Some issues require a system error to be raised that
indicates we should retry the process. This adds a new
error and bumps the version of the api for future use.
Test: atest keystore2_test
Bug: 238619180
Change-Id: Iff8fa83f7b223e08de9fa31434e16aa3aa2153f6
avoid issues while linking shared libraries with Rust test binaries.
This change is made to avoid vts-tradefed failure to link the shared
library while running the Rust VTS `keystore2_client_tests` test
suite. As suggested in b/314110490#24 using the libkeystore-engine
static-library to run keystore2_client_tests.
Bug: 314110490, 298668920
Test: atest keystore2_client_tests; run vts -m keystore2_client_tests
Change-Id: If956865eeb4af908f33b1ad81a2b2e26300aae0e
cc_library_shared.
Since libkeystore-engine used only in keystore2_client_tests test
module, creating it as cc_test_library.
Bug: 298668920
Test: atest keystore2_client_tests
Change-Id: I656e989186610266c8a59ac11db8ac8a47d3514f
1. Generate RSA key and grant it to a user. In user context load the
key using `EVP_PKEY_from_keystore` and perform sign and verify
opeearions.
[keystore2_perofrm_crypto_op_using_keystore2_engine_rsa_key_success]
2. Generate EC key and grant it to a user. In user context load the
key using `EVP_PKEY_from_keystore` and perform sign and verify
operations.
[keystore2_perofrm_crypto_op_using_keystore2_engine_ec_key_success]
3. Generate RSA key and grant it to a user. Re-encode the certificate
as PEM and update the certificate using `updateSubcomponents`.
In user context load the key using `EVP_PKEY_from_keystore` and
perform sign and verify operations.
Bug: 201343811
Test: atest keystore2_client_tests
Change-Id: I7dafd598f4198e11103cd11695b2f67636f24755
Constructing an RSA object is sadly a bit tedious, but that's the API
OpenSSL came up with. While I'm here, switch an EVP_PKEY_get1_RSA to
EVP_PKEY_get0_RSA; we can avoid an unnecessary refcount bump.
Test: mm
Change-Id: I8b368ea1efa71e3f8b3cd0c734c1cdd0f2c964e5
Keystore 2.0 in Android S requires all new certificates to be stored in
DER format, however, when upgrading from R or older, there may be
certificates stored in PEM format. This patch allows keystore2-engine to
extract the public keys from certificates in either format.
Bug: 199155260
Test: N/A
Change-Id: I4bd5befcef15af5fbc2cbec3fdf4d581b1558b56
The ndk_platform backend will soon be deprecated because the ndk backend
can serve the same purpose. This is to eliminate the confusion about
having two variants (ndk and ndk_platform) for the same 'ndk' backend.
Bug: 161456198
Test: m
Change-Id: Ibeb4178f99857be75bb5f83a073a2d679058d921
When 'alias' does not start with 'keystore2_grant_id_prefix',
we'll stop looking immediately, instead of continuing to look
throughout 'alias' for further substring matches.
Test: TreeHugger
Bug: 173546268
Bug: 171305607
Bug: 175068876
Change-Id: I40057abce165b18e6bc0cb38daebef81401b5a72
Since these were combined into libhidlbase.
Bug: 135686713
Test: build only (libhwbinder/libhidltransport are empty)
Change-Id: I940228446b6f5b747399b408ad9af652ac618fda
The keystore backend used by racoon interprets the return value of
getKeyCharacteristics such that it thinks that it failed when it didn't.
Test: Initiate VPN connection with racoon.
Bug: 120024003
Change-Id: Ibe936a2d2d81181c10f0dd1075cc5ab3646f736e
The cast operator for KeyStoreNativeReturnCode and
KeyStoreNativeReturnCode will be removed later.
There already exists a stream operator to get
at the underlying value. Use that instead.
Bug: 119771891
Test: Built for walleye successfully, basic operations with
keystore_cli_v2 tool work correctly.
Change-Id: I357e0582841b1deadbffd59bb49b5ae8542c9aee
Since the keystore AIDL interface became asynchronous we need a thread to handle the
callbacks.
