summaryrefslogtreecommitdiffstats
path: root/keystore
Commit message (Collapse)AuthorAgeFilesLines
* Merge "Remove DSA support from Android KeyStore and KeyChain."Alex Klyubin2015-01-164-601/+9
|\
| * Remove DSA support from Android KeyStore and KeyChain.Alex Klyubin2015-01-144-601/+9
| | | | | | | | | | | | | | We're switching from OpenSSL to BoringSSL which does not support DSA. Bug: 17409664 Change-Id: Id9b52666ba9ef234076105c925610b5b312988a5
* | Merge "Add KeyPairGenerator.EC backed by Android KeyStore."Alex Klyubin2015-01-164-90/+140
|\ \ | |/ |/|
| * Add KeyPairGenerator.EC backed by Android KeyStore.Alex Klyubin2015-01-144-90/+140
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The Android KeyStore backed KeyPairGenerator can generate EC key pairs, but it cannot be instantiated via the standard JCA approach of KeyPairGenerator.getInstance("EC", "AndroidKeyStore"). Instead, the user must invoke KeyPairGenerator.getInstance("RSA", "AndroidKeyStore") and then tell it to generate an EC key pair. This CL fixes this weirdness. The fix requires the introduction of late resolution of key algorithm and default key size. Prior to this CL, these parameters were resolved prior to KeyPairGenerator initialization, inside KeyPairGeneratorSpec. In this CL, these parameters are resolved during KeyPairGenerator initialization. This is fine because KeyPairGeneratorSpec should be as dumb as possible and all the logic should reside in KeyPairGenerator and lower layers. Bug: 19018089 Change-Id: I114502356e6c9691518cf05b6d9eb0920b4fe0b2
* | Generate IKeystoreService using aidlChad Brubaker2015-01-131-1/+2
|/ | | | | | | | This replaces IKeystoreService.java with IKeystoreService.aidl and changes the methods that passed down a byte[][] to instead pass down a KeystoreArguments which is currently a thin parcelable wrapper around a byte[][]. Change-Id: I6367bcf57562f41a27aab14f1903b74995cb65c2
* Track change to ConscryptKenny Root2014-11-264-34/+4
| | | | Change-Id: I8814fd0720acf09332927f184fdd9b2cdac4f413
* Correct test data size in keystore signing and verification tests.Shawn Willden2014-09-141-15/+16
| | | | | | | | | The test is sending too much data to be signed, which should actually fail, and does on Volantis. Apparently the other keymaster implementors do something to pass it, because shamu and hammerhead pass, but the test is wrong. Change-Id: Ic616a551567d64f5d87d9607ceb08afa7be74f9d
* Add DevicePolicyManager PrivateKey mgmtBernhard Bauer2014-09-111-0/+3
| | | | | | | | Additional device policy API to install keypairs to the keychain silently. Bug: 15065444 Change-Id: Idc25774c9ab1a61080290bebd6f5c4f24e6ee2e0
* Extend IKeyChainService AIDL with CACert retrievalZoltan Szatmary-Ban2014-09-082-1/+9
| | | | | Bug:16029580 Change-Id: I41a3bd2f3bd95550e59f1d0d0acd0e765d7b62d7
* Keep managed profile keystores in sync with ownerRobin Lee2014-08-291-0/+30
| | | | | | | | Fixes setting a keyguard password for keystore in a multi-user setup while we're at it. Bug: 16233206. Change-Id: I7941707ca66ac25bd122fd22e5e0f639e7af697e
* Revert "Revert "Revert "Revert "Revert "Update Trusted Credentials screen in ↵Zoltan Szatmary-Ban2014-08-152-9/+1
| | | | | | | | settings""""" This reverts commit c9249c69813c6fb889d71d84583c67ae2942e6de. Change-Id: I5504fddaf7b18efb73cd6c76678b3b39ce9b0229
