Bug: 289097671
Test: atest android.media.misc.cts.ResourceManagerTest
      atest android.media.misc.cts.ResourceManagerMultiTest
Merged-In: I750ef5a7585b7bba94f0dfb7bb8e70ec12bf70f5
Change-Id: I750ef5a7585b7bba94f0dfb7bb8e70ec12bf70f5

(Discovery tech and Change Routing)

Bug: 300351519
Bug: 319156577
Test: n/a
Merged-In: If664910d00fc673c0329e0cd4489174260eb4f1e
Merged-In: I3035f8b4fac331d827afa8e7bda6109d91ee510a
Change-Id: If664910d00fc673c0329e0cd4489174260eb4f1e

Non-A/B has been deprecated for long. During non-A/B updates,
compatibility.zip is checked with VintfObject.verify(), which
is another deprecated function that always returns compatible
if a list of package VINTF XMLs are supplied. (see below.) Hence, the private
RecoverySystem.verifyPackageCompatibility was just useless code
that unconditionally returns true except for invalid ZIP file.
Remove it. Replace the public RecoverySystem.verifyPackageCompatibility
and make it return true unconditonally.

VintfObject.verify() with OTA XMLs are deprecated per
http://b/139300422 [VINTF] Delete OTA vintf checking code
in http://r.android.com/1194233 ("Delete VINTF compatibility checks
during OTA."), in 2019. We had decided that compatibility checks
during OTA should be removed, and moved to OTA generation time instead.
Using an old libvintf on the device to check against new libvintf
metadata required forward compatibility of libvintf, which cannot be
achieved. Instead, the device should verify the signature of the OTA to
verify its source.

Test: TH
Bug: 270169217
Bug: 139300422
Change-Id: I775d29e4cd1d165233e07cfb820d1fe343fa4757

Due to a bug in Metalava the `VisiblySynchronized` check would report
an erroneous duplicate baseline entry that referenced some internal
implementation detail, e.g. `PsiThisExpression` instead of an actual
API element. Another entry with the same message and correct API
element was also written.

The Metalava bug has been fixed so this change removes the erroneous
entry.

Bug: 311690008
Test: m checkapi
Merged-In: If5550b8cc0a97f02fb7fb1bd949f8e5517007d4c
Change-Id: I79b3c9802e40e74ba7f0c9b102dc201d01ddeab5

Rename from `isOtherServiceEnabled` to `isCategoryOtherServiceEnabled`.

Bug: 315130804
Test: Compiles
Change-Id: I7b97b6de0bd702e695557a4d55a1f80e612f92c8

This reverts commit 57866f5f.

Reason for revert: 2nd attempt

Test: atest CtsLibcoreOkHttpTestCases
Change-Id: I043e2f5cf93e21b571a24470d420d5d048d51f19

This reverts commit 38b09712.

Reason for revert: b/315307245

Change-Id: I92b3c242317bc5c9cba5d128c4ed7eaa13af7953

Bug: 28746284
Test: atest NetworkSecurityConfigTests
Change-Id: Icdfc0a383e6c28e9ed6743418322264b117a8bde

This reverts commit 468c8fe6.
Additionally, this adds a guard for reading the flag: If
the calling app does not have the right permission to read the device
configuration, the code will assume it is not set.

Reason for revert: Fixed flag reading code

Bug: 314744703
Test: atest CtsWebkitTestCases:android.webkit.cts.WebViewSslTest#testProceedClientCertRequestKeyWithAndroidKeystoreKey
Change-Id: I29c58bc8c5960c0ab9af70f93440bd9a1db12dc7

This reverts commit e0c8ad86.

Reason for revert: 314140771

Change-Id: Ied1f3042aee8ac8642237a4cdcfa75be7a02e7e8

In case the MGF1 Digest setter flag is turned off (that is, it is not
possible to specify MGF1 Digests using the new API introduced), then the
old behaviour has to take place.

The old behaviour was to set all primary digests specified, as MGF1 Digests.
This behaviour has been added when the flag isn't set.

Bug: 308378912
Bug: 308069562
Test: atest CtsKeystoreTestCases:android.keystore.cts.CipherTest#testKatBasicWithDifferentProviders CtsKeystoreWycheproofTestCases:RsaOaepTest
Change-Id: I5d4541ce952e1bad7c8fdd55a00176274b0b66f3

Bug: 304478692
Test: TH
Change-Id: I7e190b7d14e5818fb68af1753bf149366d01e61d

The MGF1 Digest setter should not accept a null vararg. It should not
take in null at all.

