Add the onDeviceOffBody API method to KeyStore

This is necessary for allowing the KeyStore to lock keys that remain authorized as long as the device is on-body. Bug 28911985 Change-Id: If50bc84d5a1cb23f9b01b1950c3676d1519cc4f5
XPerience-AOSP-Lollipop · Sep 23, 2016 · b32aae2 · b32aae2
1 parent 1c49ec3
commit b32aae2
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 0 deletions.
diff --git a/core/java/android/security/IKeystoreService.aidl b/core/java/android/security/IKeystoreService.aidl
@@ -76,4 +76,5 @@ interface IKeystoreService {
     int onUserAdded(int userId, int parentId);
     int onUserRemoved(int userId);
     int attestKey(String alias, in KeymasterArguments params, out KeymasterCertificateChain chain);
+    int onDeviceOffBody();
 }
diff --git a/keystore/java/android/security/KeyStore.java b/keystore/java/android/security/KeyStore.java
@@ -626,6 +626,16 @@ public int attestKey(
         }
     }
 
+    /**
+     * Notify keystore that the device went off-body.
+     */
+    public void onDeviceOffBody() {
+        try {
+            mBinder.onDeviceOffBody();
+        } catch (RemoteException e) {
+            Log.w(TAG, "Cannot connect to keystore", e);
+        }
+    }
 
     /**
      * Returns a {@link KeyStoreException} corresponding to the provided keystore/keymaster error