diff options
| author | [6;7~ <paulcrowley@google.com> | 2021-04-26 14:22:25 -0700 |
|---|---|---|
| committer | Paul Crowley <paulcrowley@google.com> | 2021-04-27 10:34:32 -0700 |
| commit | 6e14fdc46ba12209004b04598ce852b2d6ca2ffd (patch) | |
| tree | e470f14d1f2305a9b2c43f3fb9d0242b553741cb /core/java | |
| parent | 6b8f292b1745ec2bde7c2117eeb646b5a20035f8 (diff) | |
Specify UID in getAuthenticatorIds
Allow the caller to get authenticator IDs for a specific UID. If
that UID is not the caller UID the USE_BIOMETRIC_INTERNAL permission
is required; this is enforced by AuthService.
Test: aosp/1686345
Bug: 163866361
Merged-In: I0eef28ecefb85f1c10a73a354d08c38087d59814
Change-Id: I0eef28ecefb85f1c10a73a354d08c38087d59814
Diffstat (limited to 'core/java')
| -rw-r--r-- | core/java/android/hardware/biometrics/BiometricManager.java | 19 | ||||
| -rw-r--r-- | core/java/android/hardware/biometrics/IAuthService.aidl | 4 |
2 files changed, 18 insertions, 5 deletions
diff --git a/core/java/android/hardware/biometrics/BiometricManager.java b/core/java/android/hardware/biometrics/BiometricManager.java index e385cd2b7ecd..a778c246ce1b 100644 --- a/core/java/android/hardware/biometrics/BiometricManager.java +++ b/core/java/android/hardware/biometrics/BiometricManager.java @@ -26,7 +26,7 @@ import android.annotation.SystemApi; import android.annotation.SystemService; import android.content.Context; import android.os.RemoteException; -import android.security.keystore.KeyGenParameterSpec; +import android.os.UserHandle; import android.security.keystore.KeyProperties; import android.util.Slog; @@ -334,11 +334,23 @@ public class BiometricManager { * in Keystore land as SIDs, and are used during key generation. * @hide */ - @RequiresPermission(USE_BIOMETRIC_INTERNAL) public long[] getAuthenticatorIds() { + return getAuthenticatorIds(UserHandle.getCallingUserId()); + } + + /** + * Get a list of AuthenticatorIDs for biometric authenticators which have 1) enrolled templates, + * and 2) meet the requirements for integrating with Keystore. The AuthenticatorIDs are known + * in Keystore land as SIDs, and are used during key generation. + * + * @param userId Android user ID for user to look up. + * + * @hide + */ + public long[] getAuthenticatorIds(int userId) { if (mService != null) { try { - return mService.getAuthenticatorIds(); + return mService.getAuthenticatorIds(userId); } catch (RemoteException e) { throw e.rethrowFromSystemServer(); } @@ -347,6 +359,5 @@ public class BiometricManager { return new long[0]; } } - } diff --git a/core/java/android/hardware/biometrics/IAuthService.aidl b/core/java/android/hardware/biometrics/IAuthService.aidl index a6f6c1ea0293..3542482927cb 100644 --- a/core/java/android/hardware/biometrics/IAuthService.aidl +++ b/core/java/android/hardware/biometrics/IAuthService.aidl @@ -55,5 +55,7 @@ interface IAuthService { // Get a list of AuthenticatorIDs for authenticators which have enrolled templates and meet // the requirements for integrating with Keystore. The AuthenticatorID are known in Keystore // land as SIDs, and are used during key generation. - long[] getAuthenticatorIds(); + // If userId is not equal to the calling user ID, the caller must have the + // USE_BIOMETRIC_INTERNAL permission. + long[] getAuthenticatorIds(in int userId); } |