Commit graph

1981 commits

Author SHA1 Message Date
Kenny Root
bcbe09ef49 Merge "Switch keystore to binder" 2012-11-14 14:17:26 -08:00
Kenny Root
07438c8d72 Switch keystore to binder
Change-Id: I6dacdc43bcc1a56e47655e37e825ee6a205eb56b
2012-11-14 11:56:24 -08:00
Kenny Root
66702f7263 am 9b0bd2b3: Merge "Add casts to avoid build warnings with gcc-4.7"
* commit '9b0bd2b32061e852c3233f6784e974b5226c5821':
  Add casts to avoid build warnings with gcc-4.7
2012-10-01 09:06:36 -07:00
Kenny Root
9b0bd2b320 Merge "Add casts to avoid build warnings with gcc-4.7" 2012-10-01 09:00:12 -07:00
Pavel Chupin
c3cb851b50 Add casts to avoid build warnings with gcc-4.7
Example:
keystore.cpp:1339:35: error: narrowing conversion of 'CommandCodes[0]'
from 'command_code_t {aka unsigned char}' to 'int8_t {aka signed char}'

Change-Id: I8cd239880821724050d1716b78851807e0246ef2
Signed-off-by: Pavel Chupin <pavel.v.chupin@intel.com>
2012-09-27 16:12:16 +04:00
Kenny Root
cd8df62842 am 878c359d: Merge "Add getmtime command for keys"
* commit '878c359db8ecac6390592f7f3de19c77f28113a2':
  Add getmtime command for keys
2012-08-20 11:49:35 -07:00
Kenny Root
878c359db8 Merge "Add getmtime command for keys" 2012-08-20 11:32:51 -07:00
Kenny Root
344e0bc23c Add getmtime command for keys
This allows you to check when a key was last modified.

Change-Id: I167844d9a50e26aadfc73a2252b937d2ef09f09d
2012-08-20 11:17:49 -07:00
Kenny Root
d3c598c12c am e7f9da44: Merge "Clear out ENGINE flags when initializing"
* commit 'e7f9da44646b8eb66ef2e7b163176b5272216e86':
  Clear out ENGINE flags when initializing
2012-08-15 23:18:02 -07:00
Kenny Root
e7f9da4464 Merge "Clear out ENGINE flags when initializing" 2012-08-15 22:47:45 -07:00
Kenny Root
938a991106 Clear out ENGINE flags when initializing
We don't need our engine to be copied when initialized with
ENGINE_by_id, so just make sure our flags are cleared when we
initialize.

Change-Id: Ie75fad37c2f78a769c425889c1d0661b468cd0c7
2012-08-15 22:29:23 -07:00
Kenny Root
65c1af4a3c am 593786c9: Merge "keymaster HAL users don\'t need delete_keypair"
* commit '593786c9b885a48a2674e3ebb5c3bab265de2e51':
  keymaster HAL users don't need delete_keypair
2012-08-14 14:05:06 -07:00
Kenny Root
593786c9b8 Merge "keymaster HAL users don't need delete_keypair" 2012-08-14 13:41:50 -07:00
Kenny Root
9a53d3eaf4 keymaster HAL users don't need delete_keypair
The keymaster HAL implementations don't need the delete_keypair method,
but keystore currently throws an error when it's not implemented. This
causes problems with at least the OpenSSL software implementation.

Bug: 6985351
Change-Id: I3d7f7dce2a6d4aad38c20f555ab16aa45f1823b8
2012-08-14 12:48:43 -07:00
The Android Open Source Project
3fff02b4f6 Reconcile with jb-release
Change-Id: Ic25a71c0dcde3cda15caaafd93004f477671db24
2012-07-27 14:53:40 -07:00
The Android Automerger
e9478a07d7 merge in jb-release history after reset to jb-dev 2012-07-24 20:23:19 -07:00
Brian Carlstrom
81a4e0fe5b am aa8467e5: Merge "Handle keynames with special characters such as - and ."
* commit 'aa8467e59b561f454ff7ec902aae688145d8d297':
  Handle keynames with special characters such as - and .
2012-07-19 01:10:21 -07:00
Brian Carlstrom
aa8467e59b Merge "Handle keynames with special characters such as - and ." 2012-07-18 16:41:28 -07:00
Brian Carlstrom
a8c703d9fd Handle keynames with special characters such as - and .
Bug: http://code.google.com/p/android/issues/detail?id=34577
Bug: 6837950

