d599b15c0693950bdc72fb867872044fdc484ef5 |
|
28-Jul-2015 |
Shawn Willden <swillden@google.com> |
Do digesting, and sometimes padding, in SW when HW doesnt. The keymaster1 specification only requires HW modules to implement SHA256 out of the list of keymaster1 digest modes. That would force many keys to be software only, and would break legacy scenarios. This change uses SoftKeymasterDevice to front keymaster modules that don't implement the full suite of digests, quietly inserting KM_DIGEST_NONE and KM_PAD_NONE into key generation/import requests when necessary, then performing the digesting, and sometimes padding, in software, then delegating crypto operations to the hardware. This is only done for RSA and EC keys. Software digesting isn't possible for HMAC or AES-GCM keys. Note that this is not the complete fix for the bug. Some changes in keystore are also required, coming in another CL. Bug: 22529223 Change-Id: I740572eb11341fb0659085309da01d5cbcd3854d
/system/keymaster/include/keymaster/logger.h
|
de7e66c3692073eb967f01cc8281441709701e2d |
|
23-May-2015 |
Shawn Willden <swillden@google.com> |
Change handling of debug log statments in non-debug builds. The previous way had a problem when used in statments like: if (foo) LOG_D(...); When built without debugging, this became: if (foo) ; Which is sort of okay, but the compiler complains. The new way also has the advantage that the compiler always sees and checks the log arguments. Given that it ends up compiling something like: do { if (0) Logger::Debug(...); } while (0); It should optimize the entire block out, and should even discard the literal string used for the format. So it's better all around. Change-Id: I895141077f627a2d08dcb0d7d2d0799067a2c957
/system/keymaster/include/keymaster/logger.h
|
f35e8eea72e61a383bcbcbe204ff5628ae3bd4ac |
|
17-Mar-2015 |
Shawn Willden <swillden@google.com> |
Remove obsolete keymaster logger methods. Change-Id: I27415d026577b6e309071313303334d9470a5ce7
/system/keymaster/include/keymaster/logger.h
|
538b0654fd5096841e12da15271c74429a37be18 |
|
31-Dec-2014 |
Shawn Willden <swillden@google.com> |
Refactor logging, to stop passing Logger references everywhere. Change-Id: I9380c21872710743413ca6a4340ae19f58b1e983
/system/keymaster/include/keymaster/logger.h
|
6f0b72fd8b0ea5c52d62dc5853318509b69db076 |
|
11-Sep-2014 |
Shawn Willden <swillden@google.com> |
Remove the keymaster::Logger::log() method and add debug(). Also, have the logger provide newlines, so every caller doesn't have to. Change-Id: I9f009e7c2d5c686a0ca97e10daef92a846a57d9a
/system/keymaster/include/keymaster/logger.h
|
0a4df7e3a83a59e4a5abc3f605d7d7e9f636c682 |
|
29-Aug-2014 |
Shawn Willden <swillden@google.com> |
Add GoogleKeymaster implementation. Squashed commit of the following: commit 83804621f399f4bcab9281c0eecfcbefe56b054e Author: Shawn Willden <swillden@google.com> Date: Thu Aug 28 13:47:40 2014 -0600 Add more logging methods, to distinguish message priorities. Change-Id: I2308af04eb699fb896d3e701a659945451304ddf commit 2241bf042c54aa5099bbb99a76e9de0162b92d07 Author: Shawn Willden <swillden@google.com> Date: Thu Aug 28 09:59:53 2014 -0600 Make keymaster_key_blob_t key_material const, to help prevent accidental modification. Change-Id: