7599f1366e8a08781f415e73f65cf270aae36868 |
|
23-Jan-2017 |
Mark Rathjen <mrathjen@google.com> |
Resolve Android security comments for Android ID migration. - Use 32 byte key instead of 16 byte. - Use HMAC-SHA256 instead of SHA256 for ssaid generation. - Update HMAC with all package signatures. - Use delimiter in between digest arguments. This change will cause the ssaid of non-legacy installed apps (apps installed post Android ID migration OTA) to change after an uninstall and reinstall sequence. Bug: 34395671 Test: Unit tests, CTS tests, Manual tests Change-Id: I19dec57947368ee5000c2c630b1e4030d46a4ab3
/frameworks/base/core/java/android/util/PackageUtils.java
|
d891f01d96cbaa3b1329c3d476084f3fedb30a89 |
|
19-Jan-2017 |
Mark Rathjen <mrathjen@google.com> |
Roll forward SSAID Migration to be Per App/User Unique Values. SSAID is currently shared across all applications for each user on the device, giving developers the ability to track users across multiple applications. Using SSAID for tracking is an abuse of the original intention of the SSAID and has inherent privacy concerns. This change will make the SSAID unique per application, per user on a device. To not affect applications installed prior to this change they will retain the legacy SSAID value until uninstalled and reinstalled again. Across subsequent installations the application will receive the same SSAID as long as the package name and signature remain consistent. Tested manually the following cases: - App retains the legacy sssaid after OTA. - App gets a new ssaid upon post-OTA installation. - App retrieves same ssaid across post-OTA unistall/reinstalls. - Different Apps receive different ssaids. - Factory reset removes ssaid data and generates a different ssaid after App install. - System retains legacy ssaid. Bug: 34395671 Test: CTS tests passed, Manual testing passed This reverts commit be43257005d086ff7d93c15dae22ac40bc0d545e. Change-Id: Ibf20e7949304c30d65bb8aa24cdbbe6e104b1002
/frameworks/base/core/java/android/util/PackageUtils.java
|
be43257005d086ff7d93c15dae22ac40bc0d545e |
|
19-Jan-2017 |
Mark Rathjen <mrathjen@google.com> |
Revert "SSAID Migration to be Per App/User Unique Values." This reverts commit 5514fb7aba781d8eabbbfc27a5d27a6b3a447b40. Change-Id: I0d6b9b9ef3ecda3b7ec1b7160c492ec16c65b125
/frameworks/base/core/java/android/util/PackageUtils.java
|
5514fb7aba781d8eabbbfc27a5d27a6b3a447b40 |
|
12-Jan-2017 |
Mark Rathjen <mrathjen@google.com> |
SSAID Migration to be Per App/User Unique Values. SSAID is currently shared across all applications for each user on the device, giving developers the ability to track users across multiple applications. Using SSAID for tracking is an abuse of the original intention of the SSAID and has inherent privacy concerns. This change will make the SSAID unique per application, per user on a device. To not affect applications installed prior to this change they will retain the legacy SSAID value until uninstalled and reinstalled again. Across subsequent installations the application will receive the same SSAID as long as the package name and signature remain consistent. Tested manually the following cases: - App retains the legacy sssaid after OTA. - App gets a new ssaid upon post-OTA installation. - App retrieves same ssaid across post-OTA unistall/reinstalls. - Different Apps receive different ssaids. - Factory reset removes ssaid data and generates a different ssaid after App install. - System retains legacy ssaid. Bug: 30979321 Test: CTS tests passed, Manual testing passed Change-Id: I4acc190c14ec249e6365e05e7943148ed6f17f71
/frameworks/base/core/java/android/util/PackageUtils.java
|
5d09c998a03eea53218c3b3c40e20db1b7693c9c |
|
07-Sep-2016 |
Svet Ganov <svetoslavganov@google.com> |
Backup account access grants Sync adapters without an account access cannot run until the user approves the account access (for the case the account access is not allowed by other policy such as being singed with the same cert as the authenticator). If the sync adapter does not have permission to access the account we ask the user to grant access and take a note. This CL adds backup for the explicit user grants. bug:31162498 Change-Id: I31e3f3d010475352c7c54255ac2d3a2fed4d0c72
/frameworks/base/core/java/android/util/PackageUtils.java
|