With this patch keystore_backend_binder starts a thread pool when a
backend is created.
Also change keystore_cli_v2 to use startThreadPool instead of starting a
binder thread explicitely.
Bug: 111443219
Change-Id: Ic5b19d95f51a24d823825d5874ec85eeabd9ef5f
This patches changes the keystore to use the asychronous api model for
begin, update, finish, and abort.
Also removes unused class KeystoreArguments (aidl and implementation).
Test: Keystore CTS tests
Bug: 111443219
Change-Id: Icc6def9ff6dbe32193272d7d015079a006ebc430
In preparation for making the keystore service asynchronous we remove
redundant legacy functionality from the protocol.
This patch removes the functions get_pubkey, sign, verify, generate,
and import_key. Which have long been superseded by exportKey
(get_pubkey), begin/update/finish (sign, verify), generateKey
(generate), and importKey (import_key).
This patch also removes the implementations of these functions from
key_store_service and updates keystore-engine which still used the
legacy functionality.
It also remove the call isOperationAuthorized which was unused.
Test: Keystore CTS tests
Bug: 109769728
Change-Id: I0de359b3e43fd72faa9d1511f84b7c024968c884
This commit replaces <cutils/log.h> and <utils/Log.h> with <log/log.h>.
Background:
<cutils/log.h> has been moved to <log/log.h> for a while. Both
<cutils/log.h> and <utils/Log.h> simply includes <log/log.h> for
backward compatibility. This commit is a part of the effort to remove
<cutils/log.h> and <utils/Log.h> from the source tree eventually.
Bug: 78370064
Test: lunch aosp_walleye-userdebug && cd system/security && mma
Change-Id: I798f06d78e2cc5cd197727c0bcdd05c87d769a90
Generated IKeystoreService has different signature, which required lots
of refactoring.
After update methods relevant data using last parameter.
Test: cts-tradefed run cts -m CtsKeystoreTestCases
Bug: 68389643
Change-Id: I0ca36a2e9e007143a3b403b306a8f979ee98b232
This merges go/aog/424219 into master (unfortunately, the
implementations are meaningfully different).
This matches the other uses in Android and would have avoided
https://android-review.googlesource.com/c/423260/.
Test: mma
Change-Id: I81f6092ab50ff408a48f18bcbca2a50cf9717ca6
libkeystore-wifi-hidl and libkeystore-engine-wifi-hidl are required by
/vendor/bin/hw/wpa_supplicant. They are installed to /system partition.
This does not cause any problem as long as both /system and /vendor
partitions are built for the same target product, as we do for most of
our products.
However, it becomes a problem when we build only the /system partition
for the generic AOSP system.img. In that case, the libs are not
installed to the partition since we don't build vendor image for the
target and thus wpa_supplicant (and its dependencies as well) aren't
on the list of dmoules to be built/installed.
Moving them to vendor partition by adding LOCAL_VENDOR_MODULE := true
solves the problem.
Bug: 37126829
Test: basic functionalities of wifi work on marlin/sailfish with
system.img built from aosp_arm64_ab.
Change-Id: I783756a5848786b15c1f227f06a1ee2e291d3ce9
Fixes for issues found in wifi integration tests:
1. ensure_keystore_engine() needs to be invoked before we access
|g_keystore_backend|.
2. The HIDL backends need to return 0 when the operation succeeds.
Bug: 34603782
Test: Manual tests.
Change-Id: If61d3bef27dab6f4fb73113f0ed6d3e784a29f32
The wifi keystore hal will run in the context of the main keystore
daemon.
Also,
Use the new IKeystore::tryGetService() for retrieveing the HAL service.
Bug: 34603782
Test: Able to connect to wifi passpoint networks.
Change-Id: I1436ea83166e5ad17372d98b0fd699c0dd732a11
Create a "keystore_get" library that uses the HIDL path insted
of using binder directly.
Bug: 34603782
Test: Able to connect to wifi passpoint networks.
Change-Id: I0f545ea104e3f27bebd262bc5a2e79f6b517c972
This CL adds variants of the public key retrieval and signing
routine which use the WiFi Keystore HIDL for the backend.
