708fc94045
This enables users of AndroidKeyStore crypto to differentiate between the key being unusable until the user is authenticated (UserNotAuthenticatedException) and the key being permanently unusable (KeyPermanentlyInvalidatedException). The latter is the case when the secure lock screen has been disabled or reset, and, for keys that require user authentication for every use, when a new fingerprint is enrolled or all fingerprints are unenrolled. NOTE: The KeyPermanentlyInvalidatedException subsumes/replaces the NewFingerprintEnrolledException which has thus been removed. There is no way to find out whether a key was permenently invalidated specifically because a new fingerprint was added. Bug: 20642549 Bug: 20526234 Change-Id: I0206cd99eef5c605c9c4d6afc5eea02eb3b1fe6b
35 lines
1.0 KiB
Java
35 lines
1.0 KiB
Java
package android.security;
|
|
|
|
import android.os.RemoteException;
|
|
import android.os.ServiceManager;
|
|
import android.os.UserHandle;
|
|
import android.service.gatekeeper.IGateKeeperService;
|
|
|
|
/**
|
|
* Convenience class for accessing the gatekeeper service.
|
|
*
|
|
* @hide
|
|
*/
|
|
public abstract class GateKeeper {
|
|
|
|
private GateKeeper() {}
|
|
|
|
public static IGateKeeperService getService() {
|
|
IGateKeeperService service = IGateKeeperService.Stub.asInterface(
|
|
ServiceManager.getService("android.service.gatekeeper.IGateKeeperService"));
|
|
if (service == null) {
|
|
throw new IllegalStateException("Gatekeeper service not available");
|
|
}
|
|
return service;
|
|
}
|
|
|
|
public static long getSecureUserId() throws IllegalStateException {
|
|
try {
|
|
return getService().getSecureUserId(UserHandle.myUserId());
|
|
} catch (RemoteException e) {
|
|
throw new IllegalStateException(
|
|
"Failed to obtain secure user ID from gatekeeper", e);
|
|
}
|
|
}
|
|
}
|