diff options
Diffstat (limited to 'docs/html/training')
| -rw-r--r-- | docs/html/training/articles/keystore.jd | 123 | ||||
| -rw-r--r-- | docs/html/training/articles/security-gms-provider.jd | 3 | ||||
| -rw-r--r-- | docs/html/training/basics/firstapp/creating-project.jd | 5 | ||||
| -rw-r--r-- | docs/html/training/basics/firstapp/index.jd | 15 | ||||
| -rw-r--r-- | docs/html/training/basics/firstapp/running-app.jd | 20 | ||||
| -rw-r--r-- | docs/html/training/basics/network-ops/connecting.jd | 4 | ||||
| -rw-r--r-- | docs/html/training/location/location-testing.jd | 2 | ||||
| -rw-r--r-- | docs/html/training/material/animations.jd | 8 | ||||
| -rw-r--r-- | docs/html/training/material/drawables.jd | 5 | ||||
| -rw-r--r-- | docs/html/training/sync-adapters/creating-stub-provider.jd | 6 | ||||
| -rw-r--r-- | docs/html/training/sync-adapters/creating-sync-adapter.jd | 7 | ||||
| -rw-r--r-- | docs/html/training/volley/requestqueue.jd | 8 |
12 files changed, 163 insertions, 43 deletions
diff --git a/docs/html/training/articles/keystore.jd b/docs/html/training/articles/keystore.jd index bbbda67..52cb13e 100644 --- a/docs/html/training/articles/keystore.jd +++ b/docs/html/training/articles/keystore.jd @@ -5,6 +5,7 @@ page.title=Android Keystore System <div id="qv"> <h2>In this document</h2> <ol> + <li><a href="#SecurityFeatures">Security Features</a></li> <li><a href="#WhichShouldIUse">Choosing Between a Keychain or the Android Keystore Provider</a></li> <li><a href="#UsingAndroidKeyStore">Using Android Keystore Provider </a></li> @@ -26,11 +27,13 @@ page.title=Android Keystore System </div> </div> -<p>The Android Keystore system lets you store private keys - in a container to make it more difficult to extract from the - device. Once keys are in the keystore, they can be used for - cryptographic operations with the private key material remaining - non-exportable.</p> +<p>The Android Keystore system lets you store cryptographic keys in a container + to make it more difficult to extract from the device. Once keys are in the + keystore, they can be used for cryptographic operations with the key material + remaining non-exportable. Moreover, it offers facilities to restrict when and + how keys can be used, such as requiring user authentication for key use or + restricting keys to be used only in certain cryptographic modes. See + <a href="#SecurityFeatures">Security Features</a> section for more information.</p> <p>The Keystore system is used by the {@link android.security.KeyChain} API as well as the Android @@ -38,6 +41,70 @@ page.title=Android Keystore System (API level 18). This document goes over when and how to use the Android Keystore provider.</p> + +<h2 id="SecurityFeatures">Security Features</h2> + +Android Keystore system protects key material from unauthorized use. Firstly, Android Keystore +mitigates unauthorized use of key material outside of the Android device by preventing extraction of +the key material from application processes and from the Android device as a whole. Secondly, +Android KeyStore mitigates unauthorized use of key material on the Android device by making apps +specify authorized uses of their keys and then enforcing these restrictions outside of the apps' +processes. + +<h3 id="ExtractionPrevention">Extraction Prevention</h3> + +Key material of Android Keystore keys is protected from extraction using two security measures: +<ul> +<li>Key material never enters the application process. When an application performs cryptographic + operations using an Android Keystore key, behind the scenes plaintext, ciphertext, and messages to + be signed or verified are fed to a system process which carries out the cryptographic operations. + If the app's process is compromised, the attacker may be able to use the app's keys but will not + be able to extract their key material (for example, to be used outside of the Android device). + </li> +<li>Key material may be bound to the secure hardware (e.g., Trusted Execution