745d2c98f9467f1befb7ec3a6c485333d4f1b437 |
|
13-Apr-2018 |
Dmitry Dementyev <dementyev@google.com> |
Remove implementation of deprecated RecoveryController methods. Bug: 78021839 Test: manual Change-Id: I8a8a23f1cc14e7b9ffe1e758b6f35906d1a5cf2f
/frameworks/base/core/java/android/security/keystore/recovery/RecoverySession.java
|
3990ee1c9fcd8f801220edec94e6bef3009809b5 |
|
11-Apr-2018 |
Jeff Sharkey <jsharkey@android.com> |
Clean up APIs before declaring API 28. As part of finalizing an SDK, we need to ensure that no new APIs are marked @Deprecated, since they're typically cleanup that someone forgot to finish. Someone forgot to replace Slice.getTimestamp() with Slice.getLong(). Bug: 77588754 Test: builds, boots Exempt-From-Owner-Approval: SDK finalization Change-Id: Ic0ec91a43d161a69c1e840c42046ad500b7aeca0
/frameworks/base/core/java/android/security/keystore/recovery/RecoverySession.java
|
c157e21249b01cca18e6712d69c719f245db51a7 |
|
06-Apr-2018 |
Robert Berry <robertberry@google.com> |
Revert "Remove deprecated RecoveryController API." This reverts commit 0d55aa387a4ec65899fc82a1391e5533c85c3edb. Reason for revert: aps_sidecar binary is still using some of these @removed APIs. Although HEAD of auth_folsom is fixed, aps_sidecar burned in framework is old. Bug: 77629807 Change-Id: I2f03c7d12de30cc2eebd91bb65646caaa00fcd1d
/frameworks/base/core/java/android/security/keystore/recovery/RecoverySession.java
|
0d55aa387a4ec65899fc82a1391e5533c85c3edb |
|
02-Apr-2018 |
Dmitry Dementyev <dementyev@google.com> |
Remove deprecated RecoveryController API. 1) Mark all deprecated methods as removed. Bug: 74944591 Test: atest RecoveryControllerHostTest Change-Id: I2dd88d2ba0b9fb254327ee85b9d983ab10eb061b
/frameworks/base/core/java/android/security/keystore/recovery/RecoverySession.java
|
41d2dd2f266eb8dc50afcda253f04f1c7e9ccc0e |
|
30-Mar-2018 |
Bo Zhu <bozhu@google.com> |
Expose e.getMessage() from the exceptions in RecoverableKeyStore Bug: 77327780 Test: runtest frameworks-services -p \ com.android.server.locksettings.recoverablekeystore Change-Id: Ibf04d6405e6468bfdfef0a8cb8e6e96bffbbf3a2
/frameworks/base/core/java/android/security/keystore/recovery/RecoverySession.java
|
86f5bb1a8cfe2d169767fb723d315955dda3a0e6 |
|
28-Mar-2018 |
Dmitry Dementyev <dementyev@google.com> |
Remove deprecated generateAndStoreKey method implementation Bug: 77156834 Test: GTS, apct. Change-Id: I23791fced21308467afc60cc16efc4aee7074134
/frameworks/base/core/java/android/security/keystore/recovery/RecoverySession.java
|
0bbaf189c259f7d3154737c4284023921dc821b0 |
|
24-Mar-2018 |
Dmitry Dementyev <dementyev@google.com> |
Add more NonNull annotations to RecoveryController API Bug: 73959762 Test: none Change-Id: I648c20a099d4ac1c002f4f467d7189a8bc019560
/frameworks/base/core/java/android/security/keystore/recovery/RecoverySession.java
|
fd4ae0b2ddd58f6acbb19632f20e40024e3d85b1 |
|
23-Mar-2018 |
Dmitry Dementyev <dementyev@google.com> |
Add NonNull annotation to more parameters in Recovery Controller. Use Builder instead of deprecated constructor for KeyDerivationParams. Bug: 75952916 Test: adb shell am instrument \ -w -e package com.android.server.locksettings.recoverablekeystore \ com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner Change-Id: I223e4dc1aa92cbde60e53b364ed74a452d3f6bbd
/frameworks/base/core/java/android/security/keystore/recovery/RecoverySession.java
|
1e6a9dcecb92b4a9a8d3c60372821ba7cd830873 |
|
21-Mar-2018 |
Dmitry Dementyev <dementyev@google.com> |
Update RecoverableKeyStoreManager methods to throw NullPointerException when null is passed as @NonNull argument. Mark serverParams as nullable. Null value can be used to prevent new snapshots creation. Bug: 73959762 Test: Test: adb shell am instrument \ -w -e package com.android.server.locksettings.recoverablekeystore \ com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner Change-Id: I5c6ddd696b2882b3d27978b0146ff419bedaf5ee
/frameworks/base/core/java/android/security/keystore/recovery/RecoverySession.java
|
750b71c6512dad08e9c8eb59c2ad3c0d4fcfe79f |
|
21-Mar-2018 |
Robert Berry <robertberry@google.com> |
Unhide RecoverySession#recoverKeyChainSnapshot() method The other methods expose raw key materials, which is a security flaw. This new API is already being used by GMSCore, via reflection (although falling back to the old methods if it is not available). Would be good to switch it on ASAP. Bug: 74345822 Test: Tested with GMSCore Change-Id: I30d53c9e825888d1122c72d23b7c1c10c6edb1e9
/frameworks/base/core/java/android/security/keystore/recovery/RecoverySession.java
|
e7997a3ea7c5dea839220ae832ea5ff7a7dc7742 |
|
22-Mar-2018 |
Bo Zhu <bozhu@google.com> |
Unhide the new RecoverySession#start with the alias for root cert Bug: 76033708 Test: none, it's just unhiding APIs Change-Id: Iec1e44d24bb1704da082404566233ada83b8eb81
