diff options
Diffstat (limited to 'docs/html')
| -rw-r--r-- | docs/html/design/wear/structure.jd | 3 | ||||
| -rw-r--r-- | docs/html/distribute/essentials/quality/tv.jd | 6 | ||||
| -rw-r--r-- | docs/html/preview/behavior-changes.jd | 40 | ||||
| -rw-r--r-- | docs/html/training/articles/keystore.jd | 467 | ||||
| -rw-r--r-- | docs/html/training/tv/start/hardware.jd | 2 |
5 files changed, 498 insertions, 20 deletions
diff --git a/docs/html/design/wear/structure.jd b/docs/html/design/wear/structure.jd index c1d9ef9..768aa7f 100644 --- a/docs/html/design/wear/structure.jd +++ b/docs/html/design/wear/structure.jd @@ -166,8 +166,11 @@ href="#2DPicker">2D picker</a> is always available.</p> <li>A map that asks the user to drop a pin should exit when the pin is dropped.</li> <li>A short game can exit when the game finishes.</li> <li>A drawing app can finish after 5 seconds of inactivity.</li> + + <p class="note">An app generally should not exit in {@link android.app.Activity#onPause onPause()}. This is because events such as <a href="{@docRoot}guide/topics/ui/notifiers/notifications.html#Heads-up">Heads-up Notifications</a> can trigger the {@link android.app.Activity#onPause() onPause()} callback.</p> </ul> + <h3>Manually exiting</h3> <p>Even with logical exit points like these, some cases may exist where the user may want to diff --git a/docs/html/distribute/essentials/quality/tv.jd b/docs/html/distribute/essentials/quality/tv.jd index 20018c3..c7f6fcb 100644 --- a/docs/html/distribute/essentials/quality/tv.jd +++ b/docs/html/distribute/essentials/quality/tv.jd @@ -418,9 +418,9 @@ data-sortorder="-timestamp" data-cardsizes="9x3" data-maxresults="6"> </td> <td> <p style="margin-bottom:.5em;"> - If the app continues to play sound after the user has left, the app provides a <em>Now - Playing</em> card on the home screen recommendation row so users can return to the app to - control playback. + If the app continues to play sound or video after the user has left, the + app provides a <em>Now Playing</em> card on the home screen recommendation + row so users can return to the app to control playback. (<a href="{@docRoot}training/tv/playback/now-playing.html">Learn how</a>) </p> </td> diff --git a/docs/html/preview/behavior-changes.jd b/docs/html/preview/behavior-changes.jd index 6ee0af0..5c8ef41 100644 --- a/docs/html/preview/behavior-changes.jd +++ b/docs/html/preview/behavior-changes.jd @@ -373,7 +373,7 @@ consideration that the interaction must be explicitly enabled. <h2 id="behavior-afw">Android for Work Changes</h2> <p>This preview includes the following behavior changes for Android for Work:</p> <ul> -<li><strong>Work contacts in personal contexts.</strong> The Google Dialer + <li><strong>Work contacts in personal contexts.</strong> The Google Dialer Call Log now displays work contacts when the user views past calls. Setting {@link android.app.admin.DevicePolicyManager#setCrossProfileCallerIdDisabled(android.content.ComponentName, boolean) setCrossProfileCallerIdDisabled()} @@ -381,21 +381,19 @@ to {@code true} hides the work profile contacts in the Google Dialer Call Log. W displayed along with personal contacts to devices over Bluetooth only if you set {@code DevicePolicyManager.setBluetoothContactSharingDisabled()} to {@code false}. By default, it is set to {@code true}. -</li> -<li><strong>WiFi configuration removal:</strong> WiFi configurations added by a Profile Owner + </li> + <li><strong>WiFi configuration removal:</strong> WiFi configurations added by a Profile Owner (for example, through calls to the {@link android.net.wifi.WifiManager#addNetwork(android.net.wifi.WifiConfiguration) -addNetwork()} method) are now removed if that work profile is deleted.