f0246a8a14d69680d1776620e75a485cf963e574 |
|
13-Aug-2014 |
Robin Lee <rgl@google.com> |
Keep managed profile keystores in sync with owner Fixes setting a keyguard password for keystore in a multi-user setup while we're at it. Bug: 16233206. Change-Id: I7941707ca66ac25bd122fd22e5e0f639e7af697e
/frameworks/base/keystore/java/android/security/KeyStore.java
|
b91773bce1126d28a93f73fbef18f3a79245f24e |
|
05-Sep-2013 |
Kenny Root <kroot@google.com> |
Add argument to binder call to check key types Before there was only one key type supported, so we didn't need to query a key type. Now there is DSA, EC, and RSA, so there needs to be another argument. Bug: 10600582 Change-Id: I9fe9e46b9ec9cfb2f1246179b2c396216b2c1fdb
/frameworks/base/keystore/java/android/security/KeyStore.java
|
a39859889b7de0ad3190386cc732fa4bdcbe5504 |
|
16-Aug-2013 |
Kenny Root <kroot@google.com> |
Add support for DSA and ECDSA key types (cherry picked from commit f64386fc26efeb245fd90fabaa47b8c8bf9b4613) Bug: 10600582 Change-Id: I88dfcc8ca602f55fad54bd8bf043aee460c0de24
/frameworks/base/keystore/java/android/security/KeyStore.java
|
e7cf8c230208beef0c3a5f83a1e1d2c36ac5ca12 |
|
13-Apr-2013 |
Kenny Root <kroot@google.com> |
keystore: remove old APIs Remove the APIs that don't specify the flags so callers know what they're getting. Bug: 8122243 Change-Id: Ifaef6fb1d16010237c01f9d11f2053bb6b3980c0
/frameworks/base/keystore/java/android/security/KeyStore.java
|
2eeda7286f3c7cb79f7eb71ae6464cad213d12a3 |
|
10-Apr-2013 |
Kenny Root <kroot@google.com> |
AndroidKeyStore: Add encrypted flag Add the encrypted flag for the KeyPairGenerator and the KeyStore so that applications can choose to allow entries when there is no lockscreen. Bug: 8122243 Change-Id: Ia802afe965f2377ad3f282dab8c512388c705850
/frameworks/base/keystore/java/android/security/KeyStore.java
|
a3788b00bb221e20abdd42f747d2af419e0a088c |
|
10-Apr-2013 |
Kenny Root <kroot@google.com> |
keystore: Add flag for blobs to be unencrypted In order to let apps use keystore more productively, make the blob encryption optional. As more hardware-assisted keystores (i.e., hardware that has a Keymaster HAL) come around, encrypting blobs start to make less sense since the thing it's encrypting is usually a token and not any raw key material. Bug: 8122243 Change-Id: If9af0d992d68edec006e630c687df3d03a7c9608
/frameworks/base/keystore/java/android/security/KeyStore.java
|
d72317abd79ddf95d48c8f35bf1070900ff55b5e |
|
02-Apr-2013 |
Kenny Root <kroot@google.com> |
Remove keystore entries when package removed Add a hook into PackageManagerService so that when app IDs are completely removed, we erase all entries from keystore for those UIDs that have gone away. (cherry picked from commit 95e3ee3971915b323e5c13dcfe3b12a4180850cd) Bug: 3020069 Change-Id: I374258ccc103f8cb3e238f2bf0d1afda0659db94
/frameworks/base/keystore/java/android/security/KeyStore.java
|
5cb5cec6a4a4d5432d4ce6468c12de9508db1633 |
|
29-Mar-2013 |
Kenny Root <kroot@google.com> |
KeyStore: add API to query storage type Add an API to keystore daemon to query what kind of storage is currently in use. (cherry picked from commit a738e2a1aee26e0be3944c11820724aeca313f83) Change-Id: I52c84449a27b1cefc49372a6406b7132c2bbddee
/frameworks/base/keystore/java/android/security/KeyStore.java
|
5f1d965f7d7e1df50981ffed8faa11fbcc17ca22 |
|
21-Mar-2013 |
Kenny Root <kroot@google.com> |
KeyStore: change migrate to duplicate After discussion, it was determined that duplicate would be less disruptive and it still fit in the current HAL model. Change-Id: I2f9cae48d38ec7146511e876450fa39fc92cda55
/frameworks/base/keystore/java/android/security/KeyStore.java
|
bd79419ef84ae31f3765721b50aa413fa462d1d1 |
