diff options
| author | Alex Klyubin <klyubin@google.com> | 2015-09-09 14:55:03 -0700 |
|---|---|---|
| committer | Randy Pan <zpan@google.com> | 2015-12-10 16:06:50 -0800 |
| commit | c99c2461b8cae6d3ac82cdee3fb38521a41ff389 (patch) | |
| tree | d8e3d06bb75964b45b17fd0e05aec9bd683c0548 /docs/html/sdk/api_diff/23/changes | |
| parent | 075698c35f2bf8bb4b3c3060b67514b72fd1b862 (diff) | |
DO NOT MERGE Support cross-UID access from AndroidKeyStore.
This is meant for exposing the pre-existing cross-UID access to keys
backed by the keystore service via higher-level JCA API. For example,
this lets system_server use Wi-Fi or VPN UID keys via JCA API.
To obtain a JCA AndroidKeyStore KeyStore for another UID, use the
hidden system API AndroidKeyStoreProvider.getKeyStoreForUid(uid).
To generate a key owned by another UID, invoke setUid(uid) on
KeyGenParameterSpec.Builder.
This CL does not change the security policy, such as which UID can
access/modify which UIDs' keys. The policy is that only certain system
UIDs are permitted to access keys of certain other system UIDs.
Cherry-picked from 3876b1be27e3aefde9a72eb2e4f856e94fc5f946
Bug: 23978113
Change-Id: Ie381530f41dc41c50d52f675fb9e68bc87c006de
Diffstat (limited to 'docs/html/sdk/api_diff/23/changes')
0 files changed, 0 insertions, 0 deletions