Merge branch 'master' into g_master

soter-client-sdk/build.gradle

@@ -32,8 +32,8 @@ subprojects {
 
 ext {
     minSdkVersion = 14
-    targetSdkVersion = 29
-    compileSdkVersion = 29
+    targetSdkVersion = 31
+    compileSdkVersion = 31
     buildToolsVersion = '30.0.3'
 
     javaVersion = JavaVersion.VERSION_1_7

soter-client-sdk/gradle.properties

@@ -13,6 +13,7 @@
 # http://www.gradle.org/docs/current/userguide/multi_project_builds.html#sec:decoupled_projects
 # org.gradle.parallel=true
 #Tue May 09 20:42:37 CST 2017
-VERSION_NAME_PREFIX=2.0.11
+org.gradle.internal.publish.checksums.insecure=true
+VERSION_NAME_PREFIX=2.1.8
 VERSION_NAME_SUFFIX=
 #VERSION_NAME_SUFFIX=-SNAPSHOT

soter-client-sdk/gradle/android-artifacts.gradle

@@ -41,12 +41,22 @@ group = GROUP
 //    }
 //}
 
+def isReleaseBuild() {
+    return version.contains("SNAPSHOT") == false
+}
+
 def getReleaseRepositoryUrl() {
     Properties properties = new Properties()
     properties.load(project.rootProject.file('local.properties').newDataInputStream())
     return properties.getProperty('RELEASE_REPOSITORY_URL')
 }
 
+def getSnapshotRepositoryUrl() {
+    Properties properties = new Properties()
+    properties.load(project.rootProject.file('local.properties').newDataInputStream())
+    return properties.getProperty('SNAPSHOT_REPOSITORY_URL')
+}
+
 def getRepositoryUsername() {
     Properties properties = new Properties()
     properties.load(project.rootProject.file('local.properties').newDataInputStream())
@@ -84,7 +94,7 @@ afterEvaluate {
     publishing {
         repositories {
             maven {
-                url = getReleaseRepositoryUrl()
+                url = isReleaseBuild() ? getReleaseRepositoryUrl() : getSnapshotRepositoryUrl()
                 credentials {
                     username = getRepositoryUsername()
                     password = getRepositoryPassword()

soter-client-sdk/soter-core/src/main/aidl/com/tencent/soter/soterserver/ISoterService.aidl

@@ -7,6 +7,7 @@ import com.tencent.soter.soterserver.SoterExportResult;
 import com.tencent.soter.soterserver.SoterSessionResult;
 import com.tencent.soter.soterserver.SoterSignResult;
 import com.tencent.soter.soterserver.SoterDeviceResult;
+import com.tencent.soter.soterserver.SoterExtraParam;
 
 interface ISoterService {
     /**
@@ -38,5 +39,5 @@ interface ISoterService {
 
      int getVersion();
 
-
+     SoterExtraParam getExtraParam(String key);
  }

soter-client-sdk/soter-core/src/main/aidl/com/tencent/soter/soterserver/SoterExtraParam.aidl

@@ -0,0 +1,6 @@
+// SoterExtraParam.aidl
+package com.tencent.soter.soterserver;
+
+// Declare any non-default types here with import statements
+parcelable SoterExtraParam;
+

soter-client-sdk/soter-core/src/main/java/com/tencent/soter/core/SoterCore.java

@@ -58,7 +58,10 @@ public class SoterCore implements ConstantsSoter, SoterErrCode {
         IMPL = getProviderSoterCore();
         SLogger.i(TAG,"soter: SoterCore is call static block to init SoterCore IMPL, IMPL is null[%b]", (IMPL == null) );
     }
-
+
+    public static SoterCoreBase getImpl() {
+        return IMPL;
+    }
 
     public static void setUp() {
         SoterCoreBeforeTreble.setUp();

soter-client-sdk/soter-core/src/main/java/com/tencent/soter/core/biometric/BiometricManagerCompat.java

@@ -19,6 +19,7 @@
 import android.content.Context;
 import android.hardware.fingerprint.FingerprintManager;
 import android.os.Build;
+import android.os.Bundle;
 import android.os.CancellationSignal;
 import android.os.Handler;
 