I505779ed677730d72c310fca1626b1093c71e90d commit c0c85cf5104f698054d59b28c68f0461ebec2233 Author: Shawn Willden <swillden@google.com> Date: Wed Aug 27 19:56:43 2014 -0600 Make GoogleKeymaster's logger public. Change-Id: Idbe17e6b6ae7ab403d199323b8e20979a2e56c97 commit e46a43f403ba4fa66c505684ac173c1fa7c35584 Author: Shawn Willden <swillden@google.com> Date: Wed Aug 27 10:35:36 2014 -0600 Add some test TODOs Change-Id: Id209182f0d153d67dca09846be4df5ef02b74cf2 commit 81effc68a04810b76f0b10594d92df4ffbf35c6c Author: Shawn Willden <swillden@google.com> Date: Wed Aug 27 10:08:46 2014 -0600 Finish key import implementation. This is the last bit of GoogleKeymaster that remained incomplete (for the v0.3 functionality). Change-Id: I27be52ae032883c004b2df21f0c7b229af512922 commit 368bc7749eaa2e1321d552e45a96d83b5500ba47 Author: Shawn Willden <swillden@google.com> Date: Wed Aug 27 06:45:34 2014 -0600 Move key_blob.h in to include/keymaster, to export it. Change-Id: If28db94840557e6ca3019b7bcf7b5f29f0ff6cf7 commit b3407024ccfec72831a76b9772a496ab81fc33ce Author: Shawn Willden <swillden@google.com> Date: Wed Aug 27 06:30:52 2014 -0600 Fix minor bug in operations. Note that this bug isn't exposed by the v0.3 API, since it doesn't allow multi-step signing/verification operations. Change-Id: I18554e7e1017ed83d3708c134f72cf1d34857437 commit 960dd0749380857988c07d40feae7f252bb2209a Author: Shawn Willden <swillden@google.com> Date: Tue Aug 26 17:24:28 2014 -0600 Define remaining commands. Change-Id: Ic68f172efa2b401bee1dcf14cbb94f72b86b31ae commit 98d9b92547a9a7553b99e3e941a4175926f95b62 Author: Shawn Willden <swillden@google.com> Date: Tue Aug 26 08:14:10 2014 -0600 Reorganize system/keymaster. This CL moves the includes that should be exported to include/ and removes the trusty-specific code (some of which is moving to hardware/google and some of which is moving to the trusty tree.) Change-Id: Ie4fabf6b5c5f36b50c2f5ff356548ca2e9140fcb commit 407d41282d6b0a7f2d6e2826d44a58b016a5d844 Author: Shawn Willden <swillden@google.com> Date: Mon Aug 25 16:49:13 2014 -0600 Implement TrustyKeymaster key generation, plus tests. Change-Id: I085be101c735d136e7d5b2915a9510102722e695 commit 2f3be368e5ad911cc0b014421dd3682130260ffc Author: Shawn Willden <swillden@google.com> Date: Mon Aug 25 11:31:39 2014 -0600 Add the beginnings of logging infrastructure. Change-Id: Ic36134402bfbb098d2242c463a3b4265d1d65209 commit f2282b3c6690ccfaa7878886f01693ef4f0b3bed Author: Shawn Willden <swillden@google.com> Date: Mon Aug 25 06:49:54 2014 -0600 Add some "fuzzing" tests for deserialization, and fixes for all of the problems discovered. Change-Id: I050344f6c6d0a19b7f3304d23729b4ca71c05042 commit b663b61f00b1a51a2535520aa726f788fffdf34b Author: Shawn Willden <swillden@google.com> Date: Thu Aug 21 18:54:45 2014 -0600 Fix OTE bug for keymaster. Change-Id: I71d222ad9ed54098492dcc7b7f16d7c72d42923d commit 2a4a48d51a057b33f83f09efae09bb354ec6a801 Author: Shawn Willden <swillden@google.com> Date: Thu Aug 21 16:04:53 2014 -0600 Remove unused variable. Change-Id: I6327f2092c23bd7aaae8aeda48915c3ac9259080 commit 5acebf56729f1307c4971a601ab38f6a320d0562 Author: Shawn Willden <swillden@google.com> Date: Thu Aug 21 15:46:35 2014 -0600 