Support and use TAG_ALLOW_WHILE_ON_BODY There are three changes in this CL: 1. Persist all characteristics provided at the time of key creation. We do this to avoid device-specific keymaster implementations stripping keys they are not aware of. 2. Add an onDeviceOffBody API method that will be called whenever a wearable device is detected to have been removed. 3. Check whether a key was created with TAG_ALLOW_WHILE_ON_BODY and the device has gone off-body since the last auth event when deciding whether it can be used. BUG: 30701680 BUG: 28911985 Change-Id: I6be3af3dee8e576fe713dfdd726502d8b333f224

commit: 0ab28b78bd06a06a0ffa150cef5876d56212902a [log] [tgz]
author: Tucker Sylvestro <tuckeris@google.com> Fri Aug 05 18:02:47 2016 -0400
committer: Tucker Sylvestro <tuckeris@google.com> Wed Oct 05 18:38:42 2016 -0400
tree: 0d9ef0ef9ddfec5fbb186264f4e888332d42db76
parent: 37ca4172bb9c62ff25b5277ad7066935f538b749 [diff] [blame]
diff --git a/keystore/key_store_service.h b/keystore/key_store_service.h
index 7d55919..cd43391 100644
--- a/keystore/key_store_service.h
+++ b/keystore/key_store_service.h

@@ -119,6 +119,8 @@
     int32_t attestKey(const String16& name, const KeymasterArguments& params,
                       KeymasterCertificateChain* outChain) override;
 
+    int32_t onDeviceOffBody();
+
   private:
     static const int32_t UID_SELF = -1;
commit	0ab28b78bd06a06a0ffa150cef5876d56212902a	[log] [tgz]
author	Tucker Sylvestro <tuckeris@google.com>	Fri Aug 05 18:02:47 2016 -0400
committer	Tucker Sylvestro <tuckeris@google.com>	Wed Oct 05 18:38:42 2016 -0400
tree	0d9ef0ef9ddfec5fbb186264f4e888332d42db76
parent	37ca4172bb9c62ff25b5277ad7066935f538b749 [diff] [blame]