|
20-Mar-2013 |
Kenny Root <kroot@google.com> |
KeyStore: add "migrate" command To support the WiFi service, we need to support migration from the system UID to the wifi UID. This adds a command to achieve the migration. Bug: 8122243 Change-Id: I65f7a91504c1d2a2aac22b9c3051adffd28d66c1
/frameworks/base/keystore/java/android/security/KeyStore.java
|
78ad849163a7b01073b46fbd7d818392720005d1 |
|
14-Feb-2013 |
Kenny Root <kroot@google.com> |
KeyStore: add API to uid versions In previous commits, we added the ability to specify which UID we want to target on certain operations. This commit adds the ability to reach those binder calls from the KeyStore class. Also fix a problem where saw() was not reading all the values returned via the Binder call. This changes the semantics to return a null instead of failing silently when it's not possible to search. Change-Id: I32098dc0eb42e09ace89f6b7455766842a72e9f4
/frameworks/base/keystore/java/android/security/KeyStore.java
|
b9594ce9ebb3f5f303a280f04312ae5754ce3560 |
|
14-Feb-2013 |
Kenny Root <kroot@google.com> |
KeyStore: stop using state() Change-Id: I721974fd95f8d1ab06a3fd1bbb4c9b4d9d1d7752
/frameworks/base/keystore/java/android/security/KeyStore.java
|
e151f281d527f4bea5cbdf4219d5e0507a6668b0 |
|
14-Feb-2013 |
Kenny Root <kroot@google.com> |
Track keystore binder changes Change-Id: Id6133be059a8a0901d16355a9152e40e4a255454
/frameworks/base/keystore/java/android/security/KeyStore.java
|
e66769ad5194cb4533d1087416a2e804ac384285 |
|
05-Feb-2013 |
Kenny Root <kroot@google.com> |
AndroidKeyStore: return error code on error Instead of blindly multiplying return value by 1000 to convert to milliseconds, check to see if it's an error condition first. Change-Id: I8eab1e7a86d78c13458fcbbc79d590e452fc9791
/frameworks/base/keystore/java/android/security/KeyStore.java
|
8b58c52bf4cc276165b1857eb4087eabde7b6477 |
|
04-Feb-2013 |
Kenny Root <kroot@google.com> |
AndroidKeyStore: fix tests Change-Id: I65fd8ba27af57ea8fd27c8e08c9c1201f32c494d
/frameworks/base/keystore/java/android/security/KeyStore.java
|
6b77645aa9ac51ce33ea67adba226aaf1a6e8846 |
|
02-Nov-2012 |
Kenny Root <kroot@google.com> |
Switch keystore to binder Change-Id: I9fa1fc05068bee1eed3f618fb32f70cf3d4c05d4
/frameworks/base/keystore/java/android/security/KeyStore.java
|
473c712b19bad992ab4eafcd43175fdce77b913d |
|
18-Aug-2012 |
Kenny Root <kroot@google.com> |
Add getmtime to Android KeyStore API java.security.KeyStore requires that you be able to get the creation date for any given entry. We'll approximate that through using the mtime of the file in the keystore. Change-Id: I16f74354a6c2e78a1a0b4dc2ae720c5391274e6f
/frameworks/base/keystore/java/android/security/KeyStore.java
|
5b1f037829bff93877a6257db69f4e7723a27e20 |
|
31-Jul-2012 |
Brian Carlstrom <bdc@google.com> |
Change KeyStore to use Modified UTF-8 to match NativeCrypto Bug: http://code.google.com/p/android/issues/detail?id=35141 Bug: 6869713 Change-Id: I61cb309786960072148ef97ea5afedb33dc45f4e
/frameworks/base/keystore/java/android/security/KeyStore.java
|
5423e68d5dbe048ec6f042cce52a33f94184e9fb |
|
14-Nov-2011 |
Kenny Root <kroot@google.com> |
Add signing to keystore Change the keystore to keep the private keys in keystore. When returned, it uses the OpenSSL representation of the key to allow users to use it in various operations through the OpenSSL ENGINE that connects to keystore. Change-Id: I3681f98cb2ec49ffc4a49f3821909313b4ab5735
/frameworks/base/keystore/java/android/security/KeyStore.java
|
7e4b1a488dd02c4bf6156379e36834e9e01c5b1b |
|
02-Jun-2011 |
Brian Carlstrom <bdc@google.com> |
Restore ResponseCodes for use with getLastError Change-Id: I41b5bc9cbb6c05672c92d5864e889fd2b0186141