@@ -151,13 +152,13 @@ public boolean isCurrentTweenTimeAvailable(Context context) {
      */
     public void authenticate(CryptoObject crypto, int flags,
                              CancellationSignal cancel, AuthenticationCallback callback,
-                             Handler handler) {
+                             Handler handler, Bundle extra) {
         IBiometricManager IMPL = IMPL_PROVIDER.get(mBiometricType);
         if (IMPL == null){
             SLogger.i(TAG, "soter: Biometric provider not initialized type["+ mBiometricType +"]");
             callback.onAuthenticationCancelled();
         }
-        IMPL.authenticate(mContext, crypto, flags, cancel, callback, handler);
+        IMPL.authenticate(mContext, crypto, flags, cancel, callback, handler, extra);
     }
 
     /**
@@ -284,7 +285,7 @@ private interface IBiometricManager {
         void authenticate(Context context,
                           CryptoObject crypto, int flags,
                           CancellationSignal cancel,
-                          AuthenticationCallback callback, Handler handler);
+                          AuthenticationCallback callback, Handler handler, Bundle extra);
     }
 
     private static class LegacyFingerprintManagerImpl implements IBiometricManager {
@@ -311,7 +312,7 @@ public String getBiometricName(Context context) {
         public void authenticate(Context context,
                                  CryptoObject crypto, int flags,
                                  CancellationSignal cancel,
-                                 AuthenticationCallback callback, Handler handler) {
+                                 AuthenticationCallback callback, Handler handler, Bundle extra) {
         }
 
     }
@@ -343,13 +344,13 @@ public String getBiometricName(Context context) {
         public void authenticate(Context context,
                                  CryptoObject crypto, int flags,
                                  CancellationSignal cancel,
-                                 AuthenticationCallback callback, Handler handler) {
+                                 AuthenticationCallback callback, Handler handler, Bundle extra) {
 
             FingerprintManagerProxy.authenticate(
                     context,
                     wrapCryptoObject(crypto), flags,
                     cancel,
-                    wrapCallback(context, callback), handler);
+                    wrapCallback(context, callback), handler, extra);
         }
 
         private static FingerprintManagerProxy.CryptoObject wrapCryptoObject(CryptoObject cryptoObject) {
@@ -527,7 +528,7 @@ public void authenticate(Context context,
                                  CryptoObject crypto,
                                  int flags,
                                  CancellationSignal cancel,
-                                 AuthenticationCallback callback, Handler handler) {
+                                 AuthenticationCallback callback, Handler handler, Bundle extra) {
 
             FaceidManagerProxy.authenticate(
                     context,

soter-client-sdk/soter-core/src/main/java/com/tencent/soter/core/biometric/FingerprintManagerProxy.java

@@ -19,11 +19,17 @@
 import android.Manifest;
 import android.annotation.SuppressLint;
 import android.content.Context;
+import android.content.DialogInterface;
 import android.content.pm.PackageManager;
+import android.hardware.biometrics.BiometricManager;
+import android.hardware.biometrics.BiometricPrompt;
 import android.hardware.fingerprint.FingerprintManager;
 import android.os.Build;
+import android.os.Bundle;
 import android.os.Handler;
+import android.text.TextUtils;
 
+import com.tencent.soter.core.model.ConstantsSoter;
 import com.tencent.soter.core.model.SLogger;
 import com.tencent.soter.core.model.SoterCoreUtil;
 
@@ -44,6 +50,8 @@ final class FingerprintManagerProxy {
 
     public static final String FINGERPRINT_SERVICE = "fingerprint";
 
+    public static boolean sCLOSE_API31 = false;
+
     private static FingerprintManager getFingerprintManager(Context ctx) {
         return (FingerprintManager) ctx.getSystemService(FINGERPRINT_SERVICE);
     }
@@ -109,7 +117,19 @@ public static boolean isHardwareDetected(Context context) {
     }
 
