For Android N release, migrating and updating Scoped Directory Access
docs into regular DAC docs. Updated TOC and added redirect.
Removed preview/features doc. Updated and moved images.
Bug: 30257320
Change-Id: I3440fe1b74947cbfbd1ada6f5d6bee5e49847927
For Android N release, migrating and updating Direct Boot
docs into regular DAC docs. Updated TOC and added redirect.
Removed preview/features doc.
Bug: 30256895
Change-Id: I5c6d457dc69c911199f86f0e0ed93ec7d6244779
Updated page location, TOC entry, and URL redirect in preparation
for Android Nougat OTA release.
Bug: 28851641
Change-Id: I8be252d79b0b5ad3c7d814175e6bfbfb98e95daf
This undoes the automerger skip which occured in
commit e740c84dc32180214a7fd157105d6c18d30408ee and
replays it as a standard (NOT -s ours) merge.
Change-Id: If5a47be26f73d6a0735c425cd66310a3e2a89086
This updates Android Keystore developer documentation to clarify how
to replace the self-signed certificate create by Android Keystore when
it generates a new key pair. Some developers are attempting to use
KeyStore.setCertificateEntry which is the wrong method for this. The
correct method is KeyStore.setKeyEntry.
Bug: 28152878
Change-Id: I306447b7792ecad5fbb49bd691a57bedb5207003
A paragraph under the "Requesting Permissions" section of the
"Security Tips" page discusses the complications associated with
sharing data over inter-process communication (IPC) when the clients
involved have different permission settings. This paragraph now
includes a working link and clearer wording to describe the concept.
Bug: 26807597
Change-Id: I35e316f5f97d4ec45d9beaae95424221e6a92da5
The body of {@code} must not be HTML escaped. This is one of
several changes that fix the source in conjunction with a
doclava fix.
Bug: 25757239
Change-Id: Ib38a0fa2dd2a3d68e467f78a812071e763d7e881
With Android M, the Apache HTTP client is no longer supported.
Removing references to that client and the clients that depend
on it (DefaultHttpClient and AndroidHttpClient). Replacing, when
appropriate, with references to HttpURLConnection.
Also removing references to the 2011 blog post "Android's HTTP
Clients" (https://goto.google.com/cusll) since that post is largely
about the ex-clients.
Fixed a couple of other small errors while I had the files open
(for example, changed a sample URL in a code snippet to the safe
www.example.com).
bug: 19696844
Change-Id: Iabf780140c37d5fc95c0d45542c425a945c69337
List of issues from https://code.google.com/p/android/issues that are fixed by this CL: 183476,183249,183248,183241,183222,183142,183093,183329,182385,182311,182193,182019,73149,181589,179740,179384,178322,178189,178086,178020,177169,176312,175138,172322,172030,171820,170647,167288,163574,161580,161041,159199,151347,144290,136137,132505
Change-Id: I2e96f7444048abd2f666c75bd6ab9640019afb75
This updates the Android platform SDK documentation to list which
algorithms are supported by Android Keystore on which Android
platforms.
The list is similar in design to the one in SSLSocket and SSLEngine.
Bug: 22661043
Change-Id: I08fcf65ca58ead644100b673dceb93c67f34f507
This CL addresses the comments from API Council about Android KeyStore
KeyPairGeneratorSpec, KeyGeneratorSpec and KeyStoreParameter:
1. These abstractions should not take or hold references to Context.
2. The Builders of these abstractions should take all mandatory
parameters in their constructors rather than expose them as
setters -- only optional paratemers should be exposed via setters.
These comments cannot be addressed without deprecation in the already
launched KeyPairGeneratorSpec and KeyStoreParameter. Instead of
deprecating just the getContext methods and Builder constructors, this
CL goes for the nuclear option of deprecating KeyPairGeneratorSpec and
KeyStoreParameter as a whole and exposing all of the AndroidKeyStore
API in the new package android.security.keystore. This enables this CL
to correct all of the accrued design issues with KeyPairGeneratorSpec
(e.g., naming of certificate-related methods) and KeyStoreParameter.
This also makes the transition to API Level M more clear for existing
users of the AndroidKeyStore API. These users will only have to deal
with the new always-mandatory parameters (e.g., purposes) and
sometimes-mandatory (e.g., digests, block modes, paddings) if they
switch to the new API. Prior to this CL they would've had to deal with
this if they invoked any of the new methods of KeyPairGeneratorSpec
or KeyStoreParameter introduced in API Level M.
This CL rips out all the new API introduced into KeyPairGeneratorSpec
and KeyStoreParameter classes for Android M, thus reverting these
classes to the API launched in L MR1. This is because the new API is
now in android.security.keystore.KeyGenParameterSpec and KeyProtection
respectively.
Bug: 21039983
Change-Id: I59672b3c6ef7bc25c40aa85f1c47d9d8a05d627c
isKeyguardSecure also returns true when SIM PIN is required. We don't
care about that because entering SIM PIN does not unlock keys
requiring user authentication. isDeviceSecure returns true only if
secure lock screen is set up, which is exactly what we want.
Bug: 18088752
Change-Id: I47b21f3351f55c11e8e9bcfd7654762973dd9271
This simplifies the AndroidKeyStore API around user authentication: no
more explicit control over which user authenticators are bound to
which keys.
User-authenticated keys with timeout are unlocked by whatever unlocks
the secure lock screen (currently, password/PIN/pattern or
fingerprint). User-authenticated keys that need authentication for
every use are unlocked by fingerprint only.
Bug: 20526234
Bug: 20642549
Change-Id: I1e5e6c988f32657d820797ad5696797477a9ebe9
Added paragraph describing security precautions for apps that use
WebView on devices running versions older than Android 4.4. See first
comment for doc stage location.
bug: 19075466
Change-Id: I69937d8dfc37ec1ba693f969500b9dc7404c4635
Most of them are pointless links to a "text/plain" constant which are
far clearer when inlined with the relevant text.
Change-Id: Iaed51b4548cb2836741106dc19c9cf500c205d32
