diff options
author | android-build-prod (mdb) <android-build-team-robot@google.com> | 2020-12-17 20:12:12 +0000 |
---|---|---|
committer | Gerrit Code Review <noreply-gerritcodereview@google.com> | 2020-12-17 20:12:12 +0000 |
commit | c78ee090384cb07d4f5638c438ba9f4c25249d2b (patch) | |
tree | f8a903640473582a2740cd1fdeef7510526f25fe | |
parent | c5f0d59a3d37818992a6a53d9383925b5ce1a816 (diff) | |
parent | 4ccf09308f0479b33d178d825fc07c495348b632 (diff) | |
download | support-sparse-7039792-L07600000848640428.tar.gz |
Merge "Merge cherrypicks of [1532047, 1532728] into sparse-6719730-L66600000771150905" into sparse-6719730-L66600000771150905temp_b_183949145sparse-7039792-L71700000848891615sparse-7039792-L70200000848818895sparse-7039792-L55300000846717388sparse-7039792-L44400000849162800sparse-7039792-L27700000847585079sparse-7039792-L07600000848640428
10 files changed, 172 insertions, 24 deletions
diff --git a/buildSrc/src/main/kotlin/androidx/build/LibraryVersions.kt b/buildSrc/src/main/kotlin/androidx/build/LibraryVersions.kt index dfca2fd2703..69595178432 100644 --- a/buildSrc/src/main/kotlin/androidx/build/LibraryVersions.kt +++ b/buildSrc/src/main/kotlin/androidx/build/LibraryVersions.kt @@ -89,7 +89,7 @@ object LibraryVersions { val REMOTECALLBACK = Version("1.0.0-alpha02") val ROOM = Version("2.3.0-alpha01") val SAVEDSTATE = Version("1.1.0-alpha01") - val SECURITY = Version("1.0.0-rc03") + val SECURITY = Version("1.0.0-rc04") val SECURITY_BIOMETRIC = Version("1.0.0-alpha01") val SECURITY_IDENTITY_CREDENTIAL = Version("1.0.0-alpha01") val SERIALIZATION = Version("1.0.0-alpha01") diff --git a/security/crypto/api/1.0.0-rc04.txt b/security/crypto/api/1.0.0-rc04.txt new file mode 100644 index 00000000000..3fb36a894d1 --- /dev/null +++ b/security/crypto/api/1.0.0-rc04.txt @@ -0,0 +1,49 @@ +// Signature format: 3.0 +package androidx.security.crypto { + + public final class EncryptedFile { + method public java.io.FileInputStream openFileInput() throws java.security.GeneralSecurityException, java.io.IOException; + method public java.io.FileOutputStream openFileOutput() throws java.security.GeneralSecurityException, java.io.IOException; + } + + public static final class EncryptedFile.Builder { + ctor public EncryptedFile.Builder(java.io.File, android.content.Context, String, androidx.security.crypto.EncryptedFile.FileEncryptionScheme); + method public androidx.security.crypto.EncryptedFile build() throws java.security.GeneralSecurityException, java.io.IOException; + method public androidx.security.crypto.EncryptedFile.Builder setKeysetAlias(String); + method public androidx.security.crypto.EncryptedFile.Builder setKeysetPrefName(String); + } + + public enum EncryptedFile.FileEncryptionScheme { + enum_constant public static final androidx.security.crypto.EncryptedFile.FileEncryptionScheme AES256_GCM_HKDF_4KB; + } + + public final class EncryptedSharedPreferences implements android.content.SharedPreferences { + method public boolean contains(String?); + method public static android.content.SharedPreferences create(String, String, android.content.Context, androidx.security.crypto.EncryptedSharedPreferences.PrefKeyEncryptionScheme, androidx.security.crypto.EncryptedSharedPreferences.PrefValueEncryptionScheme) throws java.security.GeneralSecurityException, java.io.IOException; + method public android.content.SharedPreferences.Editor edit(); + method public java.util.Map<java.lang.String!,?> getAll(); + method public boolean getBoolean(String?, boolean); + method public float getFloat(String?, float); + method public int getInt(String?, int); + method public long getLong(String?, long); + method public String? getString(String?, String?); + method public java.util.Set<java.lang.String!>? getStringSet(String?, java.util.Set<java.lang.String!