summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Properly check for Blob max lengthHEADmasterChad Brubaker2015-10-181-4/+4
| | | | | | | | | sizeof(mBlob.value) is incorrect because writeBlob pads up to the next AES_BLOCK_SIZE Bug:22802399 Change-Id: I377edca2c7ea2cf4455f22f5f927fdad79893729 Tested-by: Wolfgang Wiedmeyer <wolfgit@wiedmeyer.de>
* Fix unchecked length in Blob creationChad Brubaker2015-10-181-1/+10
| | | | | | | | | | | Applications can specify arbitrary blobs using insert(), check their length to prevent overflow issues. Bug:22802399 Change-Id: I4097bd891c733914df70da5e2c58783081d913bf Conflicts: keystore/keystore.cpp
* am 878c359d: Merge "Add getmtime command for keys"Kenny Root2012-08-202-1/+37
|\ | | | | | | | | * commit '878c359db8ecac6390592f7f3de19c77f28113a2': Add getmtime command for keys
| * Merge "Add getmtime command for keys"Kenny Root2012-08-202-1/+37
| |\
| | * Add getmtime command for keysKenny Root2012-08-202-1/+37
| |/ | | | | | | | | | | This allows you to check when a key was last modified. Change-Id: I167844d9a50e26aadfc73a2252b937d2ef09f09d
* | am e7f9da44: Merge "Clear out ENGINE flags when initializing"Kenny Root2012-08-151-0/+1
|\ \ | |/ | | | | | | * commit 'e7f9da44646b8eb66ef2e7b163176b5272216e86': Clear out ENGINE flags when initializing
| * Merge "Clear out ENGINE flags when initializing"Kenny Root2012-08-151-0/+1
| |\
| | * Clear out ENGINE flags when initializingKenny Root2012-08-151-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | We don't need our engine to be copied when initialized with ENGINE_by_id, so just make sure our flags are cleared when we initialize. Change-Id: Ie75fad37c2f78a769c425889c1d0661b468cd0c7
* | | am 593786c9: Merge "keymaster HAL users don\'t need delete_keypair"Kenny Root2012-08-141-7/+13
|\ \ \ | |/ / | | | | | | | | | * commit '593786c9b885a48a2674e3ebb5c3bab265de2e51': keymaster HAL users don't need delete_keypair
| * | Merge "keymaster HAL users don't need delete_keypair"Kenny Root2012-08-141-7/+13
| |\ \ | | |/ | |/|
| | * keymaster HAL users don't need delete_keypairKenny Root2012-08-141-7/+13
| |/ | | | | | | | | | | | | | | | | The keymaster HAL implementations don't need the delete_keypair method, but keystore currently throws an error when it's not implemented. This causes problems with at least the OpenSSL software implementation. Bug: 6985351 Change-Id: I3d7f7dce2a6d4aad38c20f555ab16aa45f1823b8
* | Reconcile with jb-releaseThe Android Open Source Project2012-07-270-0/+0
|\ \ | | | | | | | | | Change-Id: Ic25a71c0dcde3cda15caaafd93004f477671db24
| * \ merge in jb-release history after reset to jb-devThe Android Automerger2012-07-240-0/+0
| |\ \
* | \ \ am aa8467e5: Merge "Handle keynames with special characters such as - and ."Brian Carlstrom2012-07-190-0/+0
|\ \ \ \ | |_|/ / |/| | / | | |/ | |/| * commit 'aa8467e59b561f454ff7ec902aae688145d8d297': Handle keynames with special characters such as - and .
