summaryrefslogtreecommitdiffstats
path: root/core/java/android/security/keymaster
Commit message (Collapse)AuthorAgeFilesLines
* Add KM_MIN_MAC_LENGTH tag to HMAC and AES-GCM keys.Alex Klyubin2015-07-161-0/+6
| | | | | | | | | | | | | | | | This makes Android Keystore add the KM_MIN_MAC_LENGTH tag to generated and imported HMAC and AES-GCM keys. This tag specifies the minimum length of the MAC/authentication tag authorized to be used for the key. For HMAC keys the minimum MAC length is set to the length of the digest associated with the key (HMAC keys are authorized for exactly one digest). For AES keys the minimum authetication tag length is set to 96 bit. This is the minimum supported by Android Keystore's AES-GCM implementation. Bug: 22337277 Change-Id: Ic6e47cf084734d1592788dc58088889f7fff74eb
* Merge "Use standard copyright banner in android/security/keymaster." into ↵Alex Klyubin2015-06-2517-49/+49
|\ | | | | | | mnc-dev
| * Use standard copyright banner in android/security/keymaster.Alex Klyubin2015-06-2417-49/+49
| | | | | | | | | | Bug: 18088752 Change-Id: I22eec18130cc46222d50481164069e7714154979
* | Track rename of INT and LONG Keymaster tag types.Alex Klyubin2015-06-245-28/+28
|/ | | | | Bug: 22008538 Change-Id: Id0091e59738c828a96305edbfc4f3958e712278b
* Keymaster INT, LONG and DATE tag values are unsigned.Alex Klyubin2015-06-233-133/+305
| | | | | | | | | | | | | | | | | | | | | | | | | | | This CL ensures that Android Keystore framework code complies with signedness of keymaster tags. In particular: * INT tags are unsigned 32-bit numbers, and * LONG and DATE tags are unsigned 64-bit numbers. The ensure compliance, KeymasterArguments and KeyCharacteristics classes through which Android Keystore interacts with Keymaster tags have been modified as follows: * ENUM and INT tags which used to be conflated are now added/queried via separate methods, because ENUM can remain represented as an int data type whereas INT is now represented as a long data type with permitted range being [0; 2^32). * Methods for adding/quering LONG tags have been switched from the long data type to the BigInteger data type and now ensure that the value is in the permitted [0; 2^63). * Methods for adding/querying DATE tags now ensure the Date value is in the permitted range [0; 2^63) ms since Unix epoch. * Methods for adding tags throw an IllegalArgumentException if the tag type is unsuitable for the method. This is to ensure that tags with invalid values cannot be added through similar methods (e.g., INT tag added via an ENUM tag addition method invoked with a negative value). Bug: 22008538 Change-Id: I6eefd5cbb561cc52d27de952691af4d9d5e1af1e
* Keymaster key validity dates are optional.Alex Klyubin2015-06-231-0/+6
| | | | | | | | | | | | This CL makes Android Keystore framework code add KM_TAG_ACTIVE_DATETIME, KM_TAG_ORIGINATION_EXPIRE_DATETIME, and KM_TAG_USAGE_EXPIRE_DATETIME tags to the authorizations set only if the corresponding time instants were specified through the framework-level API. This is fine because these tags are optional as it turns out. Bug: 18088752 Change-Id: I6a5ae4cadb441e61576231815e6bec6e9248bc72
* Add new error codes for rate-limit and max-use failures.Shawn Willden2015-06-191-1/+2
| | | | | Bug: 21607106 Change-Id: Ia0527341f98726bf74c2bfddd9b9a82974fab954
* Reflect removal of KM_TAG_AEAD_TAG from keymaster.Alex Klyubin2015-06-181-2/+2
| | | | | | | | This reflects the changes in da89dde9787dfbd8c053119ab52d9e671106b18e in system/keymaster. Bug: 19919114 Change-Id: I9cdfc7ce63099c4de29029b1fc112369c4a68eba
