Disallow creating auth-per-use keys [152644939]

Fixed

Bug

Status Update

No update yet.

Description

bo...@google.com

created issue #1

Mar 27, 2020 09:47PM

Currently the library will allow creating a KeyGenParamSpec that requires user authentication for each use of the key (KeyGenParamSpec#getUserAuthenticationValidityDurationSeconds() = 0). These keys won't work properly with Tink at the moment, and their creation should not be permitted.

Comments

ap...@google.com <ap...@google.com> #2Mar 31, 2020 07:45PM

Project: platform/frameworks/support
Branch: androidx-master-dev

commit dff35b0aa22a4dda25c139b19d6ad3733610aec5
Author: Nicole Borrelli <borrelli@google.com>
Date: Fri Mar 27 15:09:29 2020

Disallow creating auth-per-use keys

This adds a check to ensure that if `UserAuthenticationRequired` is
`true` that `UserAuthenticationValidityDurationSeconds` is >0.

Relnote: "Added checks to ensure that if a KeyGenParamSpec is passed in
to `MasterKeys.getOrCreate` that if `getUserAuthenticationRequired`
returns `true` that `getUserAuthenticationValidityDurationSeconds`
returns a value >0."
Bug: 152644939
Test: Existing and new tests pass

Change-Id: I911f5742c926977c80784d353d0ede65e4c07d41

A security/crypto/src/androidTest/java/androidx/security/crypto/MasterKeysTest.java
M security/crypto/src/main/java/androidx/security/crypto/MasterKeys.java

https://android-review.googlesource.com/1270465

bo...@google.com <bo...@google.com> Mar 31, 2020 09:25PM

Marked as fixed.

ra...@gmail.com <ra...@gmail.com> #3Nov 24, 2020 03:21PM

My mani is your aplicesan thes frod (luckyrupee)in applications in my mani is useg bay(razor.pay@obc) up I'd thes ford in=amaunt,,Rs,,4091 plz refand help me

ra...@gmail.com <ra...@gmail.com> #4Nov 24, 2020 03:23PM

Sorry 1 mistik by(razor.pay@sbi) thes frod my mani

lu...@gmail.com <lu...@gmail.com> #5Apr 12, 2024 08:31PM

Well

Issue 152644939