Keystore no longer transitions to the database directory as its working
directory. This allows keystore to start before data is mounted.
Test: keystore starts and early.
Change-Id: I98272fb0e97e8fe93eb87a657286681c78d28a60
This commit provides the tables and database access functionality that
will be needed by Keystore to implement its portion of remote
provisioning.
Test: atest keystore2_test
Change-Id: I5b79b1df2896387511759c0a6fadca80edf528fc
This commit adds the AIDL interface required to use remote provisioning,
as well as the implementation.
Test: tbd
Change-Id: I28ade347a00210f4bc3b74664873c2cf5221adb0
This change adds a uuid field to map keys to KM devices to the keyentry
table. For now, the security level reported by the KeyMint instance's
hardware info is uased as uuid until the hardware info returns an
actual uuid. This security level may differ from the security level
requested by keystore clients in some situations, e.g., when running a
pure software implementation or on chrome os.
Test: atest keystore2_test
Change-Id: I4b9556804eb6a435ac48d5929fc238e22c23d94d
Allow storing certificates without keys.
Also allow deleting subcomponents by setting corresponding arguments to
None.
Test: KeyStore CTS and keystore2_test
Change-Id: Ie3c937941c6dd6d4a43cd86273cce4f0d7880ca6
Respect input consumed by KeyMint device and call update in a loop
until all input was consumed.
Test: Keystore CTS tests.
Change-Id: If7bcb019fe5f22d69e2d87d2ba56d597131e318c
We need a way to distinguish between tags that are enforced by KeyMint
with security level "SOFTWARE" and tags that are not enforced by
KeyMint but are expected to be enforced by KEYSTORE.
Test: VtsAidlKeyMintTargetTest
Change-Id: I8a88d661bca0125ee149276f6b9cb0017a1c9b12
The km compatibility test only makes sense on devices that actually have
legacy keymaster. With this patch we skip all the tests if no connection
can be established.
Test: keystore2_km_compat_test
Change-Id: I6cfd52a0410fe1b13f5df4be11d23ef4ea223296
Some of the permission tests only pass on cuttlefish because its
system_server is permissive. This fix makes them pass on real devices.
Test: keystore2_test
Change-Id: I3cca0cf7ca30276eb75fa1d86a9243ee65d3d588
Now using mostly KeyMint error codes and a safe conversion function.
Test: keystore2_km_compat_test_cpp
Change-Id: I43ec848a8ee5544fcc8e79a4af0690e45bc28095
When keys are loaded by grant they may be used by key id subsequently.
This patch adds a check of the grant database when loading the access
tuple. If one is found the access vector is populated allowing
the permission callback to perform access control based on the grant.
Test: keystore2_test
Change-Id: If70dfbc035aed5aa3842663d475b489df3e3dd4e
The legacy wrapper would attempt to self sign certificates based on key
purpose and authorization requirements. But there are keys that meet
those but still fail due to impossible parameter combinations such as
PKCS 1.5 padding with no digest.
With this patch we perform a ephemeral key signature when the self
signing attempt fails so that the key generation can still commence
successfully.
This patch also adds some error logging and revisits some of the error
handling code in the legacy wrapper.
Test: atest android.keystore.cts.SignatureTest\
#testAndroidKeyStoreKeysHandledByAndroidKeyStoreProviderWhenSigning
Change-Id: I3be017636ae9fc61374e47f47a1e1fc5b266f6e2