     public static void authenticate(Context context, CryptoObject crypto, int flags, Object cancel,
-                                    AuthenticationCallback callback, Handler handler) {
+                                    AuthenticationCallback callback, Handler handler, Bundle extra) {
+        boolean useBiometricPrompt = extra.getBoolean("use_biometric_prompt");
+        SLogger.i(TAG, "use_biometric_prompt: %s, sdk_version: %s", useBiometricPrompt, Build.VERSION.SDK_INT);
+        if (useBiometricPrompt && Build.VERSION.SDK_INT >= Build.VERSION_CODES.P) {
+            authenticateApi28(context, crypto, flags, cancel, callback, handler, extra);
+        } else {
+            authenticateLegacy(context, crypto, flags, cancel, callback, handler);
+        }
+    }
+
+    @SuppressLint("MissingPermission")
+    private static void authenticateLegacy(Context context, CryptoObject crypto, int flags, Object cancel,
+                                           AuthenticationCallback callback, Handler handler) {
         if (checkSelfPermission(context, Manifest.permission.USE_FINGERPRINT) != PackageManager.PERMISSION_GRANTED) {
             SLogger.e(TAG, "soter: permission check failed: authenticate");
             return;
@@ -127,6 +147,34 @@ public static void authenticate(Context context, CryptoObject crypto, int flags,
             SLogger.e(TAG, "soter: triggered SecurityException in authenticate! Make sure you declared USE_FINGERPRINT in AndroidManifest.xml");
         }
     }
+    @SuppressLint("MissingPermission")
+    private static void authenticateApi28(Context context, CryptoObject crypto, int flags, Object cancel,
+                                          final AuthenticationCallback callback, Handler handler, Bundle extra) {
+        if (checkSelfPermission(context, Manifest.permission.USE_BIOMETRIC) != PackageManager.PERMISSION_GRANTED) {
+            SLogger.e(TAG, "soter: permission check failed: authenticate");
+            return;
+        }
+
+        BiometricPrompt.Builder builder = new BiometricPrompt.Builder(context);
+        builder.setDeviceCredentialAllowed(false);
+        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.R) {
+            builder.setAllowedAuthenticators(BiometricManager.Authenticators.BIOMETRIC_STRONG);
+        }
+        builder.setTitle(extra.getString("prompt_title"));
+        builder.setSubtitle(extra.getString("prompt_subtitle"));
+        builder.setDescription(extra.getString("prompt_description"));
+        String promptButton = extra.getString("prompt_button");
+        if (TextUtils.isEmpty(promptButton)) {
+            promptButton = context.getString(android.R.string.cancel);
+        }
+        builder.setNegativeButton(promptButton, context.getMainExecutor(), new DialogInterface.OnClickListener() {
+            @Override
+            public void onClick(DialogInterface dialog, int which) {
+                callback.onAuthenticationError(ConstantsSoter.ERR_NEGATIVE_BUTTON, "click negative button");
+            }
+        });
+        builder.build().authenticate((android.os.CancellationSignal) cancel, context.getMainExecutor(), wrapCallback2(callback));
+    }
 
     private static FingerprintManager.CryptoObject wrapCryptoObject(CryptoObject cryptoObject) {
         if (cryptoObject == null) {
@@ -156,6 +204,20 @@ private static CryptoObject unwrapCryptoObject(FingerprintManager.CryptoObject c
         }
     }
 
+    private static CryptoObject unwrapCryptoObject(BiometricPrompt.CryptoObject cryptoObject) {
+        if (cryptoObject == null) {
+            return null;
+        } else if (cryptoObject.getCipher() != null) {
+            return new CryptoObject(cryptoObject.getCipher());
+        } else if (cryptoObject.getSignature() != null) {
+            return new CryptoObject(cryptoObject.getSignature());
+        } else if (cryptoObject.getMac() != null) {
+            return new CryptoObject(cryptoObject.getMac());
+        } else {
+            return null;
+        }
+    }
+
     private static FingerprintManager.AuthenticationCallback wrapCallback(
             final AuthenticationCallback callback) {
         return new FingerprintManager.AuthenticationCallback() {
@@ -186,6 +248,30 @@ public void onAuthenticationFailed() {
         };
     }
 
+    private static BiometricPrompt.AuthenticationCallback wrapCallback2(final AuthenticationCallback callback) {
+        return new BiometricPrompt.AuthenticationCallback() {
+            @Override
+            public void onAuthenticationError(int errorCode, CharSequence errString) {
+                callback.onAuthenticationError(errorCode, errString);
+            }
+
+            @Override
+            public void onAuthenticationHelp(int helpCode, CharSequence helpString) {
+                callback.onAuthenticationHelp(helpCode, helpString);
+            }
+
+            @Override
+            public void onAuthenticationSucceeded(BiometricPrompt.AuthenticationResult result) {
+                callback.onAuthenticationSucceeded(new AuthenticationResultInternal(unwrapCryptoObject(result.getCryptoObject())));
+            }
+
+            @Override
+            public void onAuthenticationFailed() {
+                callback.onAuthenticationFailed();
+            }
+        };
+    }
+
     public static class CryptoObject {
 
         private final Signature mSignature;

soter-client-sdk/soter-core/src/main/java/com/tencent/soter/core/model/ConstantsSoter.java