</li> - -<li><strong>WiFi configuration lockdown:</strong> Any WiFi configuration created by +addNetwork()} method) are now removed if that work profile is deleted. + </li> + <li><strong>WiFi configuration lockdown:</strong> Any WiFi configuration created by an active Device Owner can no longer be modified or deleted by the user if <code>Settings.Global.WIFI_DEVICE_OWNER_CONFIGS_LOCKDOWN</code> is non-zero. The user can still create and modify their own WiFi configurations. Active Device Owners have the privilege of editing/removing any WiFi configurations, including those not created by them. -</li> - -</li> + </li> <li><strong>Download Work Policy Controller via Google account addition:</strong> When a Google account that requires management via a Work Policy Controller (WPC) app is added to a device outside of a managed context, the add account flow now prompts the user to install the @@ -408,7 +406,7 @@ method affects the camera for the calling user only; calling it from the managed affect camera apps running on the primary user. </li> <li>In addition, the {@link android.app.admin.DevicePolicyManager#setKeyguardDisabledFeatures(android.content.ComponentName,int) setKeyguardDisabledFeatures()} - method is now available for Profile Owners, in addition to Device Owners. </li> + method is now available for Profile Owners, as well as to Device Owners. </li> <li>A Profile Owner can set these keyguard restrictions: <ul> <li>{@link android.app.admin.DevicePolicyManager#KEYGUARD_DISABLE_TRUST_AGENTS} and @@ -422,9 +420,19 @@ affect camera apps running on the primary user. </li> <li>The {@link android.app.admin.DevicePolicyManager#setScreenCaptureDisabled(android.content.ComponentName, boolean) setScreenCaptureDisabled()} method now also blocks the assist structure when an app of the given user is in the foreground. </li> <li><code>EXTRA_PROVISIONING_DEVICE_ADMIN_PACKAGE_CHECKSUM</code> now defaults to SHA-256. SHA-1 is still supported for backwards compatibility but will be removed in future. <code>EXTRA_PROVISIONING_DEVICE_ADMIN_SIGNATURE_CHECKSUM</code> now only accepts SHA-256.</li> <li>Device initializer APIs which existed in the MNC preview are now removed. They will not appear in the final M release.</li> - <li>Android for Work APIs are optimized for M runtime permissions, including Work profiles, assist layer, and others. New DevicePolicyManager permission APIs don't affect pre-M apps.</li> - </ul> - <li><strong>Changes to global settings</strong> — the settings below can no longer be set via {@link android.app.admin.DevicePolicyManager#setGlobalSetting(android.content.ComponentName, java.lang.String, java.lang.String) setGlobalSettings()}</code>: + <li><code>EXTRA_PROVISIONING_RESET_PROTECTION_PARAMETERS</code> is removed so NFC bump provisioning cannot programmatically unlock a factory reset protected device.</li> + <li>Android for Work APIs are optimized for M runtime permissions, including Work profiles, assist layer, and others. New <code>DevicePolicyManager</code> permission APIs don't affect pre-M apps.</li> + </ul></li> + +<li><strong>Changes to other APIs</strong>: +<ul> + <li>Data Usage: The {@code android.app.usage.NetworkUsageStats} class has been renamed {@code android.app.usage.NetworkStats}.