* Expose AES GCM backed by Android Keystore.Alex Klyubin2015-06-172-1/+13
| | | | | | Bug: 18088752 Bug: 21786749 Change-Id: Ica90491037d2920f7635195894ba18882fc4406d
* Merge "Fix block mode numbering (CTR got added as 4 rather than 3)" into mnc-devAlex Klyubin2015-06-031-5/+3
|\
| * Fix block mode numbering (CTR got added as 4 rather than 3)Alex Klyubin2015-06-031-5/+3
| | | | | | | | Change-Id: I8c886c67ba081255ef18eb0f99ca1e6003fabb33
* | Merge "Remove KM_TAG_CHUNK_LENGTH and add KM_TAG_AEAD_TAG" into mnc-devAlex Klyubin2015-06-031-4/+3
|\ \
| * | Remove KM_TAG_CHUNK_LENGTH and add KM_TAG_AEAD_TAGAlex Klyubin2015-06-021-4/+3
| |/ | | | | | | Change-Id: I384f3d2fee2f68279c6518d9ac0a79e29bed0e52
* | Track changes to the keystore binder APIChad Brubaker2015-06-011-0/+3
|/ | | | | | | | Output parameters are gone from begin, instead they will returned in the OperationResult and begin, update, and finish may return output parameters. Change-Id: I072afeb6c65f6c512b40603824c25686ac44e7c8
* Handle KM_ERROR_CALLER_NONCE_PROHIBITED.Alex Klyubin2015-04-301-0/+2
| | | | | | | | | This converts KM_ERROR_CALLER_NONCE_PROHIBITED into InvalidAlgorithmParameterSpec, as expected by the contract of JCA Cipher. Bug: 18088752 Change-Id: I6a01e2d7118c478b27a0d7a5a14a127de8913755
* Add missing error codes from keymaster_defs.h.Shawn Willden2015-04-291-0/+3
| | | | | Bug: 20127433 Change-Id: I32eab62459003c526d3cf9ef108be7b2fd709960
* Add KeyPermanentlyInvalidatedException.Alex Klyubin2015-04-291-0/+22
| | | | | | | | | | | | | | | | | | | This enables users of AndroidKeyStore crypto to differentiate between the key being unusable until the user is authenticated (UserNotAuthenticatedException) and the key being permanently unusable (KeyPermanentlyInvalidatedException). The latter is the case when the secure lock screen has been disabled or reset, and, for keys that require user authentication for every use, when a new fingerprint is enrolled or all fingerprints are unenrolled. NOTE: The KeyPermanentlyInvalidatedException subsumes/replaces the NewFingerprintEnrolledException which has thus been removed. There is no way to find out whether a key was permenently invalidated specifically because a new fingerprint was added. Bug: 20642549 Bug: 20526234 Change-Id: I0206cd99eef5c605c9c4d6afc5eea02eb3b1fe6b
* Align AndroidKeyStore API with user auth API.Alex Klyubin2015-04-281-4/+4
| | | | | | | | | | | | | | | This simplifies the AndroidKeyStore API around user authentication: no more explicit control over which user authenticators are bound to which keys. User-authenticated keys with timeout are unlocked by whatever unlocks the secure lock screen (currently, password/PIN/pattern or fingerprint). User-authenticated keys that need authentication for every use are unlocked by fingerprint only. Bug: 20526234 Bug: 20642549 Change-Id: I1e5e6c988f32657d820797ad5696797477a9ebe9
* am 1ba95855: am a9d74000: am e5e49a17: Merge "Support KM_LONG_REP"Chad Brubaker2015-04-163-2/+28
|\ | | | | | | | | * commit '1ba9585506521a2bb722ef692dc7152291306898': Support KM_LONG_REP
| * Merge "Support KM_LONG_REP"Chad Brubaker2015-04-163-2/+28
| |\
| | * Support KM_LONG_REPChad Brubaker2015-04-163-2/+28
| | | | | | | | | | | | Change-Id: I37814bcb03dc8918e27226ec43230fa4218723d0
* | | am b1aa7d0b: am 51884f0e: am 499126c4: Merge "Add Keymaster ↵Alex Klyubin2015-04-161-2/+2
|\ \ \ | |/ / | | | | | | | | | | | | | | | KM_ORIGIN_UNKNOWN constant." * commit 'b1aa7d0bc821614d943075c0d786cc3f5eeb8c73': Add Keymaster KM_ORIGIN_UNKNOWN constant.