Environment (TEE), + Secure Element (SE)) of the Android device. When this feature is enabled for a key, its key + material is never exposed outside of secure hardware. If the Android OS is compromised or an + attacker can read the device's internal storage, the attacker may be able to use any app's Android + Keystore keys on the Android device, but not extract them from the device. This feature is enabled + only if the device's secure hardware supports the particular combination of key algorithm, block + modes, padding schemes, and digests with which the key is authorized to be used. To check whether + the feature is enabled for a key, obtain a {@link android.security.keystore.KeyInfo} for the key + and inspect the return value of + {@link android.security.keystore.KeyInfo#isInsideSecureHardware() KeyInfo.isInsideSecurityHardware()}. + </li> +</ul> + +<h3 id="KeyUseAuthorizations">Key Use Authorizations</h3> + +To mitigate unauthorized use of keys on the Android device, Android Keystore lets apps specify +authorized uses of their keys when generating or importing the keys. Once a key is generated or +imported, its authorizations can not be changed. Authorizations are then enforced by the Android +Keystore whenever the key is used. This is an advanced security feature which is generally useful +only if your requirements are that a compromise of your application process after key +generation/import (but not before or during) cannot lead to unauthorized uses of the key. + +<p>Supported key use authorizations fall into the following categories: +<ul> +<li><em>cryptography</em>: authorized key algorithm, operations or purposes (encrypt, decrypt, sign, + verify), padding schemes, block modes, digests with which the key can be used;</li> +<li><em>temporal validity interval</em>: interval of time during which the key is authorized for + use;</li> +<li><em>user authentication</em>: the key can only be used if the user has been authenticated + recently enough. See <a href="#UserAuthentication">Requiring User Authentication For Key Use</a>. + </li> +</ul> + +<p>As an additional security measure, for keys whose key material is inside secure hardware (see + {@link android.security.keystore.KeyInfo#isInsideSecureHardware() KeyInfo.isInsideSecurityHardware()}) + some key use authorizations may be enforced by secure hardware, depending on the Android device. + Cryptographic and user authentication authorizations are likely to be enforced by secure hardware. + Temporal validity interval authorizations are unlikely to be enforced by the secure hardware + because it normally does not have an independent secure real-time clock. + +<p>Whether a key's user authentication authorization is enforced by the secure hardware can be + queried using + {@link android.security.keystore.KeyInfo#isUserAuthenticationRequirementEnforcedBySecureHardware() KeyInfo.isUserAuthenticationRequirementEnforcedBySecureHardware()}. + <h2 id="WhichShouldIUse">Choosing Between a Keychain or the Android Keystore Provider</h2> @@ -59,7 +126,8 @@ Android Keystore Provider</h2> <p> To use this feature, you use the standard {@link java.security.KeyStore} -and {@link java.security.KeyPairGenerator} classes along with the +and {@link java.security.KeyPairGenerator} or +{@link javax.crypto.KeyGenerator} classes along with the {@code AndroidKeyStore} provider introduced in Android 4.3 (API level 18).</p> <p>{@code AndroidKeyStore} is registered as a {@link @@ -67,7 +135,9 @@ and {@link java.security.KeyPairGenerator} classes along with the java.security.KeyStore#getInstance(String) KeyStore.getInstance(type)} method and as a provider for use with the {@link java.security.KeyPairGenerator#getInstance(String, String) - KeyPairGenerator.getInstance(algorithm, provider)} method.</p> + KeyPairGenerator.getInstance(algorithm, provider)} and {@link + javax.crypto.KeyGenerator#getInstance(String, String) + KeyGenerator.getInstance(algorithm, provider)} methods.