| <?xml version="1.0" encoding="UTF-8"?> |
| <!-- |
| Copyright 2016 The Android Open Source Project |
| |
| Licensed under the Apache License, Version 2.0 (the "License"); |
| you may not use this file except in compliance with the License. |
| You may obtain a copy of the License at |
| |
| http://www.apache.org/licenses/LICENSE-2.0 |
| |
| Unless required by applicable law or agreed to in writing, software |
| distributed under the License is distributed on an "AS IS" BASIS, |
| WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| See the License for the specific language governing permissions and |
| limitations under the License. |
| --> |
| |
| <sample> |
| <name>DirectBoot</name> |
| <group>Android N Preview</group> <!-- This field will be deprecated in the future |
| and replaced with the "categories" tags below. --> |
| <package>com.example.android.directboot</package> |
| |
| <minSdk>24</minSdk> |
| <compileSdkVersion>25</compileSdkVersion> |
| <targetSdkVersion>25</targetSdkVersion> |
| |
| <!-- Include additional dependencies here.--> |
| <!-- dependency>com.google.android.gms:play-services:5.0.+</dependency --> |
| <dependency>com.android.support:recyclerview-v7:25.0.1</dependency> |
| <dependency>com.android.support:design:25.0.1</dependency> |
| |
| <template src="base" /> |
| |
| <strings> |
| <intro> |
| <![CDATA[ |
| This sample demonstrates how to store/access data in a device protected storage |
| which is always available while the device is booted. |
| This sample works as a simple alarm clock. On > Android N devices, the scheduled alarms |
| go off after reboot even before the user enters their credentials. |
| ]]> |
| </intro> |
| </strings> |
| |
| <metadata> |
| <status>PUBLISHED</status> |
| <categories>Security</categories> |
| <technologies>Android</technologies> |
| <languages>Java</languages> |
| <solutions>Mobile</solutions> |
| <level>INTERMEDIATE</level> |
| <icon>screenshots/icon-web.png</icon> |
| <screenshots> |
| <img>screenshots/1.png</img> |
| <img>screenshots/2.png</img> |
| <img>screenshots/3.png</img> |
| <img>screenshots/4.png</img> |
| </screenshots> |
| <!-- List of APIs that this sample should be cross-referenced under. Use <android> |
| for fully-qualified Framework class names ("android:" namespace). |
| |
| Use <ext> for custom namespaces, if needed. See "Samples Index API" documentation |
| for more details. --> |
| <api_refs> |
| <android>android.content.Context.createDeviceProtectedStorageContext</android> |
| </api_refs> |
| |
| <!-- 1-3 line description of the sample here. |
| |
| Avoid simply rearranging the sample's title. What does this sample actually |
| accomplish, and how does it do it? --> |
| <description> |
| <![CDATA[ |
| Sample demonstrating how to store data in a device protected storage which |
| is always available while the device is booted both before and after any |
| user credentials(PIN/Pattern/Password) are entered. |
| ]]> |
| </description> |
| |
| <!-- Multi-paragraph introduction to sample, from an educational point-of-view. |
| Makrdown formatting allowed. This will be used to generate a mini-article for the |
| sample on DAC. --> |
| <intro> |
| <![CDATA[ |
| |
| This sample demonstrates how to store and access data in a device protected |
| storage which is always available while the device is booted. |
| Starting from Android N, the system provides two storage locations for user data: |
| |
| - Credential protected: |
| - The default storage location for all apps, available only after the user has entered their pattern/password |
| |
| - Device protected: |
| - A new storage location which is always available while the device is booted, both before and after any user credentials are entered |
| |
| Apps can mark individual components as being direct boot aware which indicates to the system that they can safely run when |
| Credential protected storage is unavailable (an direct boot aware component primarily relies on data stored in the new Device protected storage area, |
| but they may access Credential protected data when unlocked) by adding `directBootAware="true"` in the manifest. |
| ``` |
| <activity|provider|receiver|service ... |
| android:directBootAware=”true”> |
| ``` |
| |
| Components marked as directBoot aware are normal components that will continue to be available after the |
| Credential protected storage becomes available. The storage APIs on the Context supplied to these components will always point to Credential protected storage by default. |
| To access Device protected storage, you can create a secondary Context using this API |
| ``` |
| Context.createDeviceProtectedStorageContext() |
| ``` |
| All of the storage APIs on this returned Context will be redirected to point at Device protected storage. |
| |
| You need to be careful what data is stored/moved to a device protected storage |
| because the storage isn't protected by the user's credential (PIN/Pattern/Password) |
| You shouldn't store sensitive data (such as user's emails, auth tokens) in a |
| device protected storage. |
| ]]> |
| </intro> |
| </metadata> |
| </sample> |