* Revert "Revert "Revert "Revert "Update Trusted Credentials screen in ↵Zoltan Szatmary-Ban2014-08-152-1/+9
| | | | | | | | | | settings"""" This reverts commit 87efe74e092236c372d3b6909009641123aa416a. This should be fine now with all the dependency CLs +2-ed Change-Id: I96ad14ad5ff81e6b5391035cb6c5a62339c6cc40
* Revert "Revert "Revert "Update Trusted Credentials screen in settings"""Narayan Kamath2014-08-152-9/+1
| | | | | | This reverts commit 19c8ce291e89a9ef1442a20e1feab421b11536d7. Change-Id: Ie5a5571127311e0a29f314c0566e779cfe940b53
* Revert "Revert "Update Trusted Credentials screen in settings""Zoltan Szatmary-Ban2014-08-152-1/+9
| | | | | | This reverts commit 0f0de0bdd021bad5f85fdb0399a4ea91a1611e25. Change-Id: Ia3d0907e3d7c2ec42d64e45f60e3dfaffb932c3d
* Revert "Update Trusted Credentials screen in settings"Zoltan Szatmary-Ban2014-08-072-9/+1
| | | | | | This reverts commit 4fde5aa9fab931d9becfc49f7d7b8526ad5640d9. Change-Id: I581c38d64e9829b0079bafa42615f2aa0bf64763
* Update Trusted Credentials screen in settingsZoltan Szatmary-Ban2014-07-292-1/+9
| | | | | | | | | | Trusted credentials for both the primary user and its managed profiles are shown on the Trusted Credentials fragment. All functionalities (e.g. disabling/enabling of certificates) remain available. Bug: 16029580 Change-Id: Ia92ae02d8c572bf4a3be172f6c255726cefc0fa1
* Merge "Revert "Revert "Publish DevicePolicyManager CA certificate APIs"""Robin Lee2014-06-171-3/+14
|\
| * Revert "Revert "Publish DevicePolicyManager CA certificate APIs""Robin Lee2014-06-191-3/+14
| | | | | | | | | | | | This reverts commit 792b270dbdc980cfe04e8d461bf00a1f45b5e936. Change-Id: I18c7e0eca39868230cd8e4f4bbeb3c44ff9e8b78
* | Merge "Revert "Publish DevicePolicyManager CA certificate APIs""Robin Lee2014-06-171-14/+3
|\ \ | |/
| * Revert "Publish DevicePolicyManager CA certificate APIs"Robin Lee2014-06-171-14/+3
| | | | | | | | | | | | This reverts commit 5260bf69946563dc47c17e7441b352adfce384c5. Change-Id: I5e44fdac8a7375576b25171f58e31a1fa0e3c569
* | Merge "Publish DevicePolicyManager CA certificate APIs"Robin Lee2014-06-171-3/+14
|\ \ | |/
| * Publish DevicePolicyManager CA certificate APIsRobin Lee2014-06-111-3/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | Exposes these methods: - hasCaCertInstalled - hasAnyCaCertsInstalled - installCaCert - uninstallCaCert Allows device and profile owners to perform some certificate management including querying for and enabling/disabling specific CA certificates. Change-Id: I4aa8a1a8601b234e30acde99dfa382e04cb62495
* | am b1cb5aab: am 748856f2: am a7ddd029: am 80e84e2d: am f3cecfa2: am ↵Robert Ly2014-06-112-4/+4
|\ \ | |/ |/| | | | | | | | | 55d525b2: am 716cc7dc: Add documentation for AndroidKeyStore * commit 'b1cb5aabeb68815715eed423f1f9a7edb9a3e938': Add documentation for AndroidKeyStore
| * am f3cecfa2: am 55d525b2: am 716cc7dc: Add documentation for AndroidKeyStoreRobert Ly2014-06-102-4/+4
| |\ | | | | | | | | | | | | * commit 'f3cecfa2185ef5622992b21da8204b8b6590ef2d': Add documentation for AndroidKeyStore
| | * am 55d525b2: am 716cc7dc: Add documentation for AndroidKeyStoreRobert Ly2014-06-102-4/+4
| | |\ | | | | | | | | | | | | | | | | * commit '55d525b26b716351625798675afe69c6cf43cf5a': Add documentation for AndroidKeyStore