</p> <h3 id="GeneratingANewPrivateKey">Generating a New Private Key</h3> @@ -81,6 +151,11 @@ and {@link java.security.KeyPairGenerator} classes along with the {@sample development/samples/ApiDemos/src/com/example/android/apis/security/KeyStoreUsage.java generate} +<h3 id="GeneratingANewSecretKey">Generating a New Secret Key</h3> + +<p>To generate the key, use a {@link javax.crypto.KeyGenerator} with + {@link android.security.keystore.KeyGenParameterSpec}. + <h3 id="WorkingWithKeyStoreEntries">Working with Keystore Entries</h3> <p>Using the {@code AndroidKeyStore} provider takes place through @@ -105,3 +180,37 @@ and {@link java.security.KeyPairGenerator} classes along with the <p>Similarly, verify data with the {@link java.security.Signature#verify(byte[])} method:</p> {@sample development/samples/ApiDemos/src/com/example/android/apis/security/KeyStoreUsage.java verify} + +<h3 id="UserAuthentication">Requiring User Authentication For Key Use</h3> + +<p>When generating or importing a key into the {@code AndroidKeyStore} you can specify that the key +is only authorized to be used if the user has been authenticated. The user is authenticated using a +subset of their secure lock screen credentials (pattern/PIN/password, fingerprint). + +<p>This is an advanced security feature which is generally useful only if your requirements are that +a compromise of your application process after key generation/import (but not before or during) +cannot bypass the requirement for the user to be authenticated to use the key. + +<p>When a key is authorized to be used only if the user has been authenticated, it is configured to +operate in one of the two modes: +<ul> +<li>User authentication authorizes the use of keys for a duration of time. All keys in this mode are + authorized for use as soon as the user unlocks the secure lock screen or confirms their secure + lock screen credential using the + {@link android.app.KeyguardManager#createConfirmDeviceCredentialIntent(CharSequence, CharSequence) KeyguardManager.createConfirmDeviceCredentialIntent} + flow. The duration for which the authorization remains valid is specific to each key, as specified + using {@code setUserAuthenticationValidityDurationSeconds} during key generation or import. Such + keys can only be generated or imported if the secure lock screen is enabled (see + {@link android.app.KeyguardManager#isDeviceSecure() KeyguardManager.isDeviceSecure()}). These keys + become permanently invalidated once the secure lock screen is disabled (reconfigured to None, + Swipe or other mode which does not authenticate the user) or forcibly reset (e.g. by a Device + Administrator).</li> +<li>User authentication authorizes a specific cryptographic operation associated with one key. In + this mode, each operation involving such a key must be individually authorized by the user. + Currently, the only means of such authorization is fingerprint authentication: + {@link android.hardware.fingerprint.FingerprintManager#authenticate(CryptoObject, CancellationSignal, int, AuthenticationCallback, Handler) FingerprintManager.authenticate}. + Such keys can only be generated or imported if at least one fingerprint is enrolled (see + {@link android.hardware.fingerprint.FingerprintManager#hasEnrolledFingerprints() FingerprintManager.hasEnrolledFingerprints}). + These keys become permanently invalidated once a new fingerprint is enrolled or all fingerprints + are unenrolled.</li> +</ul>
