Add an API to check whether the recoverable keystore is enabled

author Bo Zhu <bozhu@google.com>

Tue, 10 Apr 2018 20:58:25 +0000 (13:58 -0700)

committer Bo Zhu <bozhu@google.com>

Tue, 10 Apr 2018 21:50:21 +0000 (14:50 -0700)
author Bo Zhu <bozhu@google.com>
Tue, 10 Apr 2018 20:58:25 +0000 (13:58 -0700)
committer Bo Zhu <bozhu@google.com>
Tue, 10 Apr 2018 21:50:21 +0000 (14:50 -0700)
diff --git a/api/system-current.txt b/api/system-current.txt

index 76a71cd..85c1f56 100644 (file)
--- a/api/system-current.txt
+++ b/api/system-current.txt
@@ -4397,6 +4397,7 @@ package android.security.keystore.recovery {
      method public java.security.Key importKey(java.lang.String, byte[]) throws android.security.keystore.recovery.InternalRecoveryServiceException, android.security.keystore.recovery.LockScreenRequiredException;
      method public deprecated void initRecoveryService(java.lang.String, byte[]) throws java.security.cert.CertificateException, android.security.keystore.recovery.InternalRecoveryServiceException;
      method public void initRecoveryService(java.lang.String, byte[], byte[]) throws java.security.cert.CertificateException, android.security.keystore.recovery.InternalRecoveryServiceException;
+    method public static boolean isRecoverableKeyStoreEnabled(android.content.Context);
      method public void removeKey(java.lang.String) throws android.security.keystore.recovery.InternalRecoveryServiceException;
      method public void setRecoverySecretTypes(int[]) throws android.security.keystore.recovery.InternalRecoveryServiceException;
      method public deprecated void setRecoveryStatus(java.lang.String, java.lang.String, int) throws android.security.keystore.recovery.InternalRecoveryServiceException, android.content.pm.PackageManager.NameNotFoundException;
diff --git a/core/java/android/security/keystore/recovery/RecoveryController.java b/core/java/android/security/keystore/recovery/RecoveryController.java

index f351c5a..b84843b 100644 (file)
--- a/core/java/android/security/keystore/recovery/RecoveryController.java
+++ b/core/java/android/security/keystore/recovery/RecoveryController.java
@@ -20,6 +20,7 @@ import android.annotation.NonNull;
  import android.annotation.Nullable;
  import android.annotation.RequiresPermission;
  import android.annotation.SystemApi;
+import android.app.KeyguardManager;
  import android.app.PendingIntent;
  import android.content.Context;
  import android.content.pm.PackageManager.NameNotFoundException;
@@ -288,6 +289,18 @@ public class RecoveryController {
      }
  
      /**
+     * Checks whether the recoverable key store is currently available.
+     *
+     * <p>If it returns true, the device must currently be using a screen lock that is supported for
+     * use with the recoverable key store, i.e. AOSP PIN, pattern or password.
+     */
+    @RequiresPermission(android.Manifest.permission.RECOVER_KEYSTORE)
+    public static boolean isRecoverableKeyStoreEnabled(@NonNull Context context) {
+        KeyguardManager keyguardManager = context.getSystemService(KeyguardManager.class);
+        return keyguardManager != null && keyguardManager.isDeviceSecure();
+    }
+
+    /**
       * @deprecated Use {@link #initRecoveryService(String, byte[], byte[])} instead.
       */
      @Deprecated
author	Bo Zhu <bozhu@google.com>
	Tue, 10 Apr 2018 20:58:25 +0000 (13:58 -0700)
committer	Bo Zhu <bozhu@google.com>
	Tue, 10 Apr 2018 21:50:21 +0000 (14:50 -0700)
api/system-current.txt		patch \| blob \| history
core/java/android/security/keystore/recovery/RecoveryController.java		patch \| blob \| history