summaryrefslogtreecommitdiffstats
path: root/keystore
Commit message (Collapse)AuthorAgeFilesLines
* am fa2bd4fe: am 888f5cb7: am ecfda064: Merge "Make specifying self-signed ↵Alex Klyubin2015-04-142-40/+64
|\ | | | | | | | | | | | | cert parameters optional." * commit 'fa2bd4fe5c10b8132a155f0f8d0207435ca2c8dc': Make specifying self-signed cert parameters optional.
| * Make specifying self-signed cert parameters optional.Alex Klyubin2015-04-142-40/+64
| | | | | | | | | | | | | | | | | | | | | | | | | | This removes the need to specify the three parameters of the self-signed certificate (serial number, subject, validity range) when generating key pairs in AndroidKeyStore. This is achieved by providing sensible defaults for these parameters: * serial number: 1 * subject: CN=fake * validity range: Jan 1 1970 to Jan 1 2048. Bug: 18088752 Change-Id: I5df918b1ef8b26ed3ddd43828c4c78c9fa58cd43
* | Unhide the new AndroidKeyStore API.Alex Klyubin2015-04-1312-129/+10
| | | | | | | | | | Bug: 18088752 Change-Id: I93f87cbb1cd04a4a2e34f3d544d678c92cf052ee
* | resolved conflicts for merge of a978a3d6 to masterAlex Klyubin2015-04-1315-1456/+1099
|\ \ | |/ | | | | Change-Id: Ifd7ca9e1dfa0d50a87f2bafef377fcaeb5d9f6d5
| * Merge "Use JCA names for block modes, paddings, and digests."Alex Klyubin2015-04-1315-1446/+1089
| |\
| | * Use JCA names for block modes, paddings, and digests.Alex Klyubin2015-04-1315-1446/+1089
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This replaces int-based enums from KeyStoreKeyConstraints with String values commonly used in JCA API. As part of under the hood refactoring: * KeyStoreKeyCharacteristics and KeyStoreKeyConstraints have been merged into KeyStoreKeyProperties. * KeymasterUtils methods operating on KeymasterArguments and KeymasterCharacteristics have been moved to their respective classes. Bug: 18088752 Change-Id: I9c8b984cb3c28184adb617e34d87f2837bd1d3a1
* | | am 651dbfde: am ad48c4c9: am c1c6528d: Merge "Add EcIesParameterSpec to ↵Alex Klyubin2015-04-111-0/+287
|\ \ \ | |/ / | | | | | | | | | | | | | | | enable ECIES crypto." * commit '651dbfde73171ad6451dc8f9288fa4df50f99e4c': Add EcIesParameterSpec to enable ECIES crypto.
| * | Merge "Add EcIesParameterSpec to enable ECIES crypto."Alex Klyubin2015-04-111-0/+287
| |\ \
| | * | Add EcIesParameterSpec to enable ECIES crypto.Alex Klyubin2015-04-101-0/+287
| | | | | | | | | | | | | | | | | | | | Bug: 18088752 Change-Id: I597b019106c500188e0fbbc9608722668c08b421
* | | | am 93976df8: am 3a9779b6: am 386c4e9e: Merge "Fix ↵Chad Brubaker2015-04-101-2/+2
|\ \ \ \ | |/ / / | | | | | | | | | | | | | | | | | | | | testSaw_ungrantedUid_Bluetooth" * commit '93976df800641c9d56b73af6cb4bab9cc9a5f59e': Fix testSaw_ungrantedUid_Bluetooth
| * | | Merge "Fix testSaw_ungrantedUid_Bluetooth"Chad Brubaker2015-04-101-2/+2
| |\ \ \ | | |_|/ | |/| |
| | * | Fix testSaw_ungrantedUid_BluetoothChad Brubaker2015-04-101-2/+2
| | |/ | | | | | | | | | | | | | | | | | | Keystore.saw returns [] on no result, not null, so the test was incorrectly failing. Change-Id: I22dcf85c5d6c5c0368848bc784c3215c092d9ea8
* | | am d31d4771: am c5f9683c: am a270264c: Merge "Track more changes to ↵Alex Klyubin2015-04-101-9/+5
|\ \ \ | |/ / | | | | | | | | | | | | | | | keymaster_defs.h" * commit 'd31d4771d90277eb246814b6a6f981e0842eb614': Track more changes to keymaster_defs.h
| * | Track more changes to keymaster_defs.hAlex Klyubin2015-04-101-9/+5
| |/ | | | | | | | | | | | | KeyStoreTest needed to be adjusted because OCB is no longer supported. Bug: 18088752 Change-Id: I7594daaa5e97423d34726b07cc79e3ee28418d95
* | am 037dfb94: am 5f8c17b9: am ba2836e6: Merge "Track recent keymaster_defs.h ↵Alex Klyubin2015-04-101-2/+2
|\ \ | |/ | | | | | | | | | | changes." * commit '037dfb9423a0988398b67520546dae5673aa54bb': Track recent keymaster_defs.h changes.