(cherry-picked from 0114bd9f9b)

Change-Id: I0c265fe73c1b2c430ffd196a21691264f8f3b555
2012-07-18 16:32:17 -07:00
Brian Carlstrom
0114bd9f9b Handle keynames with special characters such as - and .
Bug: http://code.google.com/p/android/issues/detail?id=34577
Bug: 6837950

Change-Id: Id441e341073558ab8b20144a7e7f4f7a92c6a19e
2012-07-17 23:56:36 -07:00
Kenny Root
c0ff10d48b Make sure delete_all function pointer is NULL
The peril of not using calloc mean delete_all is not initialized until
we explcitly set it. Explicitly set delete_all to NULL to avoid that.

Change-Id: Ic370453e6142c6d1b2566df9844b4fac4bc53042
2012-05-17 12:42:15 -07:00
Kenny Root
bef8083783 Only initialize ex_data if not already
ENGINE_by_id will load up multiple copies of the engine which will
create a new ex_data index each time it's called. This change makes sure
the ex_data index is only initialized once.

Change-Id: I5e197faf6273ec3b3cafcbeadf7da8ec04a4f50b
2012-05-03 13:53:03 -07:00
Amith Yamasani
e95ce35d10 Allow calls from secondary user Settings app.
This is so that Face Unlock can be a valid option for a lockscreen.
Otherwise get a PERMISSION_DENIED when uid = 101000.

Change-Id: I0085b27dbd4d2f1988ba654acadd72c30f76a47e
2012-04-11 15:44:24 -07:00
Kenny Root
da1ed9ab99 Turn on extra compiler checks
Turn on the compiler flags -Wall -Wextra -Werror to make sure no
compiler warnings are added to the project.

Eliminate all unused arguments. Remove unused variables in code.

Change-Id: I0940ba897ac716b4a256f94fcd671f1ff5abc62c
2012-04-10 12:34:09 -07:00
Colin Cross
98c2f8fcc1 use UniquePtr.h from frameworks/native
Use the UniquePtr.h include from frameworks/native/include/utils
to fix the pdk build.

Change-Id: Ic415b43d2eb8c0b7ef54b6f3f75b7fa0d5f7a058
2012-03-28 09:44:58 -07:00
Kenny Root
822c3a99d9 Add support for upgrading key types
Old key types were not distinguished by the keystore itself. This change
takes some of the reserved fields in the old format and changes it to a
version number and key type.

Change-Id: I45bd4cdce042617641fe7bd742bbe26da6024996
2012-03-27 14:58:04 -07:00
Kenny Root
298e7b1b0f Add keymaster delete_all call on reset
To allow efficient deletion by hardware keymaster modules, add a direct
delete_all call when keystore is reset. This will also probably fix
problems where the hardware keymaster gets more keys than keystore knows
about and fills up its storage.

Change-Id: I452e2e609802201dc7db2f52f95b44d72f79efa2
2012-03-26 14:47:38 -07:00
Kenny Root
70e3a86abd Add keymaster to keystore with soft implementation
Add hardware crypto capabilities to keystore. This allows hardware
escrow of private key material.

There is also an OpenSSL engine that connects to keystore to allow use
of the keystore keys from native code built into the platform.

This includes a software implementation of keymaster using OpenSSL
as the backend.  This is just as insecure as the previous solution,
but it's needed so devices without hardware support can continue
to operate in the new scheme without a lot of compatibility code.

Change-Id: I2bc67766e1f633ef1cbbd2874a65962074e84f4f
2012-03-21 17:12:27 -07:00
Kenny Root
5187818895 keystore_client shared library
Add a libkeystore_client.so library for clients to use.

Add const-correctness to the keystore.cpp classes.

Increase maximum arguments for future work.

Change-Id: Ia22f8b893aea3115a7b4a0543ad392c17c8528f2
2012-03-13 15:24:37 -07:00
Kenny Root
a91203b083 Move keystore from frameworks/base
Move keystore from frameworks/base at commit
57ff581bd9b16a192a567f84d0e0a5c82d866343

Change-Id: I1e62488d63810f14e40ffb3d192925ff4eeb8906
2012-02-15 15:55:09 -08:00
Anatol Pomazau
984d6fa913 2012-02-15 12:35:58 -08:00