| 7599f1366e8a08781f415e73f65cf270aae36868 |
|
23-Jan-2017 |
Mark Rathjen <mrathjen@google.com> |
Resolve Android security comments for Android ID migration.
- Use 32 byte key instead of 16 byte.
- Use HMAC-SHA256 instead of SHA256 for ssaid generation.
- Update HMAC with all package signatures.
- Use delimiter in between digest arguments.
This change will cause the ssaid of non-legacy installed apps (apps installed
post Android ID migration OTA) to change after an uninstall and reinstall sequence.
Bug: 34395671
Test: Unit tests, CTS tests, Manual tests
Change-Id: I19dec57947368ee5000c2c630b1e4030d46a4ab3
/frameworks/base/core/java/android/util/PackageUtils.java
|
| d891f01d96cbaa3b1329c3d476084f3fedb30a89 |
|
19-Jan-2017 |
Mark Rathjen <mrathjen@google.com> |
Roll forward SSAID Migration to be Per App/User Unique Values.
SSAID is currently shared across all applications for each
user on the device, giving developers the ability to track
users across multiple applications. Using SSAID for tracking
is an abuse of the original intention of the SSAID and has
inherent privacy concerns.
This change will make the SSAID unique per application, per
user on a device. To not affect applications installed prior
to this change they will retain the legacy SSAID value until
uninstalled and reinstalled again.
Across subsequent installations the application will receive
the same SSAID as long as the package name and signature remain
consistent.
Tested manually the following cases:
- App retains the legacy sssaid after OTA.
- App gets a new ssaid upon post-OTA installation.
- App retrieves same ssaid across post-OTA unistall/reinstalls.
- Different Apps receive different ssaids.
- Factory reset removes ssaid data and generates a different
ssaid after App install.
- System retains legacy ssaid.
Bug: 34395671
Test: CTS tests passed, Manual testing passed
This reverts commit be43257005d086ff7d93c15dae22ac40bc0d545e.
Change-Id: Ibf20e7949304c30d65bb8aa24cdbbe6e104b1002
/frameworks/base/core/java/android/util/PackageUtils.java
|
| be43257005d086ff7d93c15dae22ac40bc0d545e |
|
19-Jan-2017 |
Mark Rathjen <mrathjen@google.com> |
Revert "SSAID Migration to be Per App/User Unique Values."
This reverts commit 5514fb7aba781d8eabbbfc27a5d27a6b3a447b40.
Change-Id: I0d6b9b9ef3ecda3b7ec1b7160c492ec16c65b125
/frameworks/base/core/java/android/util/PackageUtils.java
|
| 5514fb7aba781d8eabbbfc27a5d27a6b3a447b40 |
|
12-Jan-2017 |
Mark Rathjen <mrathjen@google.com> |
SSAID Migration to be Per App/User Unique Values.
SSAID is currently shared across all applications for each
user on the device, giving developers the ability to track
users across multiple applications. Using SSAID for tracking
is an abuse of the original intention of the SSAID and has
inherent privacy concerns.
This change will make the SSAID unique per application, per
user on a device. To not affect applications installed prior
to this change they will retain the legacy SSAID value until
uninstalled and reinstalled again.
Across subsequent installations the application will receive
the same SSAID as long as the package name and signature remain
consistent.
Tested manually the following cases:
- App retains the legacy sssaid after OTA.
- App gets a new ssaid upon post-OTA installation.
- App retrieves same ssaid across post-OTA unistall/reinstalls.
- Different Apps receive different ssaids.
- Factory reset removes ssaid data and generates a different
ssaid after App install.
- System retains legacy ssaid.
Bug: 30979321
Test: CTS tests passed, Manual testing passed
Change-Id: I4acc190c14ec249e6365e05e7943148ed6f17f71
/frameworks/base/core/java/android/util/PackageUtils.java
|
| 5d09c998a03eea53218c3b3c40e20db1b7693c9c |
|
07-Sep-2016 |
Svet Ganov <svetoslavganov@google.com> |
Backup account access grants
Sync adapters without an account access cannot run until the
user approves the account access (for the case the account
access is not allowed by other policy such as being singed
with the same cert as the authenticator). If the sync adapter
does not have permission to access the account we ask the
user to grant access and take a note. This CL adds backup
for the explicit user grants.
bug:31162498
Change-Id: I31e3f3d010475352c7c54255ac2d3a2fed4d0c72
/frameworks/base/core/java/android/util/PackageUtils.java
|