamespace(@Domain int domain, long namespace) { + if (!android.security.keystore2.AndroidKeyStoreProvider.isInstalled()) return 0; + try { + getService().clearNamespace(domain, namespace); + return 0; + } catch (ServiceSpecificException e) { + Log.e(TAG, "clearNamespace failed", e); + return e.errorCode; + } catch (Exception e) { + Log.e(TAG, "Can not connect to keystore", e); + return SYSTEM_ERROR; + } + } } diff --git a/keystore/java/android/security/KeyStore.java b/keystore/java/android/security/KeyStore.java index 198df40c7d7b..93658e69eac8 100644 --- a/keystore/java/android/security/KeyStore.java +++ b/keystore/java/android/security/KeyStore.java @@ -43,6 +43,7 @@ import android.security.keystore.KeyPermanentlyInvalidatedException; import android.security.keystore.KeyProperties; import android.security.keystore.KeystoreResponse; import android.security.keystore.UserNotAuthenticatedException; +import android.system.keystore2.Domain; import android.util.Log; import com.android.internal.org.bouncycastle.asn1.ASN1InputStream; @@ -466,6 +467,9 @@ public class KeyStore { public boolean clearUid(int uid) { try { + if (android.security.keystore2.AndroidKeyStoreProvider.isInstalled()) { + return AndroidKeyStoreMaintenance.clearNamespace(Domain.APP, uid) == 0; + } return mBinder.clear_uid(uid) == NO_ERROR; } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); |