</li> +</ul> + </li> + + <li><strong>Changes to global settings</strong>: + <ul> + <li>These settings can no longer be set via {@link android.app.admin.DevicePolicyManager#setGlobalSetting(android.content.ComponentName, java.lang.String, java.lang.String) setGlobalSettings()}</code>: <ul> <li><code>BLUETOOTH_ON</code></li> <li><code>DEVELOPMENT_SETTINGS_ENABLED</code></li> @@ -433,4 +441,10 @@ affect camera apps running on the primary user. </li> <li><code>WIFI_ON</code></li> </ul> </li> + <li>These global settings can now be set via <code><a href="/reference/android/app/admin/DevicePolicyManager.html#setGlobalSetting(android.content.ComponentName, java.lang.String, java.lang.String)">setGlobalSettings()</a></code>: + <ul> + <li><code>WIFI_DEVICE_OWNER_CONFIGS_LOCKDOWN</code></li> + </ul> + </li> + </ul> </ul> diff --git a/docs/html/training/articles/keystore.jd b/docs/html/training/articles/keystore.jd index 52cb13e..aa1ed0a 100644 --- a/docs/html/training/articles/keystore.jd +++ b/docs/html/training/articles/keystore.jd @@ -7,14 +7,15 @@ page.title=Android Keystore System <ol> <li><a href="#SecurityFeatures">Security Features</a></li> <li><a href="#WhichShouldIUse">Choosing Between a Keychain or the Android Keystore Provider</a></li> - <li><a href="#UsingAndroidKeyStore">Using Android Keystore Provider - </a></li> + <li><a href="#UsingAndroidKeyStore">Using Android Keystore Provider</a> <ol> <li><a href="#GeneratingANewPrivateKey">Generating a New Private Key</a></li> <li><a href="#WorkingWithKeyStoreEntries">Working with Keystore Entries</a></li> <li><a href="#ListingEntries">Listing Entries</a></li> <li><a href="#SigningAndVerifyingData">Signing and Verifying Data</a></li> </ol> + </li> + <li><a href="#SupportedAlgorithms">Supported Algorithms</a></li> </ol> <h2>Blog articles</h2> @@ -27,6 +28,14 @@ page.title=Android Keystore System </div> </div> +<style type="text/css"> + tr.deprecated { + background-color: #ccc; + color: #999; + font-style: italic; + } +</style> + <p>The Android Keystore system lets you store cryptographic keys in a container to make it more difficult to extract from the device. Once keys are in the keystore, they can be used for cryptographic operations with the key material @@ -213,4 +222,456 @@ operate in one of the two modes: {@link android.hardware.fingerprint.FingerprintManager#hasEnrolledFingerprints() FingerprintManager.hasEnrolledFingerprints}). These keys become permanently invalidated once a new fingerprint is enrolled or all fingerprints are unenrolled.</li> -</ul>
\ No newline at end of file +</ul> + +<h2 id="SupportedAlgorithms">Supported Algorithms</h2> + +<ul> + <li><a href="#SupportedCiphers">{@code Cipher}</a></li> + <li><a href="#SupportedKeyGenerators">{@code KeyGenerator}</a></li> + <li><a href="#SupportedKeyFactories">{@code KeyFactory}</a></li> + <li><a href="#SupportedKeyPairGenerators">{@code KeyPairGenerator}</a></li> + <li><a href="#SupportedMacs">{@code Mac}</a></li> + <li><a href="#SupportedSignatures">{@code Signature}</a></li> + <li><a href="#SupportedSecretKeyFactories">{@code SecretKeyFactory}</a></li> +</ul> + +<h3 id="SupportedCiphers">Cipher</h3> +<table> + <thead> + <tr> + <th>Algorithm</th> + <th>Supported (API Levels)</th> + <th>Notes</th> + </tr> + </thead> + <tbody> + <tr> + <td>AES/CBC/NoPadding</td> + <td>23+</td> + <td></td> + </tr> + <tr> + <td>AES/CBC/PKCS7Padding</td> + <td>23+</td> + <td></td> + </tr> + <tr> + <td>AES/CTR/NoPadding</td> + <td>23+</td> + <td></td> + </tr> + <tr> + <td>AES/ECB/NoPadding</td> + <td>23+</td> + <td></td> + </tr> + <tr> + <td>AES/ECB/PKCS7Padding</td> + <td>23+</td> + <td></td> + </tr> + <tr> + <td>AES/GCM/NoPadding</td> + <td>23+</td> + <td>Only 12-byte long IVs supported.