| * | Merge "Add Keymaster KM_ORIGIN_UNKNOWN constant."Alex Klyubin2015-04-161-2/+2
| |\ \
| | * | Add Keymaster KM_ORIGIN_UNKNOWN constant.Alex Klyubin2015-04-141-2/+2
| | |/ | | | | | | | | | | | | | | | | | | | | | This tracks d359b044830b292f492f8a8df5471f869e358399 from hardware/libhardware. Bug: 18088752 Change-Id: I9a7bd8bdee51c18ae0427eff4efe036213d2b175
* | | am f39aa3d0: am a2607ee4: am b9a78c79: Merge "Add IV-related Keymaster error ↵Alex Klyubin2015-04-161-0/+4
|\ \ \ | |/ / | | | | | | | | | | | | | | | codes." * commit 'f39aa3d0898b845ced3128f1778fd04171e4b9a6': Add IV-related Keymaster error codes.
| * | Add IV-related Keymaster error codes.Alex Klyubin2015-04-151-0/+4
| |/ | | | | | | | | Bug: 18088752 Change-Id: I08daede713f945ad7dd0b21cc41ee12c15d94bad
* | resolved conflicts for merge of a978a3d6 to masterAlex Klyubin2015-04-132-0/+64
|\ \ | |/ | | | | Change-Id: Ifd7ca9e1dfa0d50a87f2bafef377fcaeb5d9f6d5
| * Merge "Use JCA names for block modes, paddings, and digests."Alex Klyubin2015-04-132-0/+62
| |\
| | * Use JCA names for block modes, paddings, and digests.Alex Klyubin2015-04-132-0/+62
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This replaces int-based enums from KeyStoreKeyConstraints with String values commonly used in JCA API. As part of under the hood refactoring: * KeyStoreKeyCharacteristics and KeyStoreKeyConstraints have been merged into KeyStoreKeyProperties. * KeymasterUtils methods operating on KeymasterArguments and KeymasterCharacteristics have been moved to their respective classes. Bug: 18088752 Change-Id: I9c8b984cb3c28184adb617e34d87f2837bd1d3a1
* | | am c88e1396: am 99f4ac14: am 97fce66f: Merge "Make several key crypto ↵Shawn Willden2015-04-101-6/+6
|\ \ \ | |/ / | | | | | | | | | | | | | | | parameters repeatable" * commit 'c88e1396db12e430dde63afc3d44c1f37a7fce79': Make several key crypto parameters repeatable
| * | Make several key crypto parameters repeatableChad Brubaker2015-04-101-6/+6
| |/ | | | | | | | | Bug: 19509156 Change-Id: Ic584d8a6bf5601f9754563b67b3cc6b3ca6b5ff9
* | am d31d4771: am c5f9683c: am a270264c: Merge "Track more changes to ↵Alex Klyubin2015-04-101-18/+1
|\ \ | |/ | | | | | | | | | | keymaster_defs.h" * commit 'd31d4771d90277eb246814b6a6f981e0842eb614': Track more changes to keymaster_defs.h
| * Track more changes to keymaster_defs.hAlex Klyubin2015-04-101-18/+1
| | | | | | | | | | | | | | KeyStoreTest needed to be adjusted because OCB is no longer supported. Bug: 18088752 Change-Id: I7594daaa5e97423d34726b07cc79e3ee28418d95
* | am 037dfb94: am 5f8c17b9: am ba2836e6: Merge "Track recent keymaster_defs.h ↵Alex Klyubin2015-04-101-19/+1
|\ \ | |/ | | | | | | | | | | changes." * commit '037dfb9423a0988398b67520546dae5673aa54bb': Track recent keymaster_defs.h changes.