Bug: 302280420
Test: m
Change-Id: I9db395d09e2fd0e609cd9019f3d3aedbb3244ef3

and field strength along with their associated APIs.

Bug: 294217286
Bug: 294435374
Bug: 296057223
Test: tested with CTS and manually
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:81080d559182483d9582dc8dc9ed75de3307c572)
Merged-In: I884527f9271a93997fa47b3764f9fa711cddb6f2

Change-Id: I884527f9271a93997fa47b3764f9fa711cddb6f2

Currently, the signature file elides overrides of a default method,
as they are not essential for the compilation of the stubs.
However, in some scenarios, the overrides of a default method may be
essential for the compilation of the reverse dependency of the stubs.
In the scenario seen below:
```
// API
interface ApiInterface {
    public default void bar() {};
}
class ApiClass implements AnotherParentInterface{
    public void bar() {}
}

// App depending on the API
interface AppInterface {
    public void bar();
}
public class AppClass extends ApiClass implements AppInterface {
}
```
Removal of `ApiClass.bar()` will lead to not overriding an abstract method
`AppInterface.bar()` compilation error in `AppClass`.
Therefore, this change adds the overrides of a default method to the
signature files.

Test: checkapi
Bug: 299366704
Change-Id: I212bd9aa895088fa9de33c7e3521453dea30c350

These are used by nfc stack, so should be formal APIs

Bug: 301090456
Test: CtsVerifier
Change-Id: I60ce07e30bbec5458ca72b6e11b57b0f0058d589

Defines permissions for guarding access to Thread network API.

The permissions are also granted to shell for CTS tests, see the
instructions here: go/ctswrite#write-a-test-to-test-an-api-that-requires-system-permission

Design doc: go/thread-android-api

Bug: 262683651
Merged-In: Ib15d5589bbd304d68840ee52a193676d12110512
Change-Id: Ifc6c1d55cc170a5a200dfb5d531f5e0f86a9507a

This obtains the time (via SystemClock.elapsedRealtime()) when the
user last authenticated using any of the passed authenticators.

Test: manual, atest AuthServiceTest, CTS
Bug: 303839446
Change-Id: Id22bee7b05271ce38816f932b3696cb450ab025d

Bug: 276358140
Test: make update-api
API-Coverage-Bug: 308000143
Change-Id: I3b3b9546f5a6489f203ff5b72e14ff5a29a86eaf

Bug: 304478767
Test: Compiles
Merged-In: If0b1432b78ec42a02446754ff6cf454fbb875048
Change-Id: If0b1432b78ec42a02446754ff6cf454fbb875048

Bug: 276358140
Test: make update-api
API-Coverage-Bug: 308000143
Change-Id: Icf5df742a30ccdc5b53a2e3cc78f0efd38b2739a

Bug: 307352220
Test: atest CtsNfcTestCases
Change-Id: I5b42578dcb4d0bf022fde8623f4f82cb0ac0c74b

Bug: 305065851
Test: treehugger
Change-Id: I768ab21f9a76d4d89cfc03e36a417ed5d7482b49

Bug: 304478648
Test: build
Change-Id: I4c102131c9f1639d894b95114c76028808b64c2f

This commit annotates the PackageManager#FEATURE_THREAD_NETWORK API with the
"com.android.net.thread.flags.thread_enabled" flag.

Bug: 303726779
Test: build
Change-Id: I09a27a71b2beab7902bf29b44fb9c36cc3ce2f20

Bug: 305066088
Test: Compiles
Change-Id: If27369575a0f67f227b6ede202280a6cb6a17614

(cherry pick of 7da1d255
 and 38dd161e)

Bug: 297362755
Test: make checkapi
Merged-In: If7333ead86d9028ab0a1cc8f25fc534cb13a1858
Merged-In: I4d384efac8a8d3b183d9b207b195ad5489db9e55
Change-Id: I4d384efac8a8d3b183d9b207b195ad5489db9e55

(cherry pick of 7da1d255
 and 38dd161e)

Bug: 297362755
Test: make checkapi
Merged-In: If7333ead86d9028ab0a1cc8f25fc534cb13a1858
Merged-In: I4d384efac8a8d3b183d9b207b195ad5489db9e55
Change-Id: I4d384efac8a8d3b183d9b207b195ad5489db9e55

Since NFC is becoming a mainline module, the existing CameraServiceProxy
usage of raw INfcAdapter aidl interface will not be mainline compatible.
So, create a system api to formalize this API usage. This has also been
requested by the DCK team previously.

Also, preserve the existing INfcAdapter usage behind the flag by
including INfcAdapter file directly inside services/core.