</td> + </tr> + <tr> + <td>RSA/ECB/NoPadding</td> + <td>18+</td> + <td></td> + </tr> + <tr> + <td>RSA/ECB/PKCS1Padding</td> + <td>18+</td> + <td></td> + </tr> + <tr> + <td>RSA/ECB/OAEPWithSHA-1AndMGF1Padding</td> + <td>23+</td> + <td></td> + </tr> + <tr> + <td>RSA/ECB/OAEPWithSHA-224AndMGF1Padding</td> + <td>23+</td> + <td></td> + </tr> + <tr> + <td>RSA/ECB/OAEPWithSHA-256AndMGF1Padding</td> + <td>23+</td> + <td></td> + </tr> + <tr> + <td>RSA/ECB/OAEPWithSHA-384AndMGF1Padding</td> + <td>23+</td> + <td></td> + </tr> + <tr> + <td>RSA/ECB/OAEPWithSHA-512AndMGF1Padding</td> + <td>23+</td> + <td></td> + </tr> + <tr> + <td>RSA/ECB/OAEPPadding</td> + <td>23+</td> + <td></td> + </tr> + </tbody> +</table> + +<h3 id="SupportedKeyGenerators">KeyGenerator</h3> +<table> + <thead> + <tr> + <th>Algorithm</th> + <th>Supported (API Levels)</th> + <th>Notes</th> + </tr> + </thead> + <tbody> + <tr> + <td>AES</td> + <td>23+</td> + <td>Supported sizes: 128, 192, 256</td> + </tr> + <tr> + <td>HmacSHA1</td> + <td>23+</td> + <td> + <ul> + <li>Supported sizes: 8--1024 (inclusive), must be multiple of 8</li> + <li>Default size: 160</li> + <ul> + </td> + </tr> + <tr> + <td>HmacSHA224</td> + <td>23+</td> + <td> + <ul> + <li>Supported sizes: 8--1024 (inclusive), must be multiple of 8</li> + <li>Default size: 224</li> + <ul> + </td> + </tr> + <tr> + <td>HmacSHA256</td> + <td>23+</td> + <td> + <ul> + <li>Supported sizes: 8--1024 (inclusive), must be multiple of 8</li> + <li>Default size: 256</li> + <ul> + </td> + </tr> + <tr> + <td>HmacSHA384</td> + <td>23+</td> + <td> + <ul> + <li>Supported sizes: 8--1024 (inclusive), must be multiple of 8</li> + <li>Default size: 384</li> + <ul> + </td> + </tr> + <tr> + <td>HmacSHA512</td> + <td>23+</td> + <td> + <ul> + <li>Supported sizes: 8--1024 (inclusive), must be multiple of 8</li> + <li>Default size: 512</li> + <ul> + </td> + </tr> + </tbody> +</table> + +<h3 id="SupportedKeyFactories">KeyFactory</h3> +<table> + <thead> + <tr> + <th>Algorithm</th> + <th>Supported (API Levels)</th> + <th>Notes</th> + </tr> + </thead> + <tbody> + <tr> + <td>EC</td> + <td>23+</td> + <td>Supported key specs: {@link android.security.keystore.KeyInfo} (private key only), + {@link java.security.spec.ECPublicKeySpec} (public key only), + {@link java.security.spec.X509EncodedKeySpec} (public key only) + </td> + </tr> + <tr> + <td>RSA</td> + <td>23+</td> + <td>Supported key specs: {@link android.security.keystore.KeyInfo} (private key only), + {@link java.security.spec.RSAPublicKeySpec} (public key only), + {@link java.security.spec.X509EncodedKeySpec} (public key only) + </td> + </tr> + </tbody> +</table> + +<h3 id="SupportedKeyStoreKeys">KeyStore</h3> +KeyStore supports the same key types as +<a href="#SupportedKeyPairGenerators">{@code KeyPairGenerator}</a> and +<a href="#SupportedKeyGenerators">{@code KeyGenerator}</a>. + +<h3 id="SupportedKeyPairGenerators">KeyPairGenerator</h3> +<table> + <thead> + <tr> + <th>Algorithm</th> + <th>Supported (API Levels)</th> + <th>Notes</th> + </tr> + </thead> + <tbody> + <tr class="deprecated"> + <td>DSA</td> + <td>19–22</td> + <td></td> + </tr> + <tr> + <td>EC</td> + <td>23+</td> + <td> + <ul> + <li>Supported sizes: 224, 256, 384, 521</li> + <li>Supported named curves: P-224 (secp256r1), P-256 (aka secp256r1 and prime256v1), P-384 + (aka secp384r1), P-521 (aka secp521r1)</li> + </ul> + + <p>Prior to API Level 23, EC keys can be generated using KeyPairGenerator of algorithm "RSA" + initialized {@link android.security.KeyPairGeneratorSpec} whose key type is set to "EC" + using {@link android.security.KeyPairGeneratorSpec.Builder#setKeyType(String)}. EC curve + name cannot be specified using this method -- a NIST P-curve is automatically chosen based + on the requested key size. + </td> + </tr> + <tr> + <td>RSA</td> + <td>18+</td> + <td> + <ul> + <li>Supported sizes: 512, 768, 1024, 2048, 3072, 4096</li> + <li>Supported public exponents: 3, 65537</li> + <li>Default public exponent: 65537</li> + </ul> + </td> + </tr> + </tbody> +</table> + +<h3 id="SupportedMacs">Mac</h3> +<table> + <thead> + <tr> + <th>Algorithm</th> + <th>Supported (API