/frameworks/base/keystore/java/android/security/KeyStore.java
|
5cfee3fabb3482c6a6df1c8b6f21e843cf214527 |
|
31-May-2011 |
Brian Carlstrom <bdc@google.com> |
Integrating keystore with keyguard (Part 1 of 4) Summary: frameworks/base keystore rewrite keyguard integration with keystore on keyguard entry or keyguard change KeyStore API simplification packages/apps/Settings Removed com.android.credentials.SET_PASSWORD intent support Added keyguard requirement for keystore use packages/apps/CertInstaller Tracking KeyStore API changes Fix for NPE in CertInstaller when certificate lacks basic constraints packages/apps/KeyChain Tracking KeyStore API changes Details: frameworks/base Move keystore from C to C++ while rewriting password implementation. Removed global variables. Added many comments. cmds/keystore/Android.mk cmds/keystore/keystore.h cmds/keystore/keystore.c => cmds/keystore/keystore.cpp cmds/keystore/keystore_cli.c => cmds/keystore/keystore_cli.cpp Changed saveLockPattern and saveLockPassword to notify the keystore on changes so that the keystore master key can be reencrypted when the keyguard changes. core/java/com/android/internal/widget/LockPatternUtils.java Changed unlock screens to pass values for keystore unlock or initialization policy/src/com/android/internal/policy/impl/PasswordUnlockScreen.java policy/src/com/android/internal/policy/impl/PatternUnlockScreen.java KeyStore API changes - renamed test() to state(), which now return a State enum - made APIs with byte[] key arguments private - added new KeyStore.isEmpty used to determine if a keyguard is required keystore/java/android/security/KeyStore.java In addition to tracking KeyStore API changes, added new testIsEmpty and improved some existing tests to validate expect values. keystore/tests/src/android/security/KeyStoreTest.java packages/apps/Settings Removing com.android.credentials.SET_PASSWORD intent with the removal of the ability to set an explicit keystore password now that the keyguard value is used. Changed to ensure keyguard is enabled for keystore install or unlock. Cleaned up interwoven dialog handing into discrete dialog helper classes. AndroidManifest.xml src/com/android/settings/CredentialStorage.java Remove layout for entering new password res/layout/credentials_dialog.xml Remove enable credentials checkbox res/xml/security_settings_misc.xml src/com/android/settings/SecuritySettings.java Added ability to specify minimum quality key to ChooseLockGeneric Activity. Used by CredentialStorage, but could also be used by CryptKeeperSettings. Changed ChooseLockGeneric to understand minimum quality for keystore in addition to DPM and device encryption. src/com/android/settings/ChooseLockGeneric.java Changed to use getActivePasswordQuality from getKeyguardStoredPasswordQuality based on experience in CredentialStorage. Removed bogus class javadoc. src/com/android/settings/CryptKeeperSettings.java Tracking KeyStore API changes src/com/android/settings/vpn/VpnSettings.java src/com/android/settings/wifi/WifiSettings.java Removing now unused string resources res/values-af/strings.xml res/values-am/strings.xml res/values-ar/strings.xml res/values-bg/strings.xml res/values-ca/strings.xml res/values-cs/strings.xml res/values-da/strings.xml res/values-de/strings.xml res/values-el/strings.xml res/values-en-rGB/strings.xml res/values-es-rUS/strings.xml res/values-es/strings.xml res/values-fa/strings.xml res/values-fi/strings.xml res/values-fr/strings.xml res/values-hr/strings.xml res/values-hu/strings.xml res/values-in/strings.xml res/values-it/strings.xml res/values-iw/strings.xml res/values-ja/strings.xml res/values-ko/strings.xml