| * | Merge "Handle keynames with special characters such as - and ."Brian Carlstrom2012-07-182-18/+20
| |\ \ | | |/ | |/|
| | * Handle keynames with special characters such as - and .Brian Carlstrom2012-07-182-18/+20
| |/ | | | | | | | | | | | | | | | | Bug: http://code.google.com/p/android/issues/detail?id=34577 Bug: 6837950 (cherry-picked from 0114bd9f9bbc2458ca77bf3508e7c15992a432b1) Change-Id: I0c265fe73c1b2c430ffd196a21691264f8f3b555
* | Handle keynames with special characters such as - and .Brian Carlstrom2012-07-172-18/+20
|/ | | | | | | Bug: http://code.google.com/p/android/issues/detail?id=34577 Bug: 6837950 Change-Id: Id441e341073558ab8b20144a7e7f4f7a92c6a19e
* Make sure delete_all function pointer is NULLKenny Root2012-05-171-0/+1
| | | | | | | The peril of not using calloc mean delete_all is not initialized until we explcitly set it. Explicitly set delete_all to NULL to avoid that. Change-Id: Ic370453e6142c6d1b2566df9844b4fac4bc53042
* Only initialize ex_data if not alreadyKenny Root2012-05-031-15/+16
| | | | | | | | ENGINE_by_id will load up multiple copies of the engine which will create a new ex_data index each time it's called. This change makes sure the ex_data index is only initialized once. Change-Id: I5e197faf6273ec3b3cafcbeadf7da8ec04a4f50b
* Allow calls from secondary user Settings app.Amith Yamasani2012-04-111-1/+1
| | | | | | | This is so that Face Unlock can be a valid option for a lockscreen. Otherwise get a PERMISSION_DENIED when uid = 101000. Change-Id: I0085b27dbd4d2f1988ba654acadd72c30f76a47e
* Turn on extra compiler checksKenny Root2012-04-102-20/+18
| | | | | | | | | Turn on the compiler flags -Wall -Wextra -Werror to make sure no compiler warnings are added to the project. Eliminate all unused arguments. Remove unused variables in code. Change-Id: I0940ba897ac716b4a256f94fcd671f1ff5abc62c
* use UniquePtr.h from frameworks/nativeColin Cross2012-03-284-4/+2
| | | | | | | Use the UniquePtr.h include from frameworks/native/include/utils to fix the pdk build. Change-Id: Ic415b43d2eb8c0b7ef54b6f3f75b7fa0d5f7a058
* Add support for upgrading key typesKenny Root2012-03-276-52/+323
| | | | | | | | Old key types were not distinguished by the keystore itself. This change takes some of the reserved fields in the old format and changes it to a version number and key type. Change-Id: I45bd4cdce042617641fe7bd742bbe26da6024996
* Add keymaster delete_all call on resetKenny Root2012-03-261-1/+19
| | | | | | | | | To allow efficient deletion by hardware keymaster modules, add a direct delete_all call when keystore is reset. This will also probably fix problems where the hardware keymaster gets more keys than keystore knows about and fills up its storage. Change-Id: I452e2e609802201dc7db2f52f95b44d72f79efa2
* Add keymaster to keystore with soft implementationKenny Root2012-03-217-16/+1381
| | | | | | | | | | | | | | | Add hardware crypto capabilities to keystore. This allows hardware escrow of private key material. There is also an OpenSSL engine that connects to keystore to allow use of the keystore keys from native code built into the platform. This includes a software implementation of keymaster using OpenSSL as the backend. This is just as insecure as the previous solution, but it's needed so devices without hardware support can continue to operate in the new scheme without a lot of compatibility code. Change-Id: I2bc67766e1f633ef1cbbd2874a65962074e84f4f
* keystore_client shared libraryKenny Root2012-03-135-53/+287
| | | | | | | | | | Add a libkeystore_client.so library for clients to use. Add const-correctness to the keystore.cpp classes. Increase maximum arguments for future work. Change-Id: Ia22f8b893aea3115a7b4a0543ad392c17c8528f2
* Move keystore from frameworks/baseKenny Root2012-02-156-0/+1333
| | | | | | | Move keystore from frameworks/base at commit 57ff581bd9b16a192a567f84d0e0a5c82d866343 Change-Id: I1e62488d63810f14e40ffb3d192925ff4eeb8906
* (no commit message)Anatol Pomazau2012-02-150-0/+0
generated by cgit v1.1 at 2024-05-05 07:21:27 +0000