| a95550f8016bbb0dba086dbd73eec63e6cdbbe98 |
|
17-Jul-2015 |
Alex Klyubin <klyubin@google.com> |
Add KM_MIN_MAC_LENGTH tag to HMAC and AES-GCM keys.
This makes Android Keystore add the KM_MIN_MAC_LENGTH tag to generated
and imported HMAC and AES-GCM keys. This tag specifies the minimum
length of the MAC/authentication tag authorized to be used for the
key.
For HMAC keys the minimum MAC length is set to the length of the
digest associated with the key (HMAC keys are authorized for exactly
one digest). For AES keys the minimum authetication tag length is set
to 96 bit. This is the minimum supported by Android Keystore's AES-GCM
implementation.
Bug: 22337277
Change-Id: Ic6e47cf084734d1592788dc58088889f7fff74eb
/frameworks/base/keystore/java/android/security/keystore/AndroidKeyStoreKeyGeneratorSpi.java
|
| c58153b2d7418f44f2b0e397478be808e91decef |
|
08-Jul-2015 |
Alex Klyubin <klyubin@google.com> |
HMAC keys are authorized for exactly one digest.
This is in preparation for enforcing the minimum length of MACs
which in the case of HMAC keys generated or imported by Android
Keystore will be set to the length of the digest for which the
key is authorized.
Bug: 22337277
Change-Id: I0255d5ba184dabfb6b45d8f32ddadeb84ab7fc19
/frameworks/base/keystore/java/android/security/keystore/AndroidKeyStoreKeyGeneratorSpi.java
|
| b6e628644a981b8077b3755b9def4550ff4a46a0 |
|
06-Jul-2015 |
Alex Klyubin <klyubin@google.com> |
Avoid IllegalStateException when generating/importing keys.
This avoids IllegalStateException when generating/importing keys which
require user authentication when the system is not configured to
generate/import such keys (e.g., secure lock screen not set up).
The documentation states that before generating/importing such keys
apps should check (using public API) whether the system is in a
suitable state. However, some apps are not doing that and instead
catching the IllegalStateException thrown during key
generation/import. This is a bad practice because this exception is an
undocumented implementation detail and should thus not be depended
upon.
This CL addresses this issue as follows:
1. Key(Pair)Generator.init now throws a checked
InvalidAlgorithmParameterException when the system is in a wrong
state. Because in most uses of Key(Pair)Generator .init is
immediately followed by .generate, this prevents .generate from
encountering this state and does so using a checked exception
which is part of public API.
2. Key import rethrows the IllegalStateException as a checked
KeyStoreException which is meant to be thrown if the key cannot be
imported for any reason. Key(Pair)Generator.generate unfortunately
cannot throw any checked exceptions and thus has to continue
throwing unchecked exceptions.
Bug: 22262809
Change-Id: Ic0f7b7a90e0ba63df9139c79b80a8649d2645d2a
/frameworks/base/keystore/java/android/security/keystore/AndroidKeyStoreKeyGeneratorSpi.java
|
| ae6cb7aad56bb006769cd8a69b92af7236644fc1 |
|
23-Jun-2015 |
Alex Klyubin <klyubin@google.com> |
Keymaster INT, LONG and DATE tag values are unsigned.
This CL ensures that Android Keystore framework code complies with
signedness of keymaster tags. In particular:
* INT tags are unsigned 32-bit numbers, and
* LONG and DATE tags are unsigned 64-bit numbers.
The ensure compliance, KeymasterArguments and KeyCharacteristics
classes through which Android Keystore interacts with Keymaster tags
have been modified as follows:
* ENUM and INT tags which used to be conflated are now added/queried
via separate methods, because ENUM can remain represented as an int
data type whereas INT is now represented as a long data type with
permitted range being [0; 2^32).
* Methods for adding/quering LONG tags have been switched from the long
data type to the BigInteger data type and now ensure that the value
is in the permitted [0; 2^63).