The Android.mk has been modified to build a second variant of
the library to expose this HIDL backend. While here, add
guards to all headers.
Bug: 34603782
Test: Able to connect to wifi passpoint networks.
Change-Id: I444ef383e4d3fdabc10c3e44c1bae9747613c8cf
Create a pure virtual class "KeystoreBackend" which supplies the
crypto methods used by android_engine. Create a KestoreBackendBinder
class which implements the binder backend as a no-op change that
will allow future backends to be added.
Bug: 34603782
Test: Compiles
Change-Id: I16620aba569bd53290145b2b30242c4888106d0a
This patch ports keystore to the HIDL based binderized keymaster HAL.
Keystore has no more dependencies on legacy keymaster headers, and
therefore data structures, constant declarations, or enums. All
keymaster related data structures and enums used by keystore are the
once defined by the HIDL based keymaster HAL definition. In the process
of porting, keystore underwent some changes:
* Keystore got a new implementation of AuthorizationSet that is fully
based on the new HIDL data structures. Key parameters are now either
organised as AuthorizationSets or hidl_vec<KeyParameter>. (Formerly,
this was a mixture of keymaster's AuthorizationSet,
std::vec<keymaster_key_param_t>, and keymaster_key_param_set_t.) The
former is used for memory management and provides algorithms for
assembling, joining, and subtracting sets of parameters. The latter
is used as wire format for the HAL IPC; it can wrap the memory owned
by an AuthorizationSet for this purpose. The AuthorizationSet is
accompanied by a new implementation of type safe functions for
creating and accessing tagged key parameters,
Authorizations (keystore/keymaster_tags.h).
* A new type (KSSReturnCode) was introduced that wraps keystore service
response codes. Keystore has two sets of error codes. ErrorCode
errors are less than 0 and use 0 as success value. ResponseCode
errors are greater than zero and use 1 as success value. This patch
changes ResponseCode to be an enum class so that is no longer
assignable to int without a cast. The new return type can only be
initialized by ResponseCode or ErrorCode and when accessed as int32_t,
which happens on serialization when the response is send to a client,
the success values are coalesced onto 1 as expected by the
clients. KSSreturnCode is also comparable to ResponseCode and
ErrorCode, and the predicate isOk() returns true if it was initialized
with either ErrorCode::OK (0) or ReponseCode::NO_ERROR (1).
* A bug was fixed, that caused the keystore verify function to return
success, regardless of the input, internal errors, or lack of
permissions.
* The marshalling code in IKeystoreService.cpp was rewritten. For data
structures that are known to keymaster, the client facing side of
keystore uses HIDL based data structures as (target) source
for (un)marshaling to avoid further conversion. hidl_vecs are used to
wrap parcel memory without copying and taking ownership where
possible.
* Explicit use of malloc is reduced (malloc was required by the C nature
of the old HAL). The new implementations avoid explicit use of
malloc/new and waive the use of pointers for return values. Instead,
functions return by value objects that take ownership of secondary
memory allocations where required.
Test: runtest --path=cts/tests/tests/keystore/src/android/keystore/cts
Bug: 32020919
Change-Id: I59d3a0f4a6bdf6bb3bbf791ad8827c463effa286
Only BoringSSL is supported anymore. The OpenSSL code is not tested.
Test: make -j32
Bug: 31464605
Change-Id: I6394bcf71f9e0b17bd8cbb50f6868df03aa00780
RSA_FLAG_EXT_PKEY, despite the name, is only about calling the RSA_METHOD's
mod_exp hook while reusing the rest of the RSA_private_transform logic. This
code doesn't provide mod_exp and instead overrides private_transform, so the
flag is a no-op.
The BORINGSSL_201509 define was used to make updating BoringSSL in
external/boringssl less painful. It allowed code to compile with either
the old BoringSSL (which didn't define BORINGSSL_201509) or with the new
(which does).
Now that the new version has landed, this change removes that support.
Change-Id: I19e661419f830459d015bf14e7905af2ec41b735