Allow GoogleKeymaster caller to specify creation time, since Trusty can't. Change-Id: Ia843704da726521f36ff4b954dcc6c1b6286f7be commit 81d3b4fe9a86bae8bac2fb98877af04f39d11250 Author: Shawn Willden <swillden@google.com> Date: Thu Aug 21 12:16:26 2014 -0600 Modify to be keymaster v0.3 compatible and add some debugging output. Change-Id: Idc3e15b1af57fa9ddbdfc3a46f32f100b146fd83 commit 235cd7e70389c42ce26b832ad8ddcfefbc812fb7 Author: Shawn Willden <swillden@google.com> Date: Wed Aug 20 17:37:08 2014 -0600 Remove Android.mk to unbreak AOSP build. Change-Id: I9f78fee36874ff3681b3cc55c2081c1cae8cb343 commit 62de26672193373972f2ce968b51cf8335f118f9 Author: Shawn Willden <swillden@google.com> Date: Wed Aug 20 14:14:49 2014 -0600 Trusty test app. Note that this code is in the wrong place. The right place is still begin created so I'm putting them here for now. We'll move them when it's ready. Change-Id: Iab7384a531fd4a935dbeef0aebf2652eb06f6e03 commit 437fbd195e7de57b7dc0c449c04458bd90ef50de Author: Shawn Willden <swillden@google.com> Date: Wed Aug 20 11:59:49 2014 -0600 Add key importing, RSA only. Change-Id: I639e797939a28b2b2a815541c9926dc194657c54 commit 060e9b04445f91db31b2b412f944aa402b9e1a8d Author: Shawn Willden <swillden@google.com> Date: Tue Aug 19 20:27:45 2014 -0600 Make keymaster_defs.h compatible with v0.3 keymaster.h. Change-Id: I53ae63c9fec3cc7131a1f1373e8bf4448252cc79 commit 3d3e1d388480a2c242a39f4bc5adf000728c8da5 Author: Shawn Willden <swillden@google.com> Date: Tue Aug 19 16:28:25 2014 -0600 Add *.massif to .gitignore. Change-Id: I77be33411f2cef6e0a2046489a8c153985b8040f commit f268d742dbefe0e84b4046db7669c4ffbc110f7d Author: Shawn Willden <swillden@google.com> Date: Tue Aug 19 15:36:26 2014 -0600 Refactor export to use new key infrastructure, and work with all key types. Change-Id: Ie1f621f9db855665d57cde93c24881415de33ca2 commit d67afae61f822463120c36fea846362450dd7d71 Author: Shawn Willden <swillden@google.com> Date: Tue Aug 19 12:36:27 2014 -0600 Refactor key and operation details. Change-Id: I80267e6184955ecd98b08ceab91f4afd50c67614 commit 370121346777e13437c275fbe7a975d899cc325c Author: Shawn Willden <swillden@google.com> Date: Tue Aug 19 08:15:57 2014 -0600 Added AuthorizationSet push_back method that takes a set. This is needed for some key refactoring work. Also did some AuthorizationSet refactoring here. Change-Id: I681a2793838c1d68b22dc2a39258c30d7ab117bc commit ffd790c9846b93d0af7b28b1998a9f8f8aa076a4 Author: Shawn Willden <swillden@google.com> Date: Mon Aug 18 21:20:06 2014 -0600 Add key export, RSA only. (rileyspahn@google.com implemented). Change-Id: I55c3497a1dc5360bfc8518a388b73776388a47e4 commit 5ac2f8ff7c82d2b5c2dd17273ce58c7806df0ec2 Author: Shawn Willden <swillden@google.com> Date: Mon Aug 18 15:33:10 2014 -0600 Add ECDSA signing and verification. Change-Id: Ic5345ebe6e79e3ee764c3a729dc551c61b87c79b commit c3864dde9ffa9a52bb60802664e1cab1de5c0287 Author: Shawn Willden <swillden@google.com> Date: Mon Aug 18 15:20:01 2014 -0600 Add ECDSA key generation. Change-Id: I68a1d46e617124a8ccb7a4b2c09baae89603a5e0 commit 5b41ca2d7f106cc49315a8ecbac2f51fb445fb57 Author: Shawn Willden <swillden@google.com> Date: Mon Aug 18 14:29:14 2014 -0600 Implement DSA signing and