| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
| |
sizeof(mBlob.value) is incorrect because writeBlob pads up to the next
AES_BLOCK_SIZE
Bug:22802399
Change-Id: I377edca2c7ea2cf4455f22f5f927fdad79893729
Tested-by: Wolfgang Wiedmeyer <wolfgit@wiedmeyer.de>
|
|
|
|
|
|
|
|
|
|
|
| |
Applications can specify arbitrary blobs using insert(), check their
length to prevent overflow issues.
Bug:22802399
Change-Id: I4097bd891c733914df70da5e2c58783081d913bf
Conflicts:
keystore/keystore.cpp
|
|\
| |
| |
| |
| | |
* commit '878c359db8ecac6390592f7f3de19c77f28113a2':
Add getmtime command for keys
|
| |\ |
|
| |/
| |
| |
| |
| |
| | |
This allows you to check when a key was last modified.
Change-Id: I167844d9a50e26aadfc73a2252b937d2ef09f09d
|
|\ \
| |/
| |
| |
| | |
* commit 'e7f9da44646b8eb66ef2e7b163176b5272216e86':
Clear out ENGINE flags when initializing
|
| |\ |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
We don't need our engine to be copied when initialized with
ENGINE_by_id, so just make sure our flags are cleared when we
initialize.
Change-Id: Ie75fad37c2f78a769c425889c1d0661b468cd0c7
|
|\ \ \
| |/ /
| | |
| | |
| | | |
* commit '593786c9b885a48a2674e3ebb5c3bab265de2e51':
keymaster HAL users don't need delete_keypair
|
| |\ \
| | |/
| |/| |
|
| |/
| |
| |
| |
| |
| |
| |
| |
| | |
The keymaster HAL implementations don't need the delete_keypair method,
but keystore currently throws an error when it's not implemented. This
causes problems with at least the OpenSSL software implementation.
Bug: 6985351
Change-Id: I3d7f7dce2a6d4aad38c20f555ab16aa45f1823b8
|
|\ \
| | |
| | |
| | | |
Change-Id: Ic25a71c0dcde3cda15caaafd93004f477671db24
|
| |\ \ |
|
|\ \ \ \
| |_|/ /
|/| | /
| | |/
| |/| |
* commit 'aa8467e59b561f454ff7ec902aae688145d8d297':
Handle keynames with special characters such as - and .
|
| |\ \
| | |/
| |/| |
|
| |/
| |
| |
| |
| |
| |
| |
| |
| | |
Bug: http://code.google.com/p/android/issues/detail?id=34577
Bug: 6837950
(cherry-picked from 0114bd9f9bbc2458ca77bf3508e7c15992a432b1)
Change-Id: I0c265fe73c1b2c430ffd196a21691264f8f3b555
|
|/
|
|
|
|
|
| |
Bug: http://code.google.com/p/android/issues/detail?id=34577
Bug: 6837950
Change-Id: Id441e341073558ab8b20144a7e7f4f7a92c6a19e
|
|
|
|
|
|
|
| |
The peril of not using calloc mean delete_all is not initialized until
we explcitly set it. Explicitly set delete_all to NULL to avoid that.
Change-Id: Ic370453e6142c6d1b2566df9844b4fac4bc53042
|
|
|
|
|
|
|
|
| |
ENGINE_by_id will load up multiple copies of the engine which will
create a new ex_data index each time it's called. This change makes sure
the ex_data index is only initialized once.
Change-Id: I5e197faf6273ec3b3cafcbeadf7da8ec04a4f50b
|
|
|
|
|
|
|
| |
This is so that Face Unlock can be a valid option for a lockscreen.
Otherwise get a PERMISSION_DENIED when uid = 101000.
Change-Id: I0085b27dbd4d2f1988ba654acadd72c30f76a47e
|
|
|
|
|
|
|
|
|
| |
Turn on the compiler flags -Wall -Wextra -Werror to make sure no
compiler warnings are added to the project.
Eliminate all unused arguments. Remove unused variables in code.
Change-Id: I0940ba897ac716b4a256f94fcd671f1ff5abc62c
|
|
|
|
|
|
|
| |
Use the UniquePtr.h include from frameworks/native/include/utils
to fix the pdk build.
Change-Id: Ic415b43d2eb8c0b7ef54b6f3f75b7fa0d5f7a058
|
|
|
|
|
|
|
|
| |
Old key types were not distinguished by the keystore itself. This change
takes some of the reserved fields in the old format and changes it to a
version number and key type.
Change-Id: I45bd4cdce042617641fe7bd742bbe26da6024996
|
|
|
|
|
|
|
|
|
| |
To allow efficient deletion by hardware keymaster modules, add a direct
delete_all call when keystore is reset. This will also probably fix
problems where the hardware keymaster gets more keys than keystore knows
about and fills up its storage.
Change-Id: I452e2e609802201dc7db2f52f95b44d72f79efa2
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add hardware crypto capabilities to keystore. This allows hardware
escrow of private key material.
There is also an OpenSSL engine that connects to keystore to allow use
of the keystore keys from native code built into the platform.
This includes a software implementation of keymaster using OpenSSL
as the backend. This is just as insecure as the previous solution,
but it's needed so devices without hardware support can continue
to operate in the new scheme without a lot of compatibility code.
Change-Id: I2bc67766e1f633ef1cbbd2874a65962074e84f4f
|
|
|
|
|
|
|
|
|
|
| |
Add a libkeystore_client.so library for clients to use.
Add const-correctness to the keystore.cpp classes.
Increase maximum arguments for future work.
Change-Id: Ia22f8b893aea3115a7b4a0543ad392c17c8528f2
|
|
|
|
|
|
|
| |
Move keystore from frameworks/base at commit
57ff581bd9b16a192a567f84d0e0a5c82d866343
Change-Id: I1e62488d63810f14e40ffb3d192925ff4eeb8906
|
|
|