Commit graph

3 commits

Author SHA1 Message Date
Janis Danisevskis
064ce85612 Implement rate limiting on a per app basis for confirmationui
Implements the following strategy per app:
* Every attempted prompt increments a try counter.
* A prompt that was confirmed by the user resets the try counter.
* No penalty is applied after the first two cancelled attempts.
* A penalty of 30s is applied after attempt 3, 4, and 5 when
  cancelled by the user
* A penalty of 60s * 2**(N - 6) after the Nth cancelled attempt
  for attempts 6...
* A try counter that was not updated in 24h gets garbage collected.

Test: /data/nativetest64/keystore_unit_tests/keystore_unit_tests
Bug: 73892492
Change-Id: I0b50869259bfe920338c0c049cb9a715143ab103
2018-03-14 13:36:56 -07:00
David Zeuthen
1a49231d4a Add isConfirmationPromptSupported() method.
This will be used by the android.security.ConfirmationDialog.isSupported() and
is intended so that apps can know ahead of time whether the device implements
the ConfirmationUI HAL.

Bug: 63928580
Test: Manually tested.
Change-Id: I6347824b4e2330a93b7a7ffd7cf5b206009a564e
2018-02-26 11:00:30 -05:00
David Zeuthen
c6eb7cd999 Add support for confirmation APIs.
This code implements new keystore APIs for confirmations.

Also add new 'confirmation' verb to the keystore_cli_v2 command to be
used for testing confirmations. It will block until there's a
callback. Example invocations:

 phone:/ # keystore_cli_v2 confirmation --prompt_text="Hello World" --extra_data=010203 --ui_options=1,2,3
 Waiting for prompt to complete - use Ctrl+C to abort...
 Confirmation prompt completed
 responseCode = 0
 dataThatWasConfirmed[30] = {0xa2, 0x66, 0x70, 0x72, 0x6f, 0x6d, 0x70, 0x74, 0x6b, 0x48, 0x65, 0x6c, 0x6c, 0x6f, 0x20, 0x57, 0x6f, 0x72, 0x6c, 0x64, 0x65, 0x65, 0x78, 0x74, 0x72, 0x61, 0x43, 0x01, 0x02, 0x03}
 phone:/ #

If a prompt is already being shown, the |OperationPending| return code
(code 3) is returned:

 phone:/ # keystore_cli_v2 confirmation --prompt_text="Hello World" --extra_data=010203 --ui_options=1,2,3
 Presenting confirmation prompt failed with return code 3.

Canceling a prompt:

 phone:/# keystore_cli_v2 confirmation --prompt_text="Hello World" --extra_data=010203 --cancel_after=1.5
 Sleeping 1.5 seconds before canceling prompt...
 Waiting for prompt to complete - use Ctrl+C to abort...
 Confirmation prompt completed
 responseCode = 2
 dataThatWasConfirmed[0] = {}

Bug: 63928580
Test: Manually tested.
Change-Id: Ida14706ad066d5350b9081eb7821c7b1a1472dd2
2018-01-17 15:38:44 -05:00