From 49e239ec9657d1f60b7654149577141cf86c5738 Mon Sep 17 00:00:00 2001
From: Hasini Gunasinghe <hasinitg@google.com>
Date: Thu, 7 Jan 2021 15:45:30 +0000
Subject: Keystore 2.0: Integrate onLockScreenEvent.

This patch updates LockSettingService and TrustManagerService to use the
new Keystore 2.0 authorization api.

Bug: 166672367
Test: VTS test
Change-Id: I5494d7b923d33d447488a0c67ada43d1f9593861
---
 keystore/java/android/security/Authorization.java | 29 +++++++++++++++++++++++
 1 file changed, 29 insertions(+)

(limited to 'keystore/java')

diff --git a/keystore/java/android/security/Authorization.java b/keystore/java/android/security/Authorization.java
index 1fde2b5412ed..fcc518c374e3 100644
--- a/keystore/java/android/security/Authorization.java
+++ b/keystore/java/android/security/Authorization.java
@@ -17,11 +17,13 @@
 package android.security;
 
 import android.annotation.NonNull;
+import android.annotation.Nullable;
 import android.hardware.security.keymint.HardwareAuthToken;
 import android.os.RemoteException;
 import android.os.ServiceManager;
 import android.os.ServiceSpecificException;
 import android.security.authorization.IKeystoreAuthorization;
+import android.security.authorization.LockScreenEvent;
 import android.system.keystore2.ResponseCode;
 import android.util.Log;
 
@@ -75,4 +77,31 @@ public class Authorization {
         return addAuthToken(AuthTokenUtils.toHardwareAuthToken(authToken));
     }
 
+    /**
+     * Informs keystore2 about lock screen event.
+     *
+     * @param locked            - whether it is a lock (true) or unlock (false) event
+     * @param syntheticPassword - if it is an unlock event with the password, pass the synthetic
+     *                          password provided by the LockSettingService
+     *
+     * @return 0 if successful or a {@code ResponseCode}.
+     */
+    public int onLockScreenEvent(@NonNull boolean locked, @NonNull int userId,
+            @Nullable byte[] syntheticPassword) {
+        if (!android.security.keystore2.AndroidKeyStoreProvider.isInstalled()) return 0;
+        try {
+            if (locked) {
+                getService().onLockScreenEvent(LockScreenEvent.LOCK, userId, null);
+            } else {
+                getService().onLockScreenEvent(LockScreenEvent.UNLOCK, userId, syntheticPassword);
+            }
+            return 0;
+        } catch (RemoteException e) {
+            Log.w(TAG, "Can not connect to keystore", e);
+            return SYSTEM_ERROR;
+        } catch (ServiceSpecificException e) {
+            return e.errorCode;
+        }
+    }
+
 }
-- 
cgit v1.2.3-59-g8ed1b