Bug: 303286040
Bug: 290843937
Test: atest CtsNfcTestCases
Change-Id: I09b9bc58bd4f7cea705a0a17268448dde2bfef0a

The javadocs mention that the functions getMac(), getKeyAgreement,
getCipher() can return nullable but this isn't show in the API.
Updating these to reflect that

Bug: 304697130
Test: atest FrameworksCoreTests
Change-Id: Icda5a087775174517abca7b4d1078a6ea0719170

This change adds overriding methods that are essential to compile the
stubs generated from the signature files.

More information and the background for this change is available at
go/add-overriding-one-pager.

Test: m checkbuild --build-from-text-stub
Bug: 299366704
Change-Id: Ia8f0ae4b4e47a2974016fd844242aa0564027131
Merged-In: Ifc1876eb60a4b716f72c86003dc9bea0081e9a4c

This API is not currently annotated. This will highlight this
possibility to any callers and hopefully enable better static analysis.

Bug: 274764512
Test: m framework -j
Change-Id: I4b46c828625dd5ccff9d45cb56e5cfaf4c184917

Currently, metalava will discard concrete overrides of abstract methods
from the API signature files which causes problems when attempting to
generate stubs from those files and also discards information that may
be important in API reviews. This change is the first step in the
process of changing that behavior.

This change hard codes the current behavior for discarding the concrete
overrides (`add-additional-overrides=no`) into those signature files
that will (or are likely) to be affected by the change in behavior.
That allows the default behavior to be changed for all the other files
without affecting these.

Follow up changes will remove the hard coding from the signature files
and will update the contents which will include the concrete overrides
of the abstract methods.

More information and the background for this change is available at
go/add-overriding-one-pager.

Test: m checkapi
Bug: 299366704
Change-Id: Ibe0dbfa29f88d1040798ae394e8d456436259aea

Bug: 288842045
Test: m update-api
Change-Id: I923f84bff4849053a8faa921bf31e39748ed5075
Signed-off-by: Jack Wu <wjack@google.com>

The javadoc tag is @deprecated, not @Deprecated (the java annotation).

Bug: 303184203
Test: m docs
Change-Id: I77a35cfa7caa5df7b42995f16fc20fab89c55f11

Bug: 291187960
Test: manual nfc on/off && tag read
Change-Id: I636919225302c7849e8ba481d48958d60c968ed6

Android 13 / T / API 33 introduced a new class in Crypto Object
in the Android Framework. This allows auth-per-op for ECDH
keys.

Bug: 282058146
Test: atest FrameworksCoreTests
API-Coverage-Bug: 282058146
Change-Id: I17877fed90ae0b3894b28967c28786a091557dd2

A previous CL added the auto-generated aconfig Flags.FLAG sources to
metalava's input when generating core/api/current.txt, so metalava would
expand the Flags.FLAG to their values.

Do the same for the build targets for the other (system, module-lib,
test) API signature files in core/api.

Also update the API signature files accordingly.

(cherry picked from commit 162ae2a1)

Bug: 301859633
Test: m checkapi
Merged-In: Id06d77e897ecfddeaa42f75cba4d6d37bee9d1b1
Change-Id: Id06d77e897ecfddeaa42f75cba4d6d37bee9d1b1

These will be part of the platform (not part of NFC module) and will be
used by NFC stack to parse platform resource files to form these
structs.

Bug: 263563565
Test: Compiles
(cherry picked from https://android-review.googlesource.com/q/commit:51c5d5ede5c85823fdd127fddc67d56da0defed0)
Merged-In: Ib1f22395567386a6e802d78b6fe359f92c3847d7

Change-Id: Ib1f22395567386a6e802d78b6fe359f92c3847d7

Add a separate setter for the digests used by the MGF1 mask generation
function (for RSA OAEP operations).

Previously the MGF1 digests were specified according to the primary
digests specification, which is not accurate enough.

With the new setter:
* If the user does not explicitly specify MGF1 digests, then the
  default (SHA-1) will be specified in the tag passed to Keystore.
* If the user does explicitly specify MGF1 digests, only those
  digests will be specified in the tag passed to Keystore.
  The SHA-1 digest will not be added.

Bug: 284140060
Test: atest android.security.keystore.KeyGenParameterSpecTest android.security.ParcelableKeyGenParameterSpecTest
Test: atest CtsKeystoreTestCases:android.keystore.cts.CipherTest#testKatBasicWithDifferentProviders
Change-Id: I1521e9b4399ece33c2d17b79133543d490d3b377