Since these were combined into libhidlbase.
Bug: 135686713
Test: build only (libhwbinder/libhidltransport are empty)
Change-Id: I940228446b6f5b747399b408ad9af652ac618fda
The keystore backend used by racoon interprets the return value of
getKeyCharacteristics such that it thinks that it failed when it didn't.
Test: Initiate VPN connection with racoon.
Bug: 120024003
Change-Id: Ibe936a2d2d81181c10f0dd1075cc5ab3646f736e
The cast operator for KeyStoreNativeReturnCode and
KeyStoreNativeReturnCode will be removed later.
There already exists a stream operator to get
at the underlying value. Use that instead.
Bug: 119771891
Test: Built for walleye successfully, basic operations with
keystore_cli_v2 tool work correctly.
Change-Id: I357e0582841b1deadbffd59bb49b5ae8542c9aee
Since the keystore AIDL interface became asynchronous we need a thread to handle the
callbacks.
With this patch keystore_backend_binder starts a thread pool when a
backend is created.
Also change keystore_cli_v2 to use startThreadPool instead of starting a
binder thread explicitely.
Bug: 111443219
Change-Id: Ic5b19d95f51a24d823825d5874ec85eeabd9ef5f
This patches changes the keystore to use the asychronous api model for
begin, update, finish, and abort.
Also removes unused class KeystoreArguments (aidl and implementation).
Test: Keystore CTS tests
Bug: 111443219
Change-Id: Icc6def9ff6dbe32193272d7d015079a006ebc430
In preparation for making the keystore service asynchronous we remove
redundant legacy functionality from the protocol.
This patch removes the functions get_pubkey, sign, verify, generate,
and import_key. Which have long been superseded by exportKey
(get_pubkey), begin/update/finish (sign, verify), generateKey
(generate), and importKey (import_key).
This patch also removes the implementations of these functions from
key_store_service and updates keystore-engine which still used the
legacy functionality.
It also remove the call isOperationAuthorized which was unused.
Test: Keystore CTS tests
Bug: 109769728
Change-Id: I0de359b3e43fd72faa9d1511f84b7c024968c884
This commit replaces <cutils/log.h> and <utils/Log.h> with <log/log.h>.
Background:
<cutils/log.h> has been moved to <log/log.h> for a while. Both
<cutils/log.h> and <utils/Log.h> simply includes <log/log.h> for
backward compatibility. This commit is a part of the effort to remove
<cutils/log.h> and <utils/Log.h> from the source tree eventually.
Bug: 78370064
Test: lunch aosp_walleye-userdebug && cd system/security && mma
Change-Id: I798f06d78e2cc5cd197727c0bcdd05c87d769a90
Generated IKeystoreService has different signature, which required lots
of refactoring.
After update methods relevant data using last parameter.
Test: cts-tradefed run cts -m CtsKeystoreTestCases
Bug: 68389643
Change-Id: I0ca36a2e9e007143a3b403b306a8f979ee98b232
This merges go/aog/424219 into master (unfortunately, the
implementations are meaningfully different).
This matches the other uses in Android and would have avoided
https://android-review.googlesource.com/c/423260/.
Test: mma
Change-Id: I81f6092ab50ff408a48f18bcbca2a50cf9717ca6
libkeystore-wifi-hidl and libkeystore-engine-wifi-hidl are required by
/vendor/bin/hw/wpa_supplicant. They are installed to /system partition.
This does not cause any problem as long as both /system and /vendor
partitions are built for the same target product, as we do for most of
our products.
However, it becomes a problem when we build only the /system partition
for the generic AOSP system.img. In that case, the libs are not
installed to the partition since we don't build vendor image for the
target and thus wpa_supplicant (and its dependencies as well) aren't
on the list of dmoules to be built/installed.
Moving them to vendor partition by adding LOCAL_VENDOR_MODULE := true
solves the problem.
Bug: 37126829
Test: basic functionalities of wifi work on marlin/sailfish with
system.img built from aosp_arm64_ab.
Change-Id: I783756a5848786b15c1f227f06a1ee2e291d3ce9
Fixes for issues found in wifi integration tests:
1. ensure_keystore_engine() needs to be invoked before we access
|g_keystore_backend|.
2. The HIDL backends need to return 0 when the operation succeeds.
Bug: 34603782
Test: Manual tests.
Change-Id: If61d3bef27dab6f4fb73113f0ed6d3e784a29f32
The wifi keystore hal will run in the context of the main keystore
daemon.
Also,
Use the new IKeystore::tryGetService() for retrieveing the HAL service.
Bug: 34603782
Test: Able to connect to wifi passpoint networks.
Change-Id: I1436ea83166e5ad17372d98b0fd699c0dd732a11
Create a "keystore_get" library that uses the HIDL path insted
of using binder directly.
Bug: 34603782
Test: Able to connect to wifi passpoint networks.
Change-Id: I0f545ea104e3f27bebd262bc5a2e79f6b517c972
This CL adds variants of the public key retrieval and signing
routine which use the WiFi Keystore HIDL for the backend.
The Android.mk has been modified to build a second variant of
the library to expose this HIDL backend. While here, add
guards to all headers.
Bug: 34603782
Test: Able to connect to wifi passpoint networks.
Change-Id: I444ef383e4d3fdabc10c3e44c1bae9747613c8cf
Create a pure virtual class "KeystoreBackend" which supplies the
crypto methods used by android_engine. Create a KestoreBackendBinder
class which implements the binder backend as a no-op change that
will allow future backends to be added.
Bug: 34603782
Test: Compiles
Change-Id: I16620aba569bd53290145b2b30242c4888106d0a
This patch ports keystore to the HIDL based binderized keymaster HAL.