verification. Change-Id: I22a1c4518bcd393d1183e10a906600488ec8e9c8 commit 61644f3d8a7f2374fd579cdeb76e841d4bc0efe0 Author: Shawn Willden <swillden@google.com> Date: Mon Aug 18 13:43:14 2014 -0600 Small refactor of signing/verification tests, to facilitate DSA testing. Change-Id: I68a8f83d85993f320a0e05e39cefc56bb2823b7d commit 28e41475a2559824a0f3f2c850ed92a65c586f95 Author: Shawn Willden <swillden@google.com> Date: Mon Aug 18 13:35:22 2014 -0600 Add DSA key generation. Also refactor RSA key generation a bit. Change-Id: I838ff58210f0a3be41f04c7e945e998751fca9f5 commit 802bb29cc190fb610367fdb7236ef9c2e93826f2 Author: Shawn Willden <swillden@google.com> Date: Mon Aug 18 10:46:29 2014 -0600 Refactor GoogleKeymaster to move openssl RSA key-generation operations to RsaOperation. Change-Id: Id6c66bd431cf3f8895113108027920ffafef578b commit da8485ea42e53839579575ec9fc2b49f7cf1a1f9 Author: Shawn Willden <swillden@google.com> Date: Sun Aug 17 08:00:01 2014 -0600 Flesh out all remaining message structures, with serialization. Still didn't implement recsoping messages, since they're not relevant for 0.3. Change-Id: Ia05a04349ff0329557b01d14f6c501540cc74439 commit 172f8c9be706e27f43022063bbc7f4b0177583ac Author: Shawn Willden <swillden@google.com> Date: Sun Aug 17 07:50:34 2014 -0600 Housekeeping CL. Make variable names and formatting more consistent. Also, add doxygen comments to Serializable. Change-Id: I24ff138611111acf96112be74a04cc35f04908e0 commit 43e999eed16a78cb6d48f1dfd11b33dee4d80a1a Author: Shawn Willden <swillden@google.com> Date: Wed Aug 13 13:29:50 2014 -0600 Add RSA verification. Change-Id: Ie9ac37dba7ead62b0ca17054bbf6d2744cea5946 commit 1615f2ecf2537db7b302eb9b5be4394f711fd815 Author: Shawn Willden <swillden@google.com> Date: Wed Aug 13 10:37:40 2014 -0600 Add RSA signing support. Change-Id: Icdcbd978d58c8764618b995571d1e8b649959ef0 commit 60ebf8e49977683bc8cabe4609ce8b0405db7711 Author: Shawn Willden <swillden@google.com> Date: Tue Aug 12 11:43:10 2014 -0600 Change to enable KEYMASTER_NAME_TAGS globally. Selectively changing the size of the TypedTag structure causes subtle problems when inlining is disabled (e.g. -O0). Change-Id: I7f87a5a34eb574b0adaa8492f51fbcf2b172b4ca commit ebf627f0b50c0979e6cf53668464297703371eba Author: Shawn Willden <swillden@google.com> Date: Tue Aug 12 11:15:29 2014 -0600 Allow building tests with Clang, and fix some bugs Clang diagnosed. Change-Id: Ie213deadabdb9c84d4ea1d2f69b1beaa87165717 commit 7b83f18c17b5820f8fcc177fc58eb34cf7ef6d05 Author: Shawn Willden <swillden@google.com> Date: Tue Aug 12 07:35:37 2014 -0600 Add .gitignore. Change-Id: I08e9599c699debaddf815e9f65a781920c241e47 commit 7636471bd1c553ac179f0dddc17133491d0e1faf Author: Shawn Willden <swillden@google.com> Date: Mon Aug 11 17:48:04 2014 -0600 Implement GetKeyCharacteristics. Still need to add serialization to the messages. Change-Id: I572c48474bf4d4f553d53cad475b57fa8937a02a commit 74aff357261879dfa8366528a42c59b042c7bd05 Author: Shawn Willden <swillden@google.com> Date: Mon Aug 11 14:08:31 2014 -0600 Implement and use secure memset to clear sensitive buffers. Ordinary memset can be optimized away, leaking sensitive data to other processes. Change-Id: If4b51e342ef1f21d7e5fa8907bb0534b17bf295b