@@ -31,6 +31,7 @@ public interface ConstantsSoter {
     int ERR_BIOMETRIC_FAIL_MAX = 10308; //FingerprintManager.FINGERPRINT_ERROR_LOCKOUT = 7;
     int ERR_BIOMETRIC_FAIL_MAX_PERMANENT = 10309; //FingerprintManager.FINGERPRINT_ERROR_LOCKOUT_PERMANENT = 9;
     int ERR_BIOMETRIC_WAIT_TIMEOUT = 10309;
+    int ERR_NEGATIVE_BUTTON = 10310;
 
     /**biometric auth type, ths first bit means fingerprint, the second bit for faceid, and go on*/
     int FINGERPRINT_AUTH = 0x1;

soter-client-sdk/soter-core/src/main/java/com/tencent/soter/core/model/ISoterExParameters.java

@@ -1,9 +1,11 @@
 package com.tencent.soter.core.model;
 
+import android.support.annotation.NonNull;
+
 /**
  * An interface that defines biometric parameters. The vendor implements this interface to provide biometrics parameters
  */
-interface ISoterExParameters {
+public interface ISoterExParameters {
 
     /**
      * The type of fingerprint, will return an int.
@@ -31,6 +33,6 @@ interface ISoterExParameters {
      */
     int FINGERPRINT_TYPE_UNDER_SCREEN = 2;
 
-    Object getParam(String key, Object defVal);
+    Object getParam(@NonNull String key, Object defVal);
 
 }

soter-client-sdk/soter-core/src/main/java/com/tencent/soter/core/model/SoterExParameters.java

@@ -1,5 +1,7 @@
 package com.tencent.soter.core.model;
 
+import com.tencent.soter.core.SoterCore;
+
 /**
  * Device settings about biometrics.
  */
@@ -16,8 +18,13 @@ private SoterExParameters() {
         try {
             impl = (ISoterExParameters) Class.forName(SOTEREX_PROVIDER_CLASS_NAME).getDeclaredMethod("getInstance").invoke(null);
         } catch (Exception e) {
-            e.printStackTrace();
-            SLogger.printErrStackTrace(TAG, e, "soter: init ext param failed.");
+            SLogger.e(TAG, "soter: init ext param failed.");
+            if (SoterCore.getSoterCoreType() == SoterCore.IS_TREBLE) {
+                impl = new SoterExParametersTrebleImpl();
+                if (SoterCore.getImpl() != null) {
+                    SoterCore.getImpl().updateExtraParam();
+                }
+            }
         }
     }
 

soter-client-sdk/soter-core/src/main/java/com/tencent/soter/core/model/SoterExParametersTrebleImpl.java

@@ -0,0 +1,34 @@
+package com.tencent.soter.core.model;
+
+import android.support.annotation.NonNull;
+
+import com.tencent.soter.core.model.ISoterExParameters;
+
+public class SoterExParametersTrebleImpl implements ISoterExParameters {
+
+    private static int fingerprintType = FINGERPRINT_TYPE_UNDEFINE;
+
+    private static int[] fingerprintPosition = null;
+
+    @Override
+    public Object getParam(@NonNull String key, Object defVal) {
+        synchronized (SoterExParametersTrebleImpl.class) {
+            if (FINGERPRINT_TYPE.equals(key)) {
+                return fingerprintType != FINGERPRINT_TYPE_UNDEFINE ? fingerprintType : defVal;
+            } else if (FINGERPRINT_HARDWARE_POSITION.equals(key)) {
+                return fingerprintPosition != null ? fingerprintPosition : defVal;
+            }
+            return null;
+        }
+    }
+
+    public static void setParam(@NonNull String key, Object value) {
+        synchronized (SoterExParametersTrebleImpl.class) {
+            if (FINGERPRINT_TYPE.equals(key)) {
+                fingerprintType = (int) value;
+            } else if (FINGERPRINT_HARDWARE_POSITION.equals(key)) {
+                fingerprintPosition = (int[]) value;
+            }
+        }
+    }
+}

soter-client-sdk/soter-core/src/main/java/com/tencent/soter/core/sotercore/SoterCoreBase.java

@@ -144,6 +144,13 @@ public void releaseTrebleServiceConnection() {
 
     public void setTrebleServiceListener(SoterCoreTrebleServiceListener listener) {
 
+    }
+
+    /**
+     * update system extra param(such as FingerType, FingerIconPosition) by SoterService
+     */
+    public void updateExtraParam() {
+
     }
 
     public abstract Signature initAuthKeySignature(String useKeyAlias) throws InvalidKeyException, NoSuchProviderException,