\ No newline at end of file diff --git a/docs/html/training/articles/security-gms-provider.jd b/docs/html/training/articles/security-gms-provider.jd index 0d3cf1e..59983cc 100644 --- a/docs/html/training/articles/security-gms-provider.jd +++ b/docs/html/training/articles/security-gms-provider.jd @@ -52,8 +52,7 @@ android.net.SSLCertificateSocketFactory android.net.SSLCertificateSocketFactory}. Rather than using this class, we encourage app developers to use high-level methods for interacting with cryptography. Most apps can use APIs like {@link -javax.net.ssl.HttpsURLConnection}, {@link org.apache.http.client.HttpClient}, -and {@link android.net.http.AndroidHttpClient} without needing to set a custom +javax.net.ssl.HttpsURLConnection} without needing to set a custom {@link javax.net.ssl.TrustManager} or create an {@link android.net.SSLCertificateSocketFactory}.</p> diff --git a/docs/html/training/basics/firstapp/creating-project.jd b/docs/html/training/basics/firstapp/creating-project.jd index 4bd92ee..79268a0 100644 --- a/docs/html/training/basics/firstapp/creating-project.jd +++ b/docs/html/training/basics/firstapp/creating-project.jd @@ -24,6 +24,8 @@ next.link=running-app.html <h2>You should also read</h2> <ul> + <li><a href="{@docRoot}sdk/installing/index.html">Installing the +SDK</a></li> <li><a href="{@docRoot}tools/projects/index.html">Managing Projects</a></li> </ul> @@ -32,7 +34,8 @@ next.link=running-app.html </div> <p>An Android project contains all the files that comprise the source code for your Android -app.</p> +app. The Android SDK tools make it easy to start a new Android project with a set of +default project directories and files.</p> <p>This lesson shows how to create a new project either using Android Studio or using the diff --git a/docs/html/training/basics/firstapp/index.jd b/docs/html/training/basics/firstapp/index.jd index 4e3689a..1b6e00f 100644 --- a/docs/html/training/basics/firstapp/index.jd +++ b/docs/html/training/basics/firstapp/index.jd @@ -12,7 +12,7 @@ helpoutsWidget=true <div id="tb-wrapper"> <div id="tb"> -<h2>Dependencies</h2> +<h2>Dependencies and prerequisites</h2> <ul> <li><a href="{@docRoot}sdk/index.html">Android Studio</a></li> @@ -37,11 +37,14 @@ to:</p> <a href="{@docRoot}tools/help/sdk-manager.html">SDK Manager</a>.</li> </ol> -<p class="note"><strong>Note:</strong> Although most of this training class -expects that you're using Android Studio, some procedures include alternative -instructions for using -the SDK tools from the command line instead.</p> +<p class="note"><strong>Note:</strong> Make sure you install the most recent versions of Android +Studio and the Android SDK before you start this class. The procedures described in this class may +not apply to earlier versions.</p> -<p>This class uses a tutorial format to create a small Android app that teaches +<p>If you haven't already done these tasks, start by downloading the + <a href="{@docRoot}sdk/index.html">Android SDK</a> and following the install steps. + Once you've finished the setup, you're ready to begin this class.</p> + +<p>This class uses a tutorial format that incrementally builds a small Android app that teaches you some fundamental concepts about Android development, so it's important that you follow each step.</p> diff --git a/docs/html/training/basics/firstapp/running-app.jd b/docs/html/training/basics/firstapp/running-app.jd index 6e4605f..fdf0d1f 100644 --- a/docs/html/training/basics/firstapp/running-app.jd +++ b/docs/html/training/basics/firstapp/running-app.jd @@ -25,7 +25,7 @@ helpoutsWidget=true <ul> <li><a href="{@docRoot}tools/device.html">Using Hardware Devices</a></li> - <li><a href="{@docRoot}tools/devices/managing-avds.html">Managing AVDs with AVD Manager</a></li> + <li><a href="{@docRoot}tools/devices/index.html">Managing Virtual Devices</a></li> <li><a href="{@docRoot}tools/projects/index.html">Managing Projects</a></li> </ul> @@ -128,6 +128,10 @@ to first create an <a href="{@docRoot}tools/devices/index.html">Android Virtual AVD is a device configuration for the Android emulator that allows you to model a specific device.</p> +<div class="figure" style="width:457px"> + <img src="{@docRoot}images/screens_support/as-mac-avds-config.png" /> + <p class="img-caption"><strong>Figure 1.</strong> The AVD Manager showing a virtual device.</p> +</div> <h3>Create an AVD</h3> <ol> @@ -157,11 +161,19 @@ device.</p> </li> <li>Verify the configuration settings, then click <strong>Finish</strong>. </li> + <li>In the <strong>Android Virtual Device Manager</strong> window, click <strong>Create</strong>.