* Methods for adding/querying DATE tags now ensure the Date value is
in the permitted range [0; 2^63) ms since Unix epoch.
* Methods for adding tags throw an IllegalArgumentException if the tag
type is unsuitable for the method. This is to ensure that tags with
invalid values cannot be added through similar methods (e.g., INT tag
added via an ENUM tag addition method invoked with a negative value).
Bug: 22008538
Change-Id: I6eefd5cbb561cc52d27de952691af4d9d5e1af1e
/frameworks/base/keystore/java/android/security/keystore/AndroidKeyStoreKeyGeneratorSpi.java
|
| d6c7799b9a8b00d160a1d2d32c7326132cbc7b7b |
|
23-Jun-2015 |
Alex Klyubin <klyubin@google.com> |
Keymaster key validity dates are optional.
This CL makes Android Keystore framework code add
KM_TAG_ACTIVE_DATETIME, KM_TAG_ORIGINATION_EXPIRE_DATETIME, and
KM_TAG_USAGE_EXPIRE_DATETIME tags to the authorizations set only
if the corresponding time instants were specified through the
framework-level API. This is fine because these tags are optional as
it turns out.
Bug: 18088752
Change-Id: I6a5ae4cadb441e61576231815e6bec6e9248bc72
/frameworks/base/keystore/java/android/security/keystore/AndroidKeyStoreKeyGeneratorSpi.java
|
| 3ceb1a04b44539c2b2c3afec6df487fe128911f2 |
|
06-Jun-2015 |
Alex Klyubin <klyubin@google.com> |
Switch Android Keystore key gen and import to new KeyStore API.
This makes Android Keystore's asymmetric key generation and import
use the new KeyStore API (similar to keymaster 1.0 API).
Because the resulting private keys will be used through
Conscrypt/keystore-engine which uses the old Keystore API, this CL
implements a temporary workaround where all generated and imported
keys are authorized for padding NONE and digest NONE, in addition to
padding schemes and digests requested by the user of the Android
Keystore API. This workaround is needed because keystore-engine uses
digest NONE and padding NONE for all its crypto operations.
Bug: 18088752
Bug: 20912868
Change-Id: Idc709039d091294265bd000160b5507f13825849
/frameworks/base/keystore/java/android/security/keystore/AndroidKeyStoreKeyGeneratorSpi.java
|
| 4bbfeb4856468271829f7291c3df102746806c83 |
|
04-Jun-2015 |
Alex Klyubin <klyubin@google.com> |
Reliably delete keys if key generation fails.
Bug: 18088752
Change-Id: Iea68f3f96fc872d5628f163a1314ebd080c9d39e
/frameworks/base/keystore/java/android/security/keystore/AndroidKeyStoreKeyGeneratorSpi.java
|
| 96481c3ddc6c58cfcad2a5cb9325ee2b24b0c540 |
|
15-May-2015 |
Alex Klyubin <klyubin@google.com> |
Remove "encrypt at rest" flag from new AndroidKeyStore API.
This flag causes issues such as being unable to generate, import, or
use keys when the user/profile secure lock screen credential hasn't
yet been entered after boot.
Bug: 18088752
Change-Id: I992f6dfdc945bcb83e341356a40dfa7d7bc143d8
/frameworks/base/keystore/java/android/security/keystore/AndroidKeyStoreKeyGeneratorSpi.java
|
| dcdaf87ed0aa99073638bcfe645949f130f0c7ad |
|
14-May-2015 |
Alex Klyubin <klyubin@google.com> |
Move Android Keystore impl to android.security.keystore.
This moves the non-public API classes backing Android Keystore from
android.security to android.security.keystore, a package specially
created for Android Keystore.
Bug: 18088752
Change-Id: Ibf04d6a26c54d310b0501fc5e34f37b1176324ad
/frameworks/base/keystore/java/android/security/keystore/AndroidKeyStoreKeyGeneratorSpi.java
|