>?); + method public void registerOnSharedPreferenceChangeListener(android.content.SharedPreferences.OnSharedPreferenceChangeListener); + method public void unregisterOnSharedPreferenceChangeListener(android.content.SharedPreferences.OnSharedPreferenceChangeListener); + } + + public enum EncryptedSharedPreferences.PrefKeyEncryptionScheme { + enum_constant public static final androidx.security.crypto.EncryptedSharedPreferences.PrefKeyEncryptionScheme AES256_SIV; + } + + public enum EncryptedSharedPreferences.PrefValueEncryptionScheme { + enum_constant public static final androidx.security.crypto.EncryptedSharedPreferences.PrefValueEncryptionScheme AES256_GCM; + } + + public final class MasterKeys { + method public static String getOrCreate(android.security.keystore.KeyGenParameterSpec) throws java.security.GeneralSecurityException, java.io.IOException; + field public static final android.security.keystore.KeyGenParameterSpec AES256_GCM_SPEC; + } + +} + diff --git a/security/crypto/api/public_plus_experimental_1.0.0-rc04.txt b/security/crypto/api/public_plus_experimental_1.0.0-rc04.txt new file mode 100644 index 00000000000..3fb36a894d1 --- /dev/null +++ b/security/crypto/api/public_plus_experimental_1.0.0-rc04.txt @@ -0,0 +1,49 @@ +// Signature format: 3.0 +package androidx.security.crypto { + + public final class EncryptedFile { + method public java.io.FileInputStream openFileInput() throws java.security.GeneralSecurityException, java.io.IOException; + method public java.io.FileOutputStream openFileOutput() throws java.security.GeneralSecurityException, java.io.IOException; + } + + public static final class EncryptedFile.Builder { + ctor public EncryptedFile.Builder(java.io.File, android.content.Context, String, androidx.security.crypto.EncryptedFile.FileEncryptionScheme); + method public androidx.security.crypto.EncryptedFile build() throws java.security.GeneralSecurityException, java.io.IOException; + method public androidx.security.crypto.EncryptedFile.Builder setKeysetAlias(String); + method public androidx.security.crypto.EncryptedFile.Builder setKeysetPrefName(String); + } + + public enum EncryptedFile.FileEncryptionScheme { + enum_constant public static final androidx.security.crypto.EncryptedFile.FileEncryptionScheme AES256_GCM_HKDF_4KB; + } + + public final class EncryptedSharedPreferences implements android.content.SharedPreferences { + method public boolean contains(String?); + method public static android.content.SharedPreferences create(String, String, android.content.Context, androidx.security.crypto.EncryptedSharedPreferences.PrefKeyEncryptionScheme, androidx.security.crypto.EncryptedSharedPreferences.PrefValueEncryptionScheme) throws java.security.GeneralSecurityException, java.io.IOException; + method public android.content.SharedPreferences.Editor edit(); + method public java.util.Map<java.lang.String!,?> getAll(); + method public boolean getBoolean(String?, boolean); + method public float getFloat(String?, float); + method public int getInt(String?, int); + method public long getLong(String?, long); + method public String? getString(String?, String?); + method public java.util.Set<java.lang.String!>? getStringSet(String?, java.util.Set<java.lang.String!>?); + method public void registerOnSharedPreferenceChangeListener(android.content.SharedPreferences.OnSharedPreferenceChangeListener); + method public void unregisterOnSharedPreferenceChangeListener(android.content.SharedPreferences.OnSharedPreferenceChangeListener); + } + + public enum EncryptedSharedPreferences.PrefKeyEncryptionScheme { + enum_constant public static final androidx.security.crypto.EncryptedSharedPreferences.PrefKeyEncryptionScheme AES256_SIV; + } + + public enum EncryptedSharedPreferences.PrefValueEncryptionScheme { + enum_constant public static final androidx.security.crypto.EncryptedSharedPreferences.PrefValueEncryptionScheme AES256_GCM; + } + + public final class MasterKeys { + method public static String