</li> + <li>Enter an <strong>AVD Name</strong>.</li> + <li>Select a <strong>Device</strong> type. + <p>When you select a device type, most of the fields auto-populate.</p> + <li>For <strong>Skin</strong> select <strong>HVGA</strong>.</li> + <li>For <strong>SD Card</strong>, enter something small, like 10 MiB. + <p>It really doesn't matter what you enter here since you're not using any storage. But if you + reuse this AVD, you might have to adjust this setting.</p></li> + <li>Ignore the <strong>Emulation Options</strong> and click <strong>OK</strong>.</li> + <li>In the <strong>Result</strong> screen, click <strong>OK</strong>.</li> + <li>Close the <strong>Android Virtual Device Manager</strong> window.</li> </ol> -<p>For more information about using AVDs, see -<a href="{@docRoot}tools/devices/managing-avds.html">Managing AVDs with AVD Manager</a>.</p> - <h3>Run the app from Android Studio</h3> <ol> <li>In <strong>Android Studio</strong>, select your project and click <strong>Run</strong> diff --git a/docs/html/training/basics/network-ops/connecting.jd b/docs/html/training/basics/network-ops/connecting.jd index 1452ded..0601480 100644 --- a/docs/html/training/basics/network-ops/connecting.jd +++ b/docs/html/training/basics/network-ops/connecting.jd @@ -50,8 +50,8 @@ application manifest must include the following permissions:</p> <h2 id="http-client">Choose an HTTP Client</h2> <p>Most network-connected Android apps use HTTP to send and receive data. -Android includes two HTTP clients: {@link java.net.HttpURLConnection} and Apache - {@link org.apache.http.client.HttpClient}. Both support HTTPS, streaming uploads and downloads, configurable +Android includes two HTTP clients: {@link java.net.HttpURLConnection} and the Apache HTTP client. +Both support HTTPS, streaming uploads and downloads, configurable timeouts, IPv6, and connection pooling. We recommend using {@link java.net.HttpURLConnection} for applications targeted at Gingerbread and higher. For more discussion of this topic, see the blog post <a diff --git a/docs/html/training/location/location-testing.jd b/docs/html/training/location/location-testing.jd index 5021fc0..8f73d51 100644 --- a/docs/html/training/location/location-testing.jd +++ b/docs/html/training/location/location-testing.jd @@ -79,7 +79,7 @@ trainingnavtop=true <h2 id="TurnOnMockMode">Turn On Mock Mode</h2> <p> To send mock locations to Location Services in mock mode, a test app must request the permission - {@link android.Manifest.permission#ACCESS_MOCK_LOCATION}. In addition, you must enable mock + android.Manifest.permission#ACCESS_MOCK_LOCATION. In addition, you must enable mock locations on the test device using the option <b>Enable mock locations</b>. To learn how to enable mock locations on the device, see <a href="{@docRoot}tools/device.html#setting-up">Setting up a Device for Development</a>. diff --git a/docs/html/training/material/animations.jd b/docs/html/training/material/animations.jd index 86e91a7..6f263db 100644 --- a/docs/html/training/material/animations.jd +++ b/docs/html/training/material/animations.jd @@ -81,8 +81,8 @@ reveal or hide a view.</p> View myView = findViewById(R.id.my_view); // get the center for the clipping circle -int cx = (myView.getLeft() + myView.getRight()) / 2; -int cy = (myView.getTop() + myView.getBottom()) / 2; +int cx = myView.getWidth() / 2; +int cy = myView.getHeight() / 2; // get the final radius for the clipping circle int finalRadius = Math.max(myView.getWidth(), myView.getHeight()); @@ -103,8 +103,8 @@ anim.start(); final View myView = findViewById(R.id.my_view); // get the center for the clipping circle -int cx = (myView.getLeft() + myView.getRight()) / 2; -int cy = (myView.getTop() + myView.getBottom()) / 2; +int cx = myView.getWidth() / 2; +int cy = myView.getHeight() / 2; // get the initial radius for the clipping circle int initialRadius = myView.getWidth(); diff --git a/docs/html/training/material/drawables.jd b/docs/html/training/material/drawables.jd index a2de8e9..c58075e 100644 --- a/docs/html/training/material/drawables.jd +++ b/docs/html/training/material/drawables.jd @@ -36,8 +36,9 @@ alpha masks. You can tint them with color resources or theme attributes that res resources (for example, <code>?android:attr/colorPrimary</code>). Usually, you create these assets only once and color them automatically to match your theme.