Keystore has no more dependencies on legacy keymaster headers, and
therefore data structures, constant declarations, or enums. All
keymaster related data structures and enums used by keystore are the
once defined by the HIDL based keymaster HAL definition. In the process
of porting, keystore underwent some changes:
* Keystore got a new implementation of AuthorizationSet that is fully
based on the new HIDL data structures. Key parameters are now either
organised as AuthorizationSets or hidl_vec<KeyParameter>. (Formerly,
this was a mixture of keymaster's AuthorizationSet,
std::vec<keymaster_key_param_t>, and keymaster_key_param_set_t.) The
former is used for memory management and provides algorithms for
assembling, joining, and subtracting sets of parameters. The latter
is used as wire format for the HAL IPC; it can wrap the memory owned
by an AuthorizationSet for this purpose. The AuthorizationSet is
accompanied by a new implementation of type safe functions for
creating and accessing tagged key parameters,
Authorizations (keystore/keymaster_tags.h).
* A new type (KSSReturnCode) was introduced that wraps keystore service
response codes. Keystore has two sets of error codes. ErrorCode
errors are less than 0 and use 0 as success value. ResponseCode
errors are greater than zero and use 1 as success value. This patch
changes ResponseCode to be an enum class so that is no longer
assignable to int without a cast. The new return type can only be
initialized by ResponseCode or ErrorCode and when accessed as int32_t,
which happens on serialization when the response is send to a client,
the success values are coalesced onto 1 as expected by the
clients. KSSreturnCode is also comparable to ResponseCode and
ErrorCode, and the predicate isOk() returns true if it was initialized
with either ErrorCode::OK (0) or ReponseCode::NO_ERROR (1).
* A bug was fixed, that caused the keystore verify function to return
success, regardless of the input, internal errors, or lack of
permissions.
* The marshalling code in IKeystoreService.cpp was rewritten. For data
structures that are known to keymaster, the client facing side of
keystore uses HIDL based data structures as (target) source
for (un)marshaling to avoid further conversion. hidl_vecs are used to
wrap parcel memory without copying and taking ownership where
possible.
* Explicit use of malloc is reduced (malloc was required by the C nature
of the old HAL). The new implementations avoid explicit use of
malloc/new and waive the use of pointers for return values. Instead,
functions return by value objects that take ownership of secondary
memory allocations where required.
Test: runtest --path=cts/tests/tests/keystore/src/android/keystore/cts
Bug: 32020919
Change-Id: I59d3a0f4a6bdf6bb3bbf791ad8827c463effa286
Only BoringSSL is supported anymore. The OpenSSL code is not tested.
Test: make -j32
Bug: 31464605
Change-Id: I6394bcf71f9e0b17bd8cbb50f6868df03aa00780
RSA_FLAG_EXT_PKEY, despite the name, is only about calling the RSA_METHOD's
mod_exp hook while reusing the rest of the RSA_private_transform logic. This
code doesn't provide mod_exp and instead overrides private_transform, so the
flag is a no-op.
The BORINGSSL_201509 define was used to make updating BoringSSL in
external/boringssl less painful. It allowed code to compile with either
the old BoringSSL (which didn't define BORINGSSL_201509) or with the new
(which does).
Now that the new version has landed, this change removes that support.
Change-Id: I19e661419f830459d015bf14e7905af2ec41b735
This change tweaks things as needed so that the code will compile
against both the BoringSSL that's currently in Android and a version
from upstream. The BORINGSSL_201509 define is temporary to allow the
switch to happen without breaking the build and a followup change will
remove it.
Change-Id: I3d09b5644661353723803bcbda937d34455849a5
The module relative path was accidentally erased when BoringSSL
compatibility was added. This restores the path so that WiFi with
keystore-backed credentials works again (among other things).
Bug: 19680487
Change-Id: Iee7c13d7b60d93f1520886e90ec23875bd52ab9a
The libcrypto and libssl modules (and their respective static and host
versions) use LOCAL_EXPORT_C_INCLUDE_DIRS thus just including the module
is sufficient.
Change-Id: I53fed0932b9f15b273880810cf38a03ecf6dc274
This change allows system/security to build with the latest BoringSSL.
1) RSA methods have gained a function pointer, |supports_digest|, which
allows methods to indicate that they only support certain hash
functions via the high-level interface.
2) EC_GROUP_set_point_conversion_form has been removed (it was
previously a no-op).
Change-Id: I590094d8904f418cfd6baf064ac9799525fbc09e
This change adds a new ENGINE implementation for BoringSSL. It's a no-op
until external/openssl is switched to BoringSSL.
BoringSSL's ENGINEs are very different from OpenSSL's (and very much
smaller). Thus this change adds replacement code that is conditionally
compiled when BoringSSL is used.
Rather than building a .so that is put in a special directory and loaded
by OpenSSL dymanically, the code becomes a normal library that exports a
single function: EVP_PKEY_from_keystore. All the |ENGINE_load| etc
functions that callers previously needed become moot with BoringSSL.
Bug: 17409664
Change-Id: I8b5ba255f86ec5d0f28994358dc0f0b516f0af40
Nothing using the EVP_PKEY correctly, so we should revert to the EC_KEY
and ECDSA interfaces. Unfortunately, the SSL client certificate library
uses EC_KEY directly, so just having the EVP_PKEY interface doesn't
work.
Remove the EVP_PKEY interface entirely because it just adds complexity
since the EC_KEY path will do the same thing.
(cherry picked from commit 47041552bd)
Bug: 10655329
Change-Id: Ibf8c36780fe93284b88e91b7860baf1b951b4266
