Merge "Allow CTS tests to access more from KeyProtection" into pi-dev
diff --git a/api/test-current.txt b/api/test-current.txt
index 94154c2..a4f422b 100644
--- a/api/test-current.txt
+++ b/api/test-current.txt
@@ -707,6 +707,14 @@
field public static final int ID_TYPE_SERIAL = 1; // 0x1
}
+ public final class KeyProtection implements java.security.KeyStore.ProtectionParameter {
+ method public long getBoundToSpecificSecureUserId();
+ }
+
+ public static final class KeyProtection.Builder {
+ method public android.security.keystore.KeyProtection.Builder setBoundToSpecificSecureUserId(long);
+ }
+
}
package android.service.autofill {
diff --git a/keystore/java/android/security/keystore/KeyGenParameterSpec.java b/keystore/java/android/security/keystore/KeyGenParameterSpec.java
index c0d0fb0..d95feb0 100644
--- a/keystore/java/android/security/keystore/KeyGenParameterSpec.java
+++ b/keystore/java/android/security/keystore/KeyGenParameterSpec.java
@@ -673,8 +673,8 @@
}
/**
- * Returns {@code true} if the screen must be unlocked for this key to be used for encryption or
- * signing. Decryption and signature verification will still be available when the screen is
+ * Returns {@code true} if the screen must be unlocked for this key to be used for decryption or
+ * signing. Encryption and signature verification will still be available when the screen is
* locked.
*
* @see Builder#setUnlockedDeviceRequired(boolean)
diff --git a/keystore/java/android/security/keystore/KeyProtection.java b/keystore/java/android/security/keystore/KeyProtection.java
index 41dc201..92bee8d 100644
--- a/keystore/java/android/security/keystore/KeyProtection.java
+++ b/keystore/java/android/security/keystore/KeyProtection.java
@@ -19,6 +19,7 @@
import android.annotation.IntRange;
import android.annotation.NonNull;
import android.annotation.Nullable;
+import android.annotation.TestApi;
import android.app.KeyguardManager;
import android.hardware.fingerprint.FingerprintManager;
import android.security.GateKeeper;
@@ -496,6 +497,7 @@
* @see KeymasterUtils#addUserAuthArgs
* @hide
*/
+ @TestApi
public long getBoundToSpecificSecureUserId() {
return mBoundToSecureUserId;
}
@@ -511,8 +513,8 @@
}
/**
- * Returns {@code true} if the screen must be unlocked for this key to be used for encryption or
- * signing. Decryption and signature verification will still be available when the screen is
+ * Returns {@code true} if the screen must be unlocked for this key to be used for decryption or
+ * signing. Encryption and signature verification will still be available when the screen is
* locked.
*
* @see Builder#setUnlockedDeviceRequired(boolean)
@@ -913,6 +915,7 @@
* @see KeyProtection#getBoundToSpecificSecureUserId()
* @hide
*/
+ @TestApi
public Builder setBoundToSpecificSecureUserId(long secureUserId) {
mBoundToSecureUserId = secureUserId;
return this;