| | | * Add documentation for AndroidKeyStoreRobert Ly2014-05-072-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add exposition about the use cases for AndroidKeyStore and links to the API sample application for different use cases. Bug: 8608817 Change-Id: Ic4ce9405781c92f12687895b28c671661ea5524f
* | | | Use the correct package name for CHOOSERKenny Root2014-03-171-1/+6
| | | | | | | | | | | | | | | | | | | | Bug: 13013106 Change-Id: I1f715de18e7108274f5a98234376d48c2d329438
* | | | KeyChain: add explicit package for getPrivateKeyKenny Root2014-02-071-1/+7
| | | | | | | | | | | | | | | | | | | | Bug: 9964538 Change-Id: If67c1938e9506d4fa81b241bcbce2193d1b194ef
* | | | Remove unused imports from frameworks/base.John Spurlock2013-11-205-11/+0
|/ / / | | | | | | | | | Change-Id: Ia1f99bd2c1105b0b0f70aa614f1f4a67b2840906
* | | Add argument to binder call to check key typesKenny Root2013-09-052-3/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | Before there was only one key type supported, so we didn't need to query a key type. Now there is DSA, EC, and RSA, so there needs to be another argument. Bug: 10600582 Change-Id: I9fe9e46b9ec9cfb2f1246179b2c396216b2c1fdb
* | | Unhide functions to allow ECDSA supportKenny Root2013-09-031-6/+0
| | | | | | | | | | | | | | | Bug: 10600582 Change-Id: Ic710807d7e771737521e0abd83af2f666ec1199c
* | | Add support for DSA and ECDSA key typesKenny Root2013-09-037-196/+1450
| | | | | | | | | | | | | | | | | | | | | (cherry picked from commit f64386fc26efeb245fd90fabaa47b8c8bf9b4613) Bug: 10600582 Change-Id: I88dfcc8ca602f55fad54bd8bf043aee460c0de24
* | | Add methods for managing CAs to DevicePolicyManager(Service)Maggie Benthall2013-08-201-1/+4
|/ / | | | | | | | | | | | | | | | | | | | | | | Guard install/uninstall by enforcing that the caller have the new system-only permission MANAGE_CA_CERTIFICATES. Also include API methods for asking whether there are any User CA certs installed, or if one by a particular name is installed in the keystore. CA certs will be installed via KeyChain into the TrustedCertificateStore. Bug: 8232670 Change-Id: I17b47a452e72eb4fe556dc6db823a46c6e854be8
* | resolved conflicts for merge of fca0f92e to stage-aosp-masterElliott Hughes2013-06-282-6/+6
|\ \ | | | | | | | | | Change-Id: I4791f0ffa324a313b8390fbde6d8f82f716ecf74
| * | Switch frameworks/base over from @hidden Charsets to public StandardCharsets.Elliott Hughes2013-06-282-6/+6
| | | | | | | | | | | | | | | Bug: 3484927 Change-Id: I5d136d2ee629588538602766a182ae14ce5fc63c
* | | am cd1de394: Merge "Track change in NativeCrypto"Kenny Root2013-05-061-0/+2
|\ \ \ | |/ / | | | | | | | | | * commit 'cd1de3940d9c389b6e69a7040c67d3abb8458ad2': Track change in NativeCrypto
| * | Track change in NativeCryptoKenny Root2013-05-061-0/+2
| | | | | | | | | | | | Change-Id: Ic04d4ac5218795fc226f1751b6ae4db1ae73a930
* | | resolved conflicts for merge of 1f6e789b to jb-mr2-dev-plus-aospKenny Root2013-04-295-7/+7
|\ \ \ | |/ / | | / | |/ |/| Change-Id: I06c05d637613215b6d83df3e29cd495f6a5a0176
| * Track change to JSSE providerKenny Root2013-04-295-7/+7
| | | | | | | | Change-Id: I35e824e47ad758ab6408e91e2ba5dcda053a82f5
| * AndroidKeyStore: Add encrypted flagKenny Root2013-04-159-136/+732
| | | | | | | | | | | | | | | | | | | | Add the encrypted flag for the KeyPairGenerator and the KeyStore so that applications can choose to allow entries when there is no lockscreen. (partial cherry pick from commit 2eeda7286f3c7cb79f7eb71ae6464cad213d12a3) Bug: 8122243 Change-Id: I5ecd9251ec79ec53a3b68c0fff8dfba10873e36e