</p> -<p>You can apply a tint to {@link android.graphics.drawable.BitmapDrawable} or {@link -android.graphics.drawable.NinePatchDrawable} objects with the {@code setTint()} method. You can +<p>You can apply a tint to {@link android.graphics.drawable.BitmapDrawable}, {@link +android.graphics.drawable.NinePatchDrawable} or {@link +android.graphics.drawable.VectorDrawable} objects with the {@code setTint()} method. You can also set the tint color and mode in your layouts with the <code>android:tint</code> and <code>android:tintMode</code> attributes.</p> diff --git a/docs/html/training/sync-adapters/creating-stub-provider.jd b/docs/html/training/sync-adapters/creating-stub-provider.jd index b8190d1..e9e18ef 100644 --- a/docs/html/training/sync-adapters/creating-stub-provider.jd +++ b/docs/html/training/sync-adapters/creating-stub-provider.jd @@ -85,11 +85,11 @@ public class StubProvider extends ContentProvider { return true; } /* - * Return an empty String for MIME type + * Return no type for MIME type */ @Override - public String getType() { - return new String(); + public String getType(Uri uri) { + return null; } /* * query() always returns no results diff --git a/docs/html/training/sync-adapters/creating-sync-adapter.jd b/docs/html/training/sync-adapters/creating-sync-adapter.jd index b13ce07..9bd17ba 100644 --- a/docs/html/training/sync-adapters/creating-sync-adapter.jd +++ b/docs/html/training/sync-adapters/creating-sync-adapter.jd @@ -583,13 +583,6 @@ public class MainActivity extends FragmentActivity { running the sync adapter, see <a href="running-sync-adapter.html" >Running A Sync Adapter</a>. </dd> - <dt> -{@link android.Manifest.permission#AUTHENTICATE_ACCOUNTS android.permission.AUTHENTICATE_ACCOUNTS} - </dt> - <dd> - Allows you to use the authenticator component you created in the lesson - <a href="creating-authenticator.html">Creating a Stub Authenticator</a>. - </dd> </dl> <p> The following snippet shows how to add the permissions: diff --git a/docs/html/training/volley/requestqueue.jd b/docs/html/training/volley/requestqueue.jd index 63c743a..6d19cee 100644 --- a/docs/html/training/volley/requestqueue.jd +++ b/docs/html/training/volley/requestqueue.jd @@ -39,14 +39,14 @@ as a singleton, which makes the {@code RequestQueue} last the lifetime of your a of the requests, and a cache to handle caching. There are standard implementations of these available in the Volley toolbox: {@code DiskBasedCache} provides a one-file-per-response cache with an in-memory index, and {@code BasicNetwork} provides a network transport based -on your choice of {@link android.net.http.AndroidHttpClient} or {@link java.net.HttpURLConnection}.</p> +on your choice of the Apache HTTP client {@code android.net.http.AndroidHttpClient} or +{@link java.net.HttpURLConnection}.</p> <p>{@code BasicNetwork} is Volley's default network implementation. A {@code BasicNetwork} must be initialized with the HTTP client your app is using to connect to the network. -Typically this is {@link android.net.http.AndroidHttpClient} or -{@link java.net.HttpURLConnection}:</p> +Typically this is a {@link java.net.HttpURLConnection}:</p> <ul> -<li>Use {@link android.net.http.AndroidHttpClient} for apps targeting Android API levels +<li>Use {@code android.net.http.AndroidHttpClient} for apps targeting Android API levels lower than API Level 9 (Gingerbread). Prior to Gingerbread, {@link java.net.HttpURLConnection} was unreliable. For more discussion of this topic, see <a href="http://android-developers.blogspot.com/2011/09/androids-http-clients.html"> |