summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--core/java/android/os/Process.java6
-rw-r--r--services/core/java/com/android/server/security/KeyAttestationApplicationIdProviderService.java14
2 files changed, 14 insertions, 6 deletions
diff --git a/core/java/android/os/Process.java b/core/java/android/os/Process.java
index 6f4f30c4981a..10b4e5ddcd55 100644
--- a/core/java/android/os/Process.java
+++ b/core/java/android/os/Process.java
@@ -99,6 +99,12 @@ public class Process {
public static final int KEYSTORE_UID = 1017;
/**
+ * Defines the UID/GID for credstore.
+ * @hide
+ */
+ public static final int CREDSTORE_UID = 1076;
+
+ /**
* Defines the UID/GID for the NFC service process.
* @hide
*/
diff --git a/services/core/java/com/android/server/security/KeyAttestationApplicationIdProviderService.java b/services/core/java/com/android/server/security/KeyAttestationApplicationIdProviderService.java
index a8c68c07231d..c908acdd1d6c 100644
--- a/services/core/java/com/android/server/security/KeyAttestationApplicationIdProviderService.java
+++ b/services/core/java/com/android/server/security/KeyAttestationApplicationIdProviderService.java
@@ -24,16 +24,16 @@ import android.content.pm.PackageManager.NameNotFoundException;
import android.os.Binder;
import android.os.RemoteException;
import android.os.UserHandle;
-import android.security.keymaster.KeyAttestationPackageInfo;
-import android.security.keymaster.KeyAttestationApplicationId;
import android.security.keymaster.IKeyAttestationApplicationIdProvider;
+import android.security.keymaster.KeyAttestationApplicationId;
+import android.security.keymaster.KeyAttestationPackageInfo;
/**
* @hide
* The KeyAttestationApplicationIdProviderService provides information describing the possible
* applications identified by a UID. Due to UID sharing, this KeyAttestationApplicationId can
- * comprise information about multiple packages. The Information is used by keystore to describe
- * the initiating application of a key attestation procedure.
+ * comprise information about multiple packages. The Information is used by keystore and credstore
+ * to describe the initiating application of a key attestation procedure.
*/
public class KeyAttestationApplicationIdProviderService
extends IKeyAttestationApplicationIdProvider.Stub {
@@ -46,8 +46,10 @@ public class KeyAttestationApplicationIdProviderService
public KeyAttestationApplicationId getKeyAttestationApplicationId(int uid)
throws RemoteException {
- if (Binder.getCallingUid() != android.os.Process.KEYSTORE_UID) {
- throw new SecurityException("This service can only be used by Keystore");
+ int callingUid = Binder.getCallingUid();
+ if (callingUid != android.os.Process.KEYSTORE_UID
+ && callingUid != android.os.Process.CREDSTORE_UID) {
+ throw new SecurityException("This service can only be used by Keystore or Credstore");
}
KeyAttestationPackageInfo[] keyAttestationPackageInfos = null;
final long token = Binder.clearCallingIdentity();
generated by cgit v1.2.3-59-g8ed1b (git 2.39.0) at 2025-12-06 09:00:17 +0000