getOrCreate(android.security.keystore.KeyGenParameterSpec) throws java.security.GeneralSecurityException, java.io.IOException; + field public static final android.security.keystore.KeyGenParameterSpec AES256_GCM_SPEC; + } + +} + diff --git a/security/crypto/api/res-1.0.0-rc04.txt b/security/crypto/api/res-1.0.0-rc04.txt new file mode 100644 index 00000000000..e69de29bb2d --- /dev/null +++ b/security/crypto/api/res-1.0.0-rc04.txt diff --git a/security/crypto/api/restricted_1.0.0-rc04.txt b/security/crypto/api/restricted_1.0.0-rc04.txt new file mode 100644 index 00000000000..3fb36a894d1 --- /dev/null +++ b/security/crypto/api/restricted_1.0.0-rc04.txt @@ -0,0 +1,49 @@ +// Signature format: 3.0 +package androidx.security.crypto { + + public final class EncryptedFile { + method public java.io.FileInputStream openFileInput() throws java.security.GeneralSecurityException, java.io.IOException; + method public java.io.FileOutputStream openFileOutput() throws java.security.GeneralSecurityException, java.io.IOException; + } + + public static final class EncryptedFile.Builder { + ctor public EncryptedFile.Builder(java.io.File, android.content.Context, String, androidx.security.crypto.EncryptedFile.FileEncryptionScheme); + method public androidx.security.crypto.EncryptedFile build() throws java.security.GeneralSecurityException, java.io.IOException; + method public androidx.security.crypto.EncryptedFile.Builder setKeysetAlias(String); + method public androidx.security.crypto.EncryptedFile.Builder setKeysetPrefName(String); + } + + public enum EncryptedFile.FileEncryptionScheme { + enum_constant public static final androidx.security.crypto.EncryptedFile.FileEncryptionScheme AES256_GCM_HKDF_4KB; + } + + public final class EncryptedSharedPreferences implements android.content.SharedPreferences { + method public boolean contains(String?); + method public static android.content.SharedPreferences create(String, String, android.content.Context, androidx.security.crypto.EncryptedSharedPreferences.PrefKeyEncryptionScheme, androidx.security.crypto.EncryptedSharedPreferences.PrefValueEncryptionScheme) throws java.security.GeneralSecurityException, java.io.IOException; + method public android.content.SharedPreferences.Editor edit(); + method public java.util.Map<java.lang.String!,?> getAll(); + method public boolean getBoolean(String?, boolean); + method public float getFloat(String?, float); + method public int getInt(String?, int); + method public long getLong(String?, long); + method public String? getString(String?, String?); + method public java.util.Set<java.lang.String!>? getStringSet(String?, java.util.Set<java.lang.String!>?); + method public void registerOnSharedPreferenceChangeListener(android.content.SharedPreferences.OnSharedPreferenceChangeListener); + method public void unregisterOnSharedPreferenceChangeListener(android.content.SharedPreferences.OnSharedPreferenceChangeListener); + } + + public enum EncryptedSharedPreferences.PrefKeyEncryptionScheme { + enum_constant public static final androidx.security.crypto.EncryptedSharedPreferences.PrefKeyEncryptionScheme AES256_SIV; + } + + public enum EncryptedSharedPreferences.PrefValueEncryptionScheme { + enum_constant public static final androidx.security.crypto.EncryptedSharedPreferences.PrefValueEncryptionScheme AES256_GCM; + } + + public final class MasterKeys { + method public static String getOrCreate(android.security.keystore.KeyGenParameterSpec) throws java.security.GeneralSecurityException, java.io.IOException; + field public static final android.security.keystore.KeyGenParameterSpec AES256_GCM_SPEC; + } + +} + diff --git a/security/crypto/build.gradle b/security/crypto/build.gradle index 4403e5836a2..3361c86d512 100644 --- a/security/crypto/build.gradle +++ b/security/crypto/build.gradle @@ -28,7 +28,7 @@ plugins { dependencies { api("androidx.annotation:annotation:1.1.0") - implementation("com.google.crypto.tink:tink-android:1.4.0") + implementation("com.google.crypto.tink:tink-android:1.5.0") androidTestImplementation(ANDROIDX_TEST_EXT_JUNIT) androidTestImplementation(ANDROIDX_TEST_CORE) diff --git a/security/crypto/src/androidTest/java/androidx/security/crypto/EncryptedFileTest.java b/security/crypto/src/androidTest/java/androidx/security/crypto/EncryptedFileTest.java index 301a4d263e0..0eb4a001a7e 100644 --- a/security/crypto/src/androidTest/java/androidx/security/crypto/EncryptedFileTest.java +++ b/security/crypto/src/androidTest/java/androidx/security/crypto/EncryptedFileTest.java @@ -28,10 +28,9 @@ import androidx.test.filters.SmallTest; import com.google.crypto.tink.KeysetHandle; import com.google.crypto.tink.StreamingAead; -import com.google.crypto.tink.config.TinkConfig; import com.google.crypto.tink.integration.android.AndroidKeysetManager; -import com.google.crypto.tink.streamingaead.StreamingAeadFactory; -import com.google.crypto.tink.streamingaead.StreamingAeadKeyTemplates; +import com.google.crypto.tink.streamingaead.AesGcmHkdfStreamingKeyManager; +import com.google.crypto.tink.streamingaead.StreamingAeadConfig; import org.junit.Assert; import org.junit.Before; @@ -234,17 +233,17 @@ public class EncryptedFileTest { outputStream.flush(); outputStream.close(); - TinkConfig.register(); + StreamingAeadConfig.register(); KeysetHandle streadmingAeadKeysetHandle = new AndroidKeysetManager.Builder() - .withKeyTemplate(StreamingAeadKeyTemplates.AES256_GCM_HKDF_4KB) + .withKeyTemplate(AesGcmHkdfStreamingKeyManager.aes256GcmHkdf4KBTemplate()) .withSharedPref(mContext, "__androidx_security_crypto_encrypted_file_keyset__", "__androidx_security_crypto_encrypted_file_pref__") .withMasterKeyUri(KEYSTORE_PATH_URI + mMasterKeyAlias) .build().getKeysetHandle(); - StreamingAead streamingAead = StreamingAeadFactory.getPrimitive( - streadmingAeadKeysetHandle); + StreamingAead streamingAead = + streadmingAeadKeysetHandle.getPrimitive(StreamingAead.class); FileInputStream fileInputStream = new FileInputStream(file); InputStream inputStream = streamingAead.newDecryptingStream(fileInputStream, diff --git a/security/crypto/src/androidTest/java/androidx/security/crypto/EncryptedSharedPreferencesTest.java b/security/crypto/src/androidTest/java/androidx/security/crypto/EncryptedSharedPreferencesTest.java index 0807ca9fd7e..9117c8dfbd3 100644 --- a/security/crypto/src/androidTest/java/androidx/security/crypto/EncryptedSharedPreferencesTest.java +++ b/security/crypto/src/androidTest/java/androidx/security/crypto/EncryptedSharedPreferencesTest.java @@ -32,11 +32,10 @@ import androidx.test.filters.MediumTest; import com.google.crypto.tink.Aead; import com.google.crypto.tink.DeterministicAead; import com.google.crypto.tink.KeysetHandle; -import com.google.crypto.tink.aead.AeadFactory; -import com.google.crypto.tink.aead.AeadKeyTemplates; -import com.google.crypto.tink.config.TinkConfig; -import com.google.crypto.tink.daead.DeterministicAeadFactory; -import com.google.crypto.tink.daead.DeterministicAeadKeyTemplates; +import com.google.crypto.tink.aead.AeadConfig; +import com.google.crypto.tink.aead.AesGcmKeyManager; +import com.google.crypto.tink.daead.AesSivKeyManager; +import com.google.crypto.tink.daead.DeterministicAeadConfig; import com.google.crypto.tink.integration.android.AndroidKeysetManager; import com.google.crypto.tink.subtle.Base64; @@ -362,17 +361,18 @@ public class EncryptedSharedPreferencesTest { encryptedEditor.commit(); // Set up Tink - TinkConfig.register(); + DeterministicAeadConfig.register(); + AeadConfig.register(); KeysetHandle daeadKeysetHandle = new AndroidKeysetManager.Builder() - .withKeyTemplate(DeterministicAeadKeyTemplates.AES256_SIV) + .withKeyTemplate(AesSivKeyManager.aes256SivTemplate()) .withSharedPref(mContext, "__androidx_security_crypto_encrypted_prefs_key_keyset__", tinkTestPrefs) .withMasterKeyUri(KEYSTORE_PATH_URI + "_androidx_security_master_key_") .build().getKeysetHandle(); - DeterministicAead deterministicAead = DeterministicAeadFactory.getPrimitive( - daeadKeysetHandle); + DeterministicAead deterministicAead = + daeadKeysetHandle.getPrimitive(DeterministicAead.class); byte[] encryptedKey = deterministicAead.encryptDeterministically(testKey.getBytes(UTF_8), tinkTestPrefs.getBytes()); String encodedKey = Base64.encode(encryptedKey); @@ -383,13 +383,13 @@ public class EncryptedSharedPreferencesTest { Assert.assertTrue("Key should exist if Tink is compatible.", keyExists); KeysetHandle aeadKeysetHandle = new AndroidKeysetManager.Builder() - .withKeyTemplate(AeadKeyTemplates.AES256_GCM) + .withKeyTemplate(AesGcmKeyManager.aes256GcmTemplate()) .withSharedPref(mContext, "__androidx_security_crypto_encrypted_prefs_value_keyset__", tinkTestPrefs) .withMasterKeyUri(KEYSTORE_PATH_URI + "_androidx_security_master_key_") .build().getKeysetHandle(); - Aead aead = AeadFactory.getPrimitive(aeadKeysetHandle); + Aead aead = aeadKeysetHandle.getPrimitive(Aead.class); String encryptedValue = sharedPreferences.getString(encodedKey, null); byte[] cipherText = Base64.decode(encryptedValue); diff --git a/security/crypto/src/main/java/androidx/security/crypto/EncryptedFile.java b/security/crypto/src/main/java/androidx/security/crypto/EncryptedFile.java index 76e886a119f..ed0ff0a6997 100644 --- a/security/crypto/src/main/java/androidx/security/crypto/EncryptedFile.java +++ b/security/crypto/src/main/java/androidx/security/crypto/EncryptedFile.java @@ -27,9 +27,9 @@ import androidx.annotation.NonNull; import com.google.crypto.tink.KeyTemplate; import com.google.crypto.tink.KeysetHandle; import com.google.crypto.tink.StreamingAead; -import com.google.crypto.tink.config.TinkConfig; import com.google.crypto.tink.integration.android.AndroidKeysetManager; import com.google.crypto.tink.streamingaead.AesGcmHkdfStreamingKeyManager; +import com.google.crypto.tink.streamingaead.StreamingAeadConfig; import java.io.File; import java.io.FileDescriptor; @@ -163,7 +163,7 @@ public final class EncryptedFile { */ @NonNull public EncryptedFile build() throws GeneralSecurityException, IOException { - TinkConfig.register(); + StreamingAeadConfig.register(); KeysetHandle streadmingAeadKeysetHandle = new AndroidKeysetManager.Builder() .withKeyTemplate(mFileEncryptionScheme.getKeyTemplate()) diff --git a/security/crypto/src/main/java/androidx/security/crypto/EncryptedSharedPreferences.java b/security/crypto/src/main/java/androidx/security/crypto/EncryptedSharedPreferences.java index b7dbdc9e517..0f727ceedc4 100644 --- a/security/crypto/src/main/java/androidx/security/crypto/EncryptedSharedPreferences.java +++ b/security/crypto/src/main/java/androidx/security/crypto/EncryptedSharedPreferences.java @@ -32,9 +32,10 @@ import com.google.crypto.tink.Aead; import com.google.crypto.tink.DeterministicAead; import com.google.crypto.tink.KeyTemplate; import com.google.crypto.tink.KeysetHandle; +import com.google.crypto.tink.aead.AeadConfig; import com.google.crypto.tink.aead.AesGcmKeyManager; -import com.google.crypto.tink.config.TinkConfig; import com.google.crypto.tink.daead.AesSivKeyManager; +import com.google.crypto.tink.daead.DeterministicAeadConfig; import com.google.crypto.tink.integration.android.AndroidKeysetManager; import com.google.crypto.tink.subtle.Base64; @@ -112,7 +113,8 @@ public final class EncryptedSharedPreferences implements SharedPreferences { @NonNull PrefKeyEncryptionScheme prefKeyEncryptionScheme, @NonNull PrefValueEncryptionScheme prefValueEncryptionScheme) throws GeneralSecurityException, IOException { - TinkConfig.register(); + DeterministicAeadConfig.register(); + AeadConfig.register(); KeysetHandle daeadKeysetHandle = new AndroidKeysetManager.Builder() .withKeyTemplate(prefKeyEncryptionScheme.getKeyTemplate()) |