| * keystore: Add flag for blobs to be unencryptedKenny Root2013-04-151-6/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | In order to let apps use keystore more productively, make the blob encryption optional. As more hardware-assisted keystores (i.e., hardware that has a Keymaster HAL) come around, encrypting blobs start to make less sense since the thing it's encrypting is usually a token and not any raw key material. (cherry picked from commit a3788b00bb221e20abdd42f747d2af419e0a088c) Bug: 8122243 Change-Id: Ifc1c64743651b23a4eace208ade0176af47ea989
| * Remove keystore entries when package removedKenny Root2013-04-021-0/+9
| | | | | | | | | | | | | | | | | | Add a hook into PackageManagerService so that when app IDs are completely removed, we erase all entries from keystore for those UIDs that have gone away. Bug: 3020069 Change-Id: Id4b1d51a5fa4c418865055635a84bebcf5b65ec8
| * KeyStore: add API to query storage typeKenny Root2013-03-291-0/+9
| | | | | | | | | | | | | | Add an API to keystore daemon to query what kind of storage is currently in use. Change-Id: I5a83ae92250ca63b691dcf1beb8b3e1703797745
* | Rename API AndroidKey* -> Key*Kenny Root2013-04-188-76/+80
| | | | | | | | | | Bug: 8657552 Change-Id: Id9102b7c2c2f6d27fba7645f0629750cfe1eb510
* | keystore: remove old APIsKenny Root2013-04-121-24/+0
| | | | | | | | | | | | | | | | Remove the APIs that don't specify the flags so callers know what they're getting. Bug: 8122243 Change-Id: Ifaef6fb1d16010237c01f9d11f2053bb6b3980c0
* | Remove old KeyStore call sitesKenny Root2013-04-122-113/+175
| | | | | | | | | | | | | | | | Remove the call sites that don't have the flags specified. This is to ensure that callers know what flags they're setting. Bug: 8122243 Change-Id: Ifbd178fddbf8dbd8f7b821ea739a20d056ef9fa7
* | AndroidKeyStore: Add encrypted flagKenny Root2013-04-129-136/+730
| | | | | | | | | | | | | | | | Add the encrypted flag for the KeyPairGenerator and the KeyStore so that applications can choose to allow entries when there is no lockscreen. Bug: 8122243 Change-Id: Ia802afe965f2377ad3f282dab8c512388c705850
* | keystore: Add flag for blobs to be unencryptedKenny Root2013-04-101-6/+21
| | | | | | | | | | | | | | | | | | | | | | In order to let apps use keystore more productively, make the blob encryption optional. As more hardware-assisted keystores (i.e., hardware that has a Keymaster HAL) come around, encrypting blobs start to make less sense since the thing it's encrypting is usually a token and not any raw key material. Bug: 8122243 Change-Id: If9af0d992d68edec006e630c687df3d03a7c9608
* | Revert "Remove AndroidKeyStore from API"Kenny Root2013-04-061-2/+0
| | | | | | | | | | | | This reverts commit ce24985ad636c38b6ee01ec9cdecfb038bfeaeb6. Change-Id: I02d6492c8db869619694c7209bb37522a7ec5a29
* | Remove keystore entries when package removedKenny Root2013-04-031-0/+9
| | | | | | | | | | | | | | | | | | | | | | Add a hook into PackageManagerService so that when app IDs are completely removed, we erase all entries from keystore for those UIDs that have gone away. (cherry picked from commit 95e3ee3971915b323e5c13dcfe3b12a4180850cd) Bug: 3020069 Change-Id: I374258ccc103f8cb3e238f2bf0d1afda0659db94
generated by cgit v1.1 at 2025-02-09 19:55:09 +0000