| * Track recent keymaster_defs.h changes.Alex Klyubin2015-04-091-2/+2
| | | | | | | | | | Bug: 18088752 Change-Id: If47bb7cc7a385941db9f12d478676594e9bc9d86
* | am 04a99c7b: am 82cba6aa: am c6eb6288: Merge "Split key origin into TEE/not ↵Alex Klyubin2015-04-103-15/+29
|\ \ | |/ | | | | | | | | | | and generated/imported." * commit '04a99c7b4435598e4f9d53fadbe5faca4ad7ebdc': Split key origin into TEE/not and generated/imported.
| * Split key origin into TEE/not and generated/imported.Alex Klyubin2015-04-093-15/+29
| | | | | | | | | | | | | | This is to match the upcoming changes in Keymaster HAL API. Bug: 18088752 Change-Id: I602d56d1c29a839583be1d9efa681a6fab6642db
* | am 4acc3392: am 8676a88e: am 97d2d7c4: Merge "Fix minor issues in new ↵Alex Klyubin2015-04-093-21/+14
|\ \ | |/ | | | | | | | | | | Javadocs of AndroidKeyStore." * commit '4acc3392c35e5ad98c8e7b650b1368a2956746b7': Fix minor issues in new Javadocs of AndroidKeyStore.
| * Fix minor issues in new Javadocs of AndroidKeyStore.Alex Klyubin2015-04-093-21/+14
| | | | | | | | | | Bug: 18088752 Change-Id: Ie84cc6066c82f2659da17a1eb158c2e3acf5094d
* | am 098833c5: am ec01623b: am aeae0f38: Merge "Add asymmetric crypto ↵Alex Klyubin2015-04-091-5/+98
|\ \ | |/ | | | | | | | | | | constants for AndroidKeyStore API." * commit '098833c59d8b3984e3983169b460198c2d5e2670': Add asymmetric crypto constants for AndroidKeyStore API.
| * Merge "Add asymmetric crypto constants for AndroidKeyStore API."Alex Klyubin2015-04-091-5/+98
| |\
| | * Add asymmetric crypto constants for AndroidKeyStore API.Alex Klyubin2015-04-091-5/+98
| | | | | | | | | | | | | | | Bug: 18088752 Change-Id: Iee72a4c230f3a2cd30d9eb4d29c4301f3e113f31
* | | am c6112eb7: am 21c4e465: am 8c58ba87: Merge "Add missing mapping between ↵Alex Klyubin2015-04-092-0/+11
|\ \ \ | |/ / | | | | | | | | | | | | | | | JCA and keystore HMAC names." * commit 'c6112eb7057f91df1f885da37564f89a423f64e4': Add missing mapping between JCA and keystore HMAC names.