/frameworks/base/core/java/android/security/keystore/recovery/RecoverySession.java
|
889e78cb28a59c678ce1310c94e25ba887e18571 |
|
21-Mar-2018 |
Robert Berry <robertberry@google.com> |
Merge "Add RecoverySession importKeyChainSnapshot method" into pi-dev
|
4a5c87def075c805d4fcae7ff01dd2e78ec27b1a |
|
19-Mar-2018 |
Robert Berry <robertberry@google.com> |
Add RecoverySession importKeyChainSnapshot method This imports the keys directly into the keystore of LockSettingsService, allowing them to be accessed via the RecoveryController getKey method. This is better as it does not expose raw key material to any app. Bug: 74345822 Test: runtest frameworks-services -p \ com.android.server.locksettings.recoverablekeystore Change-Id: I4991b0cff1d2fa2e5bd0b53a71c096499e93e98b
/frameworks/base/core/java/android/security/keystore/recovery/RecoverySession.java
|
b31ab6740d66b21a74ffa77b753ea3364288254e |
|
21-Mar-2018 |
Bo Zhu <bozhu@google.com> |
Use the new root cert file under the core/ folder This CL also adds an alias param to the RecoverySession#start method. Bug: 76033708 Test: runtest frameworks-services -p \ com.android.server.locksettings.recoverablekeystore Change-Id: I870f4f89bd6e319e1687a981aa04af0d23f3c922
/frameworks/base/core/java/android/security/keystore/recovery/RecoverySession.java
|
7f414d94fc4f6bd34325f3865b51e8d11acb52ad |
|
28-Feb-2018 |
Bo Zhu <bozhu@google.com> |
Check the public-key signature of the whole certificate file before accepting the certificates This change requires an additional param to the initRecoveryService() API to take in the public-key signature. Bug: 73904566 Test: adb shell am instrument -w -e package \ com.android.server.locksettings.recoverablekeystore \ com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner Change-Id: I2aeead1fda51b6cd8df71ed3b5066342ebc8d5ea
/frameworks/base/core/java/android/security/keystore/recovery/RecoverySession.java
|
5240541e0173116bf0a088241057ad2e63fc9113 |
|
28-Feb-2018 |
TreeHugger Robot <treehugger-gerrit@google.com> |
Merge "Remove @removed from APIs still in use"
|
5af199c56e2723f0eb98027644a1e3486f22ef18 |
|
28-Feb-2018 |
Robert Berry <robertberry@google.com> |
Remove @removed from APIs still in use I completely misunderstood this annotation. Bug: 73962883 Test: ran unit tests Change-Id: Id3e3863fc6fd1e0614a3c75d25cd35239667eaf0
/frameworks/base/core/java/android/security/keystore/recovery/RecoverySession.java
|
beafcb50d4f963421bac7e84a4f47f68a8b5e4b6 |
|
26-Feb-2018 |
Robert Berry <robertberry@google.com> |
Fix minor documentation issues in RecoveryController Test: none, just doc updates Change-Id: I7d2152f788a65162d72dbd9970230a9a07034014
/frameworks/base/core/java/android/security/keystore/recovery/RecoverySession.java
|
7c1972ff71080568b7288197e96e163d5a469e5f |
|
23-Feb-2018 |
Bo Zhu <bozhu@google.com> |
Add CertPath to KeyChainSnapshot and startRecoverySession CertPath will include a cert of the trusted hardware and necessary intermediate certificates. Bug: 73784851 Change-Id: Ic70616b8f119891a82402b91035456e404c5f6de Test: adb shell am instrument -w -e package \ com.android.server.locksettings.recoverablekeystore \ com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner
/frameworks/base/core/java/android/security/keystore/recovery/RecoverySession.java
|
f8ae5deba2911b7bc8441df31c0504eaaa687add |
|
09-Jan-2018 |
Dmitry Dementyev <dementyev@google.com> |
Unhide RecoverableKeyStoreLoader API. Bug: 66499222 Test: GTS tests under development Change-Id: I4285beaa26bc94d92f6213a34eb1e41ad0994d7a
/frameworks/base/core/java/android/security/keystore/recovery/RecoverySession.java
|
0916e7ca44aba5e6c89d75007da805697fdace9e |
|
23-Jan-2018 |
Dmitry Dementyev <dementyev@google.com> |
Prepare KeyStore RecoveryController API for review. - set/get recovery status simplification - adding account to WrappedKey - moving recovery methods to the Session class. There are small cosmetical changes to .aidl which don't affect implementation logic. Bug: 72299798 Test: adb shell am instrument -w -e package com.android.server.locksettings.recoverablekeystore com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner Change-Id: I9efaa4cde42cf778bb97ed13f62750a65d8c6cb5
/frameworks/base/core/java/android/security/keystore/recovery/RecoverySession.java
|
81ee34bf957dffe020442e3f0c6c06817397ebf0 |
|
23-Jan-2018 |
Robert Berry <robertberry@google.com> |
Move APIs to final location in preparation for API review Leave old APIs in current location for backwards compatibility reasons. Bug: 72298565 Test: Tried flow with current versions of GMSCore to ensure they work still Change-Id: Iafc2b8ad8a574460dbb2482a67935debe71f1113
/frameworks/base/core/java/android/security/keystore/recovery/RecoverySession.java
|