| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
| |
Add SOTER tags and API definations according to SOTER
specification.
Change-Id: I20ba0f51d8825a326b51f47ef4d2a3e4f60e2172
|
|
|
|
|
| |
Bug: 22291207
Change-Id: I130d2ab2110321dc2228d41a154750da3a3f0b75
|
|
|
|
|
|
|
|
|
|
| |
This allows the binding of minimum length for MACs or tags to HMAC keys
and AEAD symmetric keys. Later attempts to use these keys with a
shorter MAC or tag specification (provided to begin() with
KM_TAG_MAC_LENGTH) will fail with KM_ERROR_INVALID_MAC_LENGTH.
Bug: 22337277
Change-Id: Ic5292ce01bdd6ecde25aad115e4b407aadc85f23
|
|
|
|
|
|
|
|
| |
unsigned.""
This reverts commit 1fb6c227deb04b66dc0fe947a7ebb027dde0ecda.
Change-Id: Iccc8a7ff40a694b1e4420a5de4b847e62289ff42
|
|
|
|
|
|
| |
This reverts commit 335920edaec77b77eac09f7966c337cbed93aa17.
Change-Id: Ib65f744b93ad2b62d5848dcf743397124a08911b
|
|
|
|
|
| |
Bug: 22008538
Change-Id: I699a0f03aaf0f9f49a78b310763364fc2fb34c90
|
|
|
|
|
| |
Bug: 21607106
Change-Id: I2e5515efe51b84200ade8c4c4cc5db3800d4b658
|
|
|
|
|
|
|
|
|
| |
I'd just remove them but Trusty keymaster has been generating keys with
KM_TAG_ALL_USERS and KM_TAG_ALL_APPLICATIONS, so removing them without
breaking those keys is tricky. Plus I think they may come back.
Bug: 21845167
Change-Id: I3b807e3e4bee64eba72b7fa6f1ee1929c4ca9dd0
|
|
|
|
|
| |
Bug: 19919114
Change-Id: I06fdd0f9b8e247587d800031d3367078423baa50
|
|
|
|
| |
Change-Id: Ibc8e023e3712903dbcbfac5fc64223e32775fe40
|
|
|
|
|
| |
Bug: 19919114
Change-Id: I384f3d2fee2f68279c6518d9ac0a79e29bed0e52
|
|
|
|
| |
Change-Id: I8c886c67ba081255ef18eb0f99ca1e6003fabb33
|
|
|
|
|
| |
Change-Id: Ia507a1378487640683985dbce2e76679261900d3
(cherry picked from commit 3eed99a54b55a120c835de63b5872121b2fe98d1)
|
|
|
|
|
|
|
|
|
| |
Rescoping was never a very good solution to the problem of supporting
multiple sets of authorizations for a given key material. For M we're
removing it and in the future a better solution will be provided.
Change-Id: I6f7585274487bd66e4d90e89014af41e9aa30411
(cherry picked from commit 7f10ab99fc63e99252d924b9e0bdfefef5374b40)
|
|
|
|
|
| |
Bug: 20127433
Change-Id: I32eab62459003c526d3cf9ef108be7b2fd709960
|
|
|
|
|
|
|
| |
This designates keys whose origin cannot be determined because the
keymaster implementation is old and did not record it.
Change-Id: I3c366d527ed211c59f6dc04ddb48f3e9b3a07c7d
|
|
|
|
|
|
|
|
|
| |
Note that there's a pre-requisite to landing this CL: The Nexus 9
keystore.flounder.so must be modified to translate between new and old
tag numbers when the TEE side is version 0.
Bug: 19509156
Change-Id: Ic584d8a6bf5601f9754563b67b3cc6b3ca6b5ff9
|
|
|
|
| |
Change-Id: Iaba6156f238ea3bb1ad103b88ccea17344d296af
|
|
|
|
| |
Change-Id: I3a0830ab2066d4c16c084d19040ec98e520896d4
|
|
|
|
| |
Change-Id: If04ffc8e92678f57e2b730f77c0fab195e1096c4
|
|
|
|
| |
Change-Id: Id5c660feb7e71ea76473523e3a86e1ba01f19c82
|
|
|
|
| |
Change-Id: I8f804978208e2c8701bd52dc79b5597a307b7e7a
|
|
|
|
| |
Change-Id: Ibffddc5c3a5c728182f5ca7f6a76381413fc8645
|
|
|
|
|
|
|
|
|
|
| |
This tag identifies the user authorized to use the key. Unlike
KM_TAG_USER_ID, its value does not reference the Linux-side user ID, but
a secure-world user ID, generated and managed by secure-world
authentication apps.
Bug: 19511945
Change-Id: I629ab2c47ee6d42de20a963ef283e330364c8ee7
|
|
|
|
|
|
|
| |
For compatibility with Trusty. I'll probably revert this later after I
find a proper fix for Trusty.
Change-Id: I49b4ae55251398eec2a6633e09bbc468f16a4d14
|
|
|
|
|
|
|
|
| |
We may want to put the auth token structure elsewhere; it's consumed by
keymaster but produced by other components.
Bug: 19511945
Change-Id: Id9a22ad32137f3e0380c2812f790bbecab511d11
|
|
|
|
| |
Change-Id: I78cac1887fd41dd426e7d125a5f9c54e73188983
|
|
|
|
|
|
| |
This provides a reasonable ordering for params.
Change-Id: I1e3b403070d9e7621cc55c03ff9876ea3bbc699f
|
|
|
|
|
|
|
|
|
| |
For now the keymaster1 HAL still includes all of the keymaster0 entry
points, and soft_keymaster_device will continue to implement them. In
the near future the keymaster0 entry points will be removed, as soon as
we can ensure that keystore no longer needs them.
Change-Id: I5c54282c12d1c4b8b22ed4929b6e6c724a94ede4
|
|
|
|
| |
Change-Id: I18478923059783e955613142a8d3352f98f5d7b0
|
|\
| |
| |
| |
| |
| | |
* changes:
Added insecure (chunkless) AEAD option.
Add additional param lists to update and finish.
|
| |
| |
| |
| |
| |
| |
| | |
Also moved chunk length specification to operation parameter rather than
keygen parameter.
Change-Id: Id4bdfdcb1c7b64b3f22b4027e037e37c2860ec39
|
|\ \
| |/ |
|
| |
| |
| |
| | |
Change-Id: Ieddd706ee205100719f7e2f9e18b3d9b07c37669
|
|/
|
|
| |
Change-Id: I4113286396b16ca687fbd8bc38b2f16063fc1024
|
|
|
|
| |
Change-Id: I38700cdafcf1f244584d6e88f8d9540c70a7de56
|
|
|
|
| |
Change-Id: I088e6094ec56f434356d11ab2032b1a5b1223334
|
|
|
|
| |
Change-Id: I7c3c5bd5f26a4d465554c998f673e0ee2ab8b86e
|
|
|
|
|
|
| |
KM_ERROR_UNSUPPORTED_MAC_LENGTH.
Change-Id: I514a136b5cbdb1ab1df67d44a22d68a09427a711
|
|
|
|
|
|
|
|
|
|
|
| |
Change the boolean KM_TAG_SINGLE_USE_PER_BOOT to an integer-valued
KM_TAG_USES_PER_BOOT. This makes it more flexible without changing
implementation complexity.
Remove KM_TAG_RESCOPE_AUTH_TIMEOUT because there's no clear use case and
it seems unnecessarily complex.
Change-Id: Iad1512f5cc80f517e5ea7622288179c162bed2ad
|
|
Change-Id: I040412443bbbe25bce3d44759d710b78eac36caa
|