| * | Merge "Add missing mapping between JCA and keystore HMAC names."Alex Klyubin2015-04-092-0/+11
| |\ \ | | |/ | |/|
| | * Add missing mapping between JCA and keystore HMAC names.Alex Klyubin2015-04-092-0/+11
| | | | | | | | | | | | | | | | | | | | | | | | This is a follow-up to 70376a77280551791dae62586a6bb0c77ed9429a where I forgot to update this mapping. Bug: 18088752 Change-Id: I322a9abd642ddee3bd2b4f49379b121012e32836
* | | am bbf3cc57: am fd168151: am e26347bb: Merge "Hide ↵Alex Klyubin2015-04-091-1/+2
|\ \ \ | |/ / | | | | | | | | | | | | | | | KeyStoreParameter.Builder.setRandomizedEncryptionRequired." * commit 'bbf3cc5797293dc915d7ecfe41e85bbe5682548d': Hide KeyStoreParameter.Builder.setRandomizedEncryptionRequired.
| * | Hide KeyStoreParameter.Builder.setRandomizedEncryptionRequired.Alex Klyubin2015-04-091-1/+2
| |/ | | | | | | | | | | | | This wasn't meant to be public API yet. Bug: 18088752 Change-Id: I40e57fd9121348086ae88ad9fa54f930547b77ba
* | resolved conflicts for merge of b9a9d46c to masterAlex Klyubin2015-04-096-12/+249
|\ \ | |/ | | | | Change-Id: Ibec45f0f8f9618dd7bd1b34561dccbdd9599cdeb
| * Merge "Require IND-CPA by default for new AndroidKeyStore keys."Alex Klyubin2015-04-096-12/+247
| |\
| | * Require IND-CPA by default for new AndroidKeyStore keys.Alex Klyubin2015-04-086-12/+247
| | | | | | | | | | | | | | | Bug: 18088752 Change-Id: I01e44b7155df4326b5c9d83dda57f889c1f23ec7
* | | am 2d81cb68: am 2cb1e1dc: am 1da3d7fc: Merge "Add more digests to ↵Alex Klyubin2015-04-094-23/+190
|\ \ \ | |/ / | | | | | | | | | | | | | | | AndroidKeyStore API." * commit '2d81cb6824e186a6c76d0466e2d58eaa34312673': Add more digests to AndroidKeyStore API.
| * | Add more digests to AndroidKeyStore API.Alex Klyubin2015-04-084-23/+190
| |/ | | | | | | | | | | | | | | | | | | | | This adds MD5, SHA-1, SHA-224, SHA-384, and SHA-512. SHA-256 was already there. MD5 is not exposed for HMAC on purpose, because MD5 has been deprecated for years. Bug: 18088752 Change-Id: I4df3d3f6cf10805c7910a1bdb577a91c85055945
* | am da66cab3: am f1a1160c: am c0d6b7cb: Merge "Fix typo"Alex Klyubin2015-04-081-1/+1
|\ \ | |/ | | | | | | * commit 'da66cab36e8085a1457565be69b55b38dfee186e': Fix typo
| * Fix typoAlex Klyubin2015-04-081-1/+1
| | | | | | | | Change-Id: I1c47ade98ad3ae41dc55e7bcafcad6901b559c89
* | am 9be1016b: am c48e8cf0: am edd0e6c0: Merge "Refuse to reuse IV in ↵Alex Klyubin2015-04-081-14/+44
|\ \ | |/ | | | | | | | | | | encryption mode in AndroidKeyStore." * commit '9be1016b44c229468bd9a215fdbbfb95a8acf2ad': Refuse to reuse IV in encryption mode in AndroidKeyStore.
| * Merge "Refuse to reuse IV in encryption mode in AndroidKeyStore."Alex Klyubin2015-04-081-14/+44
| |\
| | * Refuse to reuse IV in encryption mode in AndroidKeyStore.Alex Klyubin2015-04-081-14/+44
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This makes IV-using Cipher implementations backed by AndroidKeyStore refuse to be reused. After Cipher.doFinal completes, invoking update or doFinal will raise an exception. This is to make it harder to violate the security best practice of not reusing IV in encryption mode. Bug: 18088752 Change-Id: I5102f9e8b2ff428254294703e48948ea8576603d
* | | am 8ad875f5: am 0649c832: am 3283d2d2: Merge "Add BlockMode.GCM constant to ↵Alex Klyubin2015-04-081-1/+12
|\ \ \ | |/ / | | | | | | | | | | | | | | | AndroidKeyStore API." * commit '8ad875f52de3ffa99fea22177e26a7f22c3735b1': Add BlockMode.GCM constant to AndroidKeyStore API.