Levels)</th> + <th>Notes</th> + </tr> + </thead> + <tbody> + <tr> + <td>HmacSHA1</td> + <td>23+</td> + <td></td> + </tr> + <tr> + <td>HmacSHA224</td> + <td>23+</td> + <td></td> + </tr> + <tr> + <td>HmacSHA256</td> + <td>23+</td> + <td></td> + </tr> + <tr> + <td>HmacSHA384</td> + <td>23+</td> + <td></td> + </tr> + <tr> + <td>HmacSHA512</td> + <td>23+</td> + <td></td> + </tr> + </tbody> +</table> + +<h3 id="SupportedSignatures">Signature</h3> +<table> + <thead> + <tr> + <th>Algorithm</th> + <th>Supported (API Levels)</th> + <th>Notes</th> + </tr> + </thead> + <tbody> + <tr> + <td>MD5withRSA</td> + <td>18+</td> + <td></td> + </tr> + <tr> + <td>NONEwithECDSA</td> + <td>23+</td> + <td></td> + </tr> + <tr> + <td>NONEwithRSA</td> + <td>18+</td> + <td></td> + </tr> + <tr class="deprecated"> + <td>SHA1withDSA</td> + <td>19–22</td> + <td></td> + </tr> + <tr> + <td>SHA1withECDSA</td> + <td>19+</td> + <td></td> + </tr> + <tr> + <td>SHA1withRSA</td> + <td>18+</td> + <td></td> + </tr> + <tr> + <td>SHA1withRSA/PSS</td> + <td>23+</td> + <td></td> + </tr> + <tr class="deprecated"> + <td>SHA224withDSA</td> + <td>20–22</td> + <td></td> + </tr> + <tr> + <td>SHA224withECDSA</td> + <td>20+</td> + <td></td> + </tr> + <tr> + <td>SHA224withRSA</td> + <td>20+</td> + <td></td> + </tr> + <tr> + <td>SHA224withRSA/PSS</td> + <td>23+</td> + <td></td> + </tr> + <tr class="deprecated"> + <td>SHA256withDSA</td> + <td>19–22</td> + <td></td> + </tr> + <tr> + <td>SHA256withECDSA</td> + <td>19+</td> + <td></td> + </tr> + <tr> + <td>SHA256withRSA</td> + <td>18+</td> + <td></td> + </tr> + <tr> + <td>SHA256withRSA/PSS</td> + <td>23+</td> + <td></td> + </tr> + <tr class="deprecated"> + <td>SHA384withDSA</td> + <td>19–22</td> + <td></td> + </tr> + <tr> + <td>SHA384withECDSA</td> + <td>19+</td> + <td></td> + </tr> + <tr> + <td>SHA384withRSA</td> + <td>18+</td> + <td></td> + </tr> + <tr> + <td>SHA384withRSA/PSS</td> + <td>23+</td> + <td></td> + </tr> + <tr class="deprecated"> + <td>SHA512withDSA</td> + <td>19–22</td> + <td></td> + </tr> + <tr> + <td>SHA512withECDSA</td> + <td>19+</td> + <td></td> + </tr> + <tr> + <td>SHA512withRSA</td> + <td>18+</td> + <td></td> + </tr> + <tr> + <td>SHA512withRSA/PSS</td> + <td>23+</td> + <td></td> + </tr> + </tbody> +</table> + +<h3 id="SupportedSecretKeyFactories">SecretKeyFactory</h3> +<table> + <thead> + <tr> + <th>Algorithm</th> + <th>Supported (API Levels)</th> + <th>Notes</th> + </tr> + </thead> + <tbody> + <tr> + <td>AES</td> + <td>23+</td> + <td>Supported key specs: {@link android.security.keystore.KeyInfo}</td> + </tr> + <tr> + <td>HmacSHA1</td> + <td>23+</td> + <td>Supported key specs: {@link android.security.keystore.KeyInfo}</td> + </tr> + <tr> + <td>HmacSHA224</td> + <td>23+</td> + <td>Supported key specs: {@link android.security.keystore.KeyInfo}</td> + </tr> + <tr> + <td>HmacSHA256</td> + <td>23+</td> + <td>Supported key specs: {@link android.security.keystore.KeyInfo}</td> + </tr> + <tr> + <td>HmacSHA384</td> + <td>23+</td> + <td>Supported key specs: {@link android.security.keystore.KeyInfo}</td> + </tr> + <tr> + <td>HmacSHA512</td> + <td>23+</td> + <td>Supported key specs: {@link android.security.keystore.KeyInfo}</td> + </tr> + </tbody> +</table>
\ No newline at end of file diff --git a/docs/html/training/tv/start/hardware.jd b/docs/html/training/tv/start/hardware.jd index 57651e6..5747b56 100644 --- a/docs/html/training/tv/start/hardware.jd +++ b/docs/html/training/tv/start/hardware.jd @@ -163,7 +163,7 @@ if (uiModeManager.getCurrentModeType() == Configuration.UI_MODE_TYPE_TELEVISION) android:required="false"/> <uses-feature android:name="android.hardware.nfc" android:required="false"/> -<uses-feature android:name="android.hardware.gps" +<uses-feature android:name="android.hardware.location.gps" android:required="false"/> <uses-feature android:name="android.hardware.microphone" android:required="false"/> |