Initializing the Keystore 2.0 database will now open the files
persistent.sql and perboot.sql. Tables are created, if they don't
exist, once per service startup instead of on every connection
instantiation. In the test situation we make use of the module
private visibility to create in-memory test databases or attaching
to a set of temporary files.
Test: keystore2_test
Bug: 159370859
Change-Id: I88594dabc72483779d980e81dbc05f2b7a687437
This patch also removes AidlResult form the error module.
The new version of the Keystore 2.0 AIDL spec requires that ResponseCode
and ErrorCode will be returned as service specific error, instead of the
Result type.
Test: keystore2_test
Change-Id: I6f730b282c84abc8be2e693e5d2c7053648d7588
This implements conversion methods on top of basic
keyparameter implementation in aosp/1350725
Bug: 159722691, 159723797, 161798431
Test: atest --host keystore2_tests.
Change-Id: I1457ae4cf4336ebc5bff2645bca55ad285a4449c
This updated the "generated" AIDL interface code to observe the changes
in the AIDL spec.
Test: None
Change-Id: I82d52df370c77208c5f94fb6fd053a122d80dcba
This file maps to about 4 minutes and 15 seconds of tests within
Keystore to be added to presubmit.
Bug: 158797959
Test: atest --test-mapping
Change-Id: I3cb6614d3f3b3fe43f326f50e2dfa915a1b81d21
The options for the rustfmt repo hook have been updated
in change 1399689 to support multiple commits. Update
the configuration for system/security.
Bug: 164111102
Test: repo upload
Change-Id: I516200c81f31a2b3891a229277ac1cd15e5738a9
This patch makes KeystoreKeyBackend Sync and uses a lazy static to cache
the back end in the permissions module.
Test: atest keystore2_test
Bug: 159466840
Change-Id: Ibc7851baede3506acbdf962e59c281fa16cfaf0e
This patch provides higher level functions to query Keystore 2.0
specific SEPolicy.
It provides abstractions for the permissions of the security classes
"keystore2" and "keystore2_key".
It also provides functions to check permission for general Keystore
requests as well as Keystore key and grant requests.
Bug: 159466840
Test: keystore2_test
Change-Id: Ie743cff76fe27f8ad96b2405f5d77b298ba35293
Provide safe wrappers around the libselinux API needed for keystore.
* getcon
* selinux_check_acces
* selabel_lookup
Test: keystore2_selinux_test
Test: keystore2_selinux_rust_bindings_host_test
Bug: 159466840
Change-Id: I73b4aa2e1da9b477965b10927eba069e6346ce6e
This patch adds #[derive(Debug, Copy, Clone, Eq, PartialEq)]
to android.security.keystore2.Result.
We only add these features by demand until the modified code is reliable
generated form AIDL.
Test: None
Change-Id: I79970df31b759845c0ecd7026925792d6786741a
This adds support for persisting the database on disk. Tests do not
do this to avoid race conditions (except for one test that ensures
that persistence works).
Bug: 159370859
Test: atest keystore2_test
Change-Id: Idaf23a271e269902f34c32509dfd923db08df067
The KeystoreDB struct contains the interface with sqlite.
This commit introduces the KeystoreDB object and a sqlite connection
but does not add any operations.
Bug: 159370859
Test: atest keystore2_test
Change-Id: Ie5ec091a01d25ecd520ac29be67117cc3c3fd83c
This is the third CL on sending keystore logging to statsd.
This creates the logs for key attestation events.
Test: Adding tests for logging is yet to be decided.
Bug: 157664923
Merged-In: I412ac59fd6bb2dbcb380f8579740d02ce2fd8790
Change-Id: I16cac8c4ee950adc330659dcb648052e8b2b41a2
This is the second CL on migrating keystore logging to statsd.
This migrates the logging for key operation events.
Three new ResponseCodes are added for the logging purpose of the
abort operations.
Test: Adding tests for logging is yet to be decided.
Change-Id: Iede72341b0f4c80199c9e16cef96a5d98bca8754
Merged-In: I68c1d89beeb733e4b6ba493b8d95935b7e73df60