res/values-lt/strings.xml res/values-lv/strings.xml res/values-ms/strings.xml res/values-nb/strings.xml res/values-nl/strings.xml res/values-pl/strings.xml res/values-pt-rPT/strings.xml res/values-pt/strings.xml res/values-rm/strings.xml res/values-ro/strings.xml res/values-ru/strings.xml res/values-sk/strings.xml res/values-sl/strings.xml res/values-sr/strings.xml res/values-sv/strings.xml res/values-sw/strings.xml res/values-th/strings.xml res/values-tl/strings.xml res/values-tr/strings.xml res/values-uk/strings.xml res/values-vi/strings.xml res/values-zh-rCN/strings.xml res/values-zh-rTW/strings.xml res/values-zu/strings.xml res/values/strings.xml packages/apps/CertInstaller Tracking KeyStore API changes src/com/android/certinstaller/CertInstaller.java Fix for NPE in CertInstaller when certificate lacks basic constraints src/com/android/certinstaller/CredentialHelper.java packages/apps/KeyChain Tracking KeyStore API changes src/com/android/keychain/KeyChainActivity.java src/com/android/keychain/KeyChainService.java support/src/com/android/keychain/tests/support/IKeyChainServiceTestSupport.aidl support/src/com/android/keychain/tests/support/KeyChainServiceTestSupport.java tests/src/com/android/keychain/tests/KeyChainServiceTest.java Change-Id: Ic141fb5d4b43d12fe62cb1e29c7cbd891b4be35d
/frameworks/base/keystore/java/android/security/KeyStore.java
|
46703b099516c383a6882815bcf9cd4df0ec538d |
|
07-Apr-2011 |
Brian Carlstrom <bdc@google.com> |
Tolerate missing AccountManager resource, not just missing resource name In addition to the primary change in the subject, also some minor cleanup of javadoc, typos, CloseGuard warning, etc found while working on a new AbstractAccountAuthenticator. Change-Id: I73f3408773a43a0021a15f8d051fd3dbbdf898a5
/frameworks/base/keystore/java/android/security/KeyStore.java
|
34c47c855815d731e6deb55748ff690b0ec7b53f |
|
09-Mar-2010 |
Nick Kralevich <nnk@google.com> |
Don't rely on the system locale for converting to/from bytes. By default, when java converts Strings to bytes, it uses the default system locale. This can be specified by the -Dfile.encoding option. If no file encoding is specified, java uses ISO8859_1. Unfortunately, not all unicode characters can be mapped to ISO8859_1. Unmappable characters may be replaced by a byte within ISO8859_1, which may change the meaning of the String. This is especially problematic for password strings, and has been used to compromise the security of passwords in the past. Thankfully, Android uses UTF-8 by default, so this bug doesn't effect Android devices. However, it's recommended to explicitly list the character set when converting to/from bytes to avoid the potential ambiguity. Change-Id: Iec927e27ed3fc103696c439f6bd3e8779a37ade8
/frameworks/base/keystore/java/android/security/KeyStore.java
|
d12feb97667498378a472c5a7895a9fcd8056ec5 |
|
06-Feb-2010 |
Chia-chi Yeh <chiachi@android.com> |
KeyStore: minor improvements. Make constants final. Only converts ArrayLists to arrays when necessary.
/frameworks/base/keystore/java/android/security/KeyStore.java
|
f1ece5d0c16fa3e79390e41ad9bec020c77d7720 |
|
24-Sep-2009 |
Chia-chi Yeh <chiachi@android.com> |
KeyStore: return null when response code indicates an error.
/frameworks/base/keystore/java/android/security/KeyStore.java
|
613fcc850686dfe71cec9809c3694be9cf02cdc7 |
|
21-Sep-2009 |
Chia-chi Yeh <chiachi@android.com> |
KeyStore: rename scan() to saw().
/frameworks/base/keystore/java/android/security/KeyStore.java
|
44039172627d1c15737ea73836ad375559d76211 |
|
21-Sep-2009 |
Chia-chi Yeh <chiachi@android.com> |
KeyStore: add java interface.
/frameworks/base/keystore/java/android/security/KeyStore.java
|