| * | Add BlockMode.GCM constant to AndroidKeyStore API.Alex Klyubin2015-04-071-1/+12
| |/ | | | | | | | | | | | | | | GCM mode is not yet implemented. This is just adding a constant to KeyStoreKeyConstraints.BlockMode. Bug: 18088752 Change-Id: Ibba5b393f56ab9f6bb96d994f110687ab8d65ff3
* | resolved conflicts for merge of 06adabdb to masterAlex Klyubin2015-04-078-700/+471
|\ \ | |/ | | | | Change-Id: Ifb09e2e6242f79cabe76e95eacc982f6cc7e1a6c
| * Make the new AndroidKeyStore API conformant.Alex Klyubin2015-04-078-698/+470
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This makes the new AndroidKeyStore API conform with the latest Keymaster API changes as well as the latest Android framework API design guidelines. Keymaster changes: * Multiple paddings, block modes, and digests can be set on a key. * "max uses per boot" and "min seconds between use" restrictions will not be exposed in the framework API. * Padding scheme ZERO will not be exposed. Changes due to Android framework design guidelines: * Sets of enum values have been replaced with bitsets represented as ints. * Integer has been replaced with int, with null being represented with a special value (e.g., -1 or 0) where possible. Bug: 18088752 Change-Id: Ib21739aa9b42d48895cb7a681e836a5c6d972ac6
* | am ba88b692: am e2e5b88e: am 64b0062a: Merge "Load fewer classes when ↵Alex Klyubin2015-04-031-15/+23
|\ \ | |/ | | | | | | | | | | AndroidKeyStore provider is installed." * commit 'ba88b692f1a489de308dcf5b5420a23166a94487': Load fewer classes when AndroidKeyStore provider is installed.
| * Load fewer classes when AndroidKeyStore provider is installed.Alex Klyubin2015-04-031-15/+23
| | | | | | | | | | | | | | | | | | | | This avoids loading all AndroidKeyStore crypto SPI classes when the AndroidKeyStore provider is instantiated and installed. This provider is installed early on during the initialization of each app. Most apps don't need these classes loaded. Bug: 18088752 Change-Id: Ib43c9dd6a7d434b128916e0f9c8652ba61df0d47
* | resolved conflicts for merge of b068f162 to masterAlex Klyubin2015-04-037-54/+78
|\ \ | |/ | | | | Change-Id: I5bc234e1da047880d3437a861ff93474a9797e18
| * Merge "Rename KeymasterException to KeyStoreException."Alex Klyubin2015-04-037-51/+75
| |\
| | * Rename KeymasterException to KeyStoreException.Alex Klyubin2015-04-027-51/+75
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The code in question talks to KeyStore which returns error codes which are a mix of keystore and keymaster error codes. To better match the layering of KeyStore on top of keystore and keymaster, this CL renames KeymasterException into KeyStoreException. It also adds human-readable error messages to exceptions raised by keystore rather than keymaster (e.g., key not found). Bug: 18088752 Change-Id: I4cd1235e16518c9f2e8c5557a457774c6e687b88
* | | am 54d583c1: am e797eb2e: am 377885e1: Merge "Mark all test keys as no auth ↵Chad Brubaker2015-04-031-0/+32
|\ \ \ | |/ / | | | | | | | | | | | | | | | required" * commit '54d583c148fd14034afc751ad70ab772de55eb92': Mark all test keys as no auth required
| * | Merge "Mark all test keys as no auth required"Chad Brubaker2015-04-031-0/+32
| |\ \
| | * | Mark all test keys as no auth requiredChad Brubaker2015-04-021-0/+32
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Now that auth token checks are in keystore keys without any auth tags are invalid. Also adds a test to check that a key with auth required fails when none is present. Change-Id: I0d5d44d70a849978e9b2e809675b8343c6650ff2
generated by cgit v1.1 at 2025-01-25 04:02:07 +0000