0cf34a249c008743cf2e2371743a89f86aa4b03c |
|
23-Apr-2015 |
Chad Brubaker <cbrubaker@google.com> |
Move auth token checking to begin Auth tokens will now be checked on begin and then used for all subsequent calls for that operation, this means that things like auth timeouts will only be checked on begin, and operation that starts at timeout - .00001 will now be able to be used to completion. One exception to this is keys that use per operation authorization. Begin for these operations must succeed so that the application gets a handle to authorize. For those keys if the application calls update before authorizing the operation the call will fail. For these keys begin will return OP_AUTH_NEEDED so let the caller know more work is needed before using the operation. (cherry picked from commit aebbfc2ba548064e4f537154bab6ec60dfe4115e) Change-Id: I3da4f93a076c0ed2d8630ca8cd1608e9bad2c2ff
/system/security/keystore/include/keystore/keystore.h
|
17208e0de5a42722901d803118745cca25fd10c1 |
|
04-Sep-2013 |
Kenny Root <kroot@google.com> |
Provide fallback for keymaster implementations Some implementations won't support ECDSA or DSA, so provide a fallback for them by using the softkeymaster implementation. This will allow us to universally support ECDSA and DSA on all platforms regardless of HAL version. Bug: 10600582 Change-Id: Ib842816cc1415ec00abb7d22c8e9b6bbe58f6a86
/system/security/keystore/include/keystore/keystore.h
|
0c540aad5915e6aa34345049be96f28b64d0e84c |
|
03-Apr-2013 |
Kenny Root <kroot@google.com> |
keystore: Add flag for blobs to be unencrypted In order to let apps use keystore more productively, make the blob encryption optional. As more hardware-assisted keystores (i.e., hardware that has a Keymaster HAL) come around, encrypting blobs start to make less sense since the thing it's encrypting is usually a token and not any raw key material. Bug: 8122243 Change-Id: I7d70122beb32b59f06a923ade93234393b75a2cd
/system/security/keystore/include/keystore/keystore.h
|
07438c8d7256d3788dac323b4d0055f201e0bec9 |
|
02-Nov-2012 |
Kenny Root <kroot@google.com> |
Switch keystore to binder Change-Id: I6dacdc43bcc1a56e47655e37e825ee6a205eb56b
/system/security/keystore/include/keystore/keystore.h
|