Add new auth types to capture bitmask values and unspecified auth types.
When the HardwareAuthenticatorType AIDL enum used in Keystore2 metrics
was defined, an AUTH_TYPE_UNSPECIFIED sentinel value was added and
the enum tag numbers of the other values were incremented by one. This
meant that the enum can't behave as a bitmask like the KeyMint AIDL
enum does. As a result, the metrics enum can't represent the binary OR
of certain pairs of the KeyMint enum's values. So, if such a value
appears in the wild, the metrics enum's sentinel value
(AUTH_TYPE_UNSPECIFIED) is used.
Bug: 385175793
Test: Updated the argument to `user_auth_type` in a test in
`user_auth.rs` to pass in the bitmask of PASSWORD and FINGERPRINT,
ran the test, ran `adb shell dumpsys android.security.maintenance`,
and checked that a row in the `KEYGEN_AUTH` section has `auth=PW_OR_GP`.
Did the same without my fix and instead a row with `auth=UNSPEC`
appears.
Test: Removed all user authentication parameters from a test in
`user_auth.rs`, ran the test, ran `adb shell dumpsys
android.security.maintenance`, and checked that a row in the
`KEYGEN_AUTH` section has `auth=NOAUTH`. Did the same without my fix
and instead a row with `auth=UNSPEC` appears.
Change-Id: I71c5f6822f22e11e5b4e029264c8a472e8d21a01
2 files changed