| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
Change-Id: I8c886c67ba081255ef18eb0f99ca1e6003fabb33
|
| |
|
|
|
| |
Change-Id: Ia507a1378487640683985dbce2e76679261900d3
(cherry picked from commit 3eed99a54b55a120c835de63b5872121b2fe98d1)
|
| |
|
|
|
|
|
|
|
| |
Rescoping was never a very good solution to the problem of supporting
multiple sets of authorizations for a given key material. For M we're
removing it and in the future a better solution will be provided.
Change-Id: I6f7585274487bd66e4d90e89014af41e9aa30411
(cherry picked from commit 7f10ab99fc63e99252d924b9e0bdfefef5374b40)
|
| |
|
|
|
| |
Bug: 20127433
Change-Id: I32eab62459003c526d3cf9ef108be7b2fd709960
|
| |
|
|
|
|
|
| |
This designates keys whose origin cannot be determined because the
keymaster implementation is old and did not record it.
Change-Id: I3c366d527ed211c59f6dc04ddb48f3e9b3a07c7d
|
| |
|
|
|
|
|
|
|
| |
Note that there's a pre-requisite to landing this CL: The Nexus 9
keystore.flounder.so must be modified to translate between new and old
tag numbers when the TEE side is version 0.
Bug: 19509156
Change-Id: Ic584d8a6bf5601f9754563b67b3cc6b3ca6b5ff9
|
| |
|
|
| |
Change-Id: Iaba6156f238ea3bb1ad103b88ccea17344d296af
|
| |
|
|
| |
Change-Id: I3a0830ab2066d4c16c084d19040ec98e520896d4
|
| |
|
|
| |
Change-Id: If04ffc8e92678f57e2b730f77c0fab195e1096c4
|
| |
|
|
| |
Change-Id: Id5c660feb7e71ea76473523e3a86e1ba01f19c82
|
| |
|
|
| |
Change-Id: I8f804978208e2c8701bd52dc79b5597a307b7e7a
|
| |
|
|
| |
Change-Id: Ibffddc5c3a5c728182f5ca7f6a76381413fc8645
|
| |
|
|
|
|
|
|
|
|
| |
This tag identifies the user authorized to use the key. Unlike
KM_TAG_USER_ID, its value does not reference the Linux-side user ID, but
a secure-world user ID, generated and managed by secure-world
authentication apps.
Bug: 19511945
Change-Id: I629ab2c47ee6d42de20a963ef283e330364c8ee7
|
| |
|
|
|
|
|
| |
For compatibility with Trusty. I'll probably revert this later after I
find a proper fix for Trusty.
Change-Id: I49b4ae55251398eec2a6633e09bbc468f16a4d14
|
| |
|
|
|
|
|
|
| |
We may want to put the auth token structure elsewhere; it's consumed by
keymaster but produced by other components.
Bug: 19511945
Change-Id: Id9a22ad32137f3e0380c2812f790bbecab511d11
|
| |
|
|
| |
Change-Id: I78cac1887fd41dd426e7d125a5f9c54e73188983
|
| |
|
|
|
|
| |
This provides a reasonable ordering for params.
Change-Id: I1e3b403070d9e7621cc55c03ff9876ea3bbc699f
|
| |
|
|
|
|
|
|
|
| |
For now the keymaster1 HAL still includes all of the keymaster0 entry
points, and soft_keymaster_device will continue to implement them. In
the near future the keymaster0 entry points will be removed, as soon as
we can ensure that keystore no longer needs them.
Change-Id: I5c54282c12d1c4b8b22ed4929b6e6c724a94ede4
|
| |
|
|
| |
Change-Id: I18478923059783e955613142a8d3352f98f5d7b0
|
| |\
| |
| |
| |
| |
| | |
* changes:
Added insecure (chunkless) AEAD option.
Add additional param lists to update and finish.
|
| | |
| |
| |
| |
| |
| |
| | |
Also moved chunk length specification to operation parameter rather than
keygen parameter.
Change-Id: Id4bdfdcb1c7b64b3f22b4027e037e37c2860ec39
|
| |\ \
| |/ |
|
| | |
| |
| |
| | |
Change-Id: Ieddd706ee205100719f7e2f9e18b3d9b07c37669
|
| |/
|
|
| |
Change-Id: I4113286396b16ca687fbd8bc38b2f16063fc1024
|
| |
|
|
| |
Change-Id: I38700cdafcf1f244584d6e88f8d9540c70a7de56
|
| |
|
|
| |
Change-Id: I088e6094ec56f434356d11ab2032b1a5b1223334
|
| |
|
|
| |
Change-Id: I7c3c5bd5f26a4d465554c998f673e0ee2ab8b86e
|
| |
|
|
|
|
| |
KM_ERROR_UNSUPPORTED_MAC_LENGTH.
Change-Id: I514a136b5cbdb1ab1df67d44a22d68a09427a711
|
| |
|
|
|
|
|
|
|
|
|
| |
Change the boolean KM_TAG_SINGLE_USE_PER_BOOT to an integer-valued
KM_TAG_USES_PER_BOOT. This makes it more flexible without changing
implementation complexity.
Remove KM_TAG_RESCOPE_AUTH_TIMEOUT because there's no clear use case and
it seems unnecessarily complex.
Change-Id: Iad1512f5cc80f517e5ea7622288179c162bed2ad
|
|
|
Change-Id: I040412443bbbe25bce3d44759d710b78eac36caa
|