| * Track recent keymaster_defs.h changes.Alex Klyubin2015-04-091-19/+1
| | | | | | | | | | Bug: 18088752 Change-Id: If47bb7cc7a385941db9f12d478676594e9bc9d86
* | resolved conflicts for merge of 06adabdb to masterAlex Klyubin2015-04-071-0/+4
|\ \ | |/ | | | | Change-Id: Ifb09e2e6242f79cabe76e95eacc982f6cc7e1a6c
| * Make the new AndroidKeyStore API conformant.Alex Klyubin2015-04-071-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This makes the new AndroidKeyStore API conform with the latest Keymaster API changes as well as the latest Android framework API design guidelines. Keymaster changes: * Multiple paddings, block modes, and digests can be set on a key. * "max uses per boot" and "min seconds between use" restrictions will not be exposed in the framework API. * Padding scheme ZERO will not be exposed. Changes due to Android framework design guidelines: * Sets of enum values have been replaced with bitsets represented as ints. * Integer has been replaced with int, with null being represented with a special value (e.g., -1 or 0) where possible. Bug: 18088752 Change-Id: Ib21739aa9b42d48895cb7a681e836a5c6d972ac6
* | am 36865896: am b48ebf48: am 562c6a71: Merge "UNSUPPORTED_TAG_LENGTH -> ↵Alex Klyubin2015-04-011-3/+4
|\ \ | |/ | | | | | | | | | | UNSUPPORTED_MAC_LENGTH" * commit '36865896072ee78cae1e987f29340d35a1526f44': UNSUPPORTED_TAG_LENGTH -> UNSUPPORTED_MAC_LENGTH
| * UNSUPPORTED_TAG_LENGTH -> UNSUPPORTED_MAC_LENGTHAlex Klyubin2015-03-311-3/+4
| | | | | | | | | | | | | | This is to follow naming from keymaster_defs.h Bug: 18088752 Change-Id: If2bc91dde54f1cefcd4325d1f62d0e0b77fc5d59
* | am 543189eb: am 826d6357: am 5491ea9e: Merge "Include operation handle in ↵Chad Brubaker2015-03-311-0/+3
|\ \ | |/ | | | | | | | | | | OperationResult" * commit '543189eb711c7aeefab9566b74b62c34d35115f5': Include operation handle in OperationResult
| * Merge "Include operation handle in OperationResult"Chad Brubaker2015-03-311-0/+3
| |\
| | * Include operation handle in OperationResultChad Brubaker2015-03-201-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | Some authorization code needs to know the actual underlying operation handle, not simply a reference to it, so return it in case it is needed. Note that the handle cannot be used by the application to reference an operation. Change-Id: I4c883dde17168b7f6c1643d81741a4c2686d3159
* | | am 23c2b8e8: am d7e06104: am 36ee836d: Merge "Symmetric key generation for ↵Alex Klyubin2015-03-271-0/+49
|\ \ \ | |/ / | | | | | | | | | | | | | | | AndroidKeyStore." * commit '23c2b8e81ec5a6e0c344f09e728d87300ac29bc2': Symmetric key generation for AndroidKeyStore.
| * | Symmetric key generation for AndroidKeyStore.Alex Klyubin2015-03-271-0/+49
| | | | | | | | | | | | | | | | | | | | | This currently supports AES and HMAC with SHA-256. Bug: 18088752 Change-Id: Ife55438cf4129b895295681bb35091cd37eb73fb
* | | am 6558d4e7: am ee468ea8: am 6326f964: Merge "Make application/client id an ↵Chad Brubaker2015-03-252-0/+75
|\ \ \ | |/ / | | | | | | | | | | | | | | | object" * commit '6558d4e75e8a129b1b1a78824ed091962a2574ef': Make application/client id an object
| * | Merge "Make application/client id an object"Chad Brubaker2015-03-252-0/+75
| |\ \
| | * | Make application/client id an objectChad Brubaker2015-03-212-0/+75
| | |/ | | | | | | | | | | | | | | | | | | | | | Having it as a raw byte[] caused issues in keystore because keymaster handles a null blob differently than a blob with null contents. Make this explicit in the API. Change-Id: Ifcf550f438608b8f09fc589d00d06fffa6ee463b
* | | am c217adaf: am 9db6e4d7: am 5aeb0853: Merge "Enforce tag types in ↵Chad Brubaker2015-03-255-0/+34
|\ \ \ | |/ / | | | | | | | | | | | | | | | KeymasterArgument classes" * commit 'c217adaf6756003684d195713dda8a9b215f5dbc': Enforce tag types in KeymasterArgument classes
| * | Enforce tag types in KeymasterArgument classesChad Brubaker2015-03-225-0/+34
| |/ | | | | | | Change-Id: Ib1aca884a0b42c3e245db65d48c945b34935072d
* | am 1bed39a5: am e921b8a2: Merge "Rename KM_TAG_USER_AUTH_ID to ↵Shawn Willden2015-03-191-1/+1
|\ \ | |/ | | | | | | | | | | KM_TAG_USER_AUTH_TYPE." * commit '1bed39a5e4d57e4735e72a1e9765dcec62035b40': Rename KM_TAG_USER_AUTH_ID to KM_TAG_USER_AUTH_TYPE.
generated by cgit v1.1 at 2025-10-13 22:51:46 +0000