Merge "Add IntDef return types for APIs returning ints" into androidx-main
diff --git a/security/security-app-authenticator/src/main/java/androidx/security/app/authenticator/AppAuthenticator.java b/security/security-app-authenticator/src/main/java/androidx/security/app/authenticator/AppAuthenticator.java
index 0e9f201..7f609b0 100644
--- a/security/security-app-authenticator/src/main/java/androidx/security/app/authenticator/AppAuthenticator.java
+++ b/security/security-app-authenticator/src/main/java/androidx/security/app/authenticator/AppAuthenticator.java
@@ -23,8 +23,10 @@
import android.text.TextUtils;
import android.util.Log;
+import androidx.annotation.IntDef;
import androidx.annotation.NonNull;
import androidx.annotation.Nullable;
+import androidx.annotation.RestrictTo;
import androidx.annotation.VisibleForTesting;
import androidx.annotation.XmlRes;
import androidx.collection.ArrayMap;
@@ -38,6 +40,8 @@
import java.io.IOException;
import java.io.InputStream;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
import java.util.Locale;
import java.util.Map;
import java.util.Set;
@@ -85,6 +89,22 @@
public static final int PERMISSION_DENIED_PACKAGE_UID_MISMATCH = -5;
/**
+ * Values returned when checking that a specified package has the expected signing identity
+ * for a particular permission.
+ *
+ * @hide
+ */
+ @RestrictTo(RestrictTo.Scope.LIBRARY)
+ @IntDef(value = {
+ PERMISSION_GRANTED,
+ PERMISSION_DENIED_NO_MATCH,
+ PERMISSION_DENIED_UNKNOWN_PACKAGE,
+ PERMISSION_DENIED_PACKAGE_UID_MISMATCH,
+ })
+ @Retention(RetentionPolicy.SOURCE)
+ public @interface AppIdentityPermissionResult {}
+
+ /**
* This is returned by {@link #checkAppIdentity(String)} when the specified package name has
* the expected signing identity.
*
@@ -101,6 +121,20 @@
public static final int SIGNATURE_NO_MATCH = -1;
/**
+ * Values returned when checking that a specified package has the expected signing identity
+ * on the device.
+ *
+ * @hide
+ */
+ @RestrictTo(RestrictTo.Scope.LIBRARY)
+ @IntDef(value = {
+ SIGNATURE_MATCH,
+ SIGNATURE_NO_MATCH,
+ })
+ @Retention(RetentionPolicy.SOURCE)
+ public @interface AppIdentityResult {}
+
+ /**
* The root tag for an AppAuthenticator XMl config file.
*/
private static final String ROOT_TAG = "app-authenticator";
@@ -233,6 +267,7 @@
* {@link #PERMISSION_DENIED_PACKAGE_UID_MISMATCH} if the uid as returned from
* {@link Binder#getCallingUid()} does not match the uid assigned to the package
*/
+ @AppIdentityPermissionResult
public int checkCallingAppIdentity(@NonNull String packageName, @NonNull String permission) {
return checkCallingAppIdentity(packageName, permission,
mAppAuthenticatorUtils.getCallingPid(), mAppAuthenticatorUtils.getCallingUid());
@@ -258,6 +293,7 @@
* {@link #PERMISSION_DENIED_PACKAGE_UID_MISMATCH} if the specified {@code uid} does not
* match the uid assigned to the package
*/
+ @AppIdentityPermissionResult
public int checkCallingAppIdentity(@NonNull String packageName, @NonNull String permission,
int pid, int uid) {
AppAuthenticatorResult result = checkCallingAppIdentityInternal(packageName, permission,
@@ -332,6 +368,7 @@
* @return {@link #SIGNATURE_MATCH} if the specified package has the expected
* signing identity
*/
+ @AppIdentityResult
public int checkAppIdentity(@NonNull String packageName) {
if (mAppSignatureVerifier.verifyExpectedIdentity(packageName)) {
return SIGNATURE_MATCH;