commit 39b970bea81461af88f83e1c2329eb1b0f4d2e73 Author: Shawn Willden <swillden@google.com> Date: Mon Aug 11 09:11:21 2014 -0600 Handle "hidden" authorization tags correctly. Change-Id: I9fa18f8ab465a2faa0f358e12f72daf18ca02fe7 commit 834e80747cbb960f8a4028c5c8604bf5218ecdb9 Author: Shawn Willden <swillden@google.com> Date: Sat Aug 9 16:38:53 2014 -0600 Improve authorization_set test coverage. Change-Id: I8dd1830db8c19be07cef768c63c9ecfa3e16ae21 commit 8d336ae10df66da4c0433f17c2d42e85baea32c5 Author: Shawn Willden <swillden@google.com> Date: Sat Aug 9 15:47:05 2014 -0600 Change authorization set serialization approach to ensure that 32 vs 64 bit size and alignment differences don't cause problems. Change-Id: I4a308cfac782161db2f1456adb2d6a56537e61f1 commit 4db3fbdda292c0c3120dfe160c1b49670aa18600 Author: Shawn Willden <swillden@google.com> Date: Fri Aug 8 22:13:44 2014 -0600 Refactor and expand KeyBlob capabilities. KeyBlob's responsibilities have grown, it makes sense to make it a first-class class, and to use the Serializable infrastructure. Change-Id: I76a8dac5b4b4fe47d6677c27ab9eba2755f02dfe commit 58e1a5486219a1be9264d4e863a9dd3e393906c3 Author: Shawn Willden <swillden@google.com> Date: Fri Aug 8 21:58:29 2014 -0600 Eliminate in-place serialization. Not doing in-place serialization will result in greater heap consumption, but eliminates many alignment-related issues. Given more time, I'd prefer to solve the alignment issues by computing and inserting appropriate padding, but we don't have the time. Change-Id: I86e4bdf57263db26c73372ae2963f21c5f5f00aa commit 301646f55214ed693e79c7869d54033a74641907 Author: Shawn Willden <swillden@google.com> Date: Fri Aug 8 21:44:10 2014 -0600 Correct the rest of the #include guard defines. Change-Id: I8f2bf58f2bebb3f06ae4cd0f90f79d85acd42155 commit b10f3b26af1e3b382d9ef361b3eb5279d16a9c05 Author: Shawn Willden <swillden@google.com> Date: Thu Aug 7 08:11:51 2014 -0600 Correct #include guard defines. Change-Id: Ie05c78490f6f3fe8c194cc00c0c87e117508054d commit 3879f8641d044cf53f4163dc5c46a1399006eb03 Author: Shawn Willden <swillden@google.com> Date: Wed Aug 6 14:40:48 2014 -0600 Fix inclusion error. Change-Id: I8f49b7e1547575e0bc4616836ed00d6e02c22879 commit f5bebad1ce284d8df37d3469f6b93ecc1522741c Author: Shawn Willden <swillden@google.com> Date: Wed Aug 6 14:17:53 2014 -0600 Put keymaster_defs.h in system/keymaster. This file will eventually live in hardware/libhardware/include/hardware, but for now it's convenient to have it here. Change-Id: Ia25b59f905db5a54c2e69b5fb745dbd08d0fe303 commit 128ffe07c723d8ffe2d5ea528ba5f64436c8a55a Author: Shawn Willden <swillden@google.com> Date: Wed Aug 6 12:31:33 2014 -0600 Add GoogleKeymaster. Very incomplete. Change-Id: I53542c7132bd1a04afee93f3247b88ed7ed0bedc commit 5ada7b6c525d2bfd5b556a698ccb11db23e052bb Author: Shawn Willden <swillden@google.com> Date: Tue Jul 29 09:44:17 2014 -0600 Add AuthorizationSet class and some supporting utils and a Makefile for running tests on the dev machine. Change-Id: I608e660854ace71409dd8bb5395d83dcfbf803c0 commit 7a70abbf29293b30bb1e7ed3a58deb40f8774a53 Author: Bill Yi <byi@google.com> Date: Mon Jul 28 21:38:52 2014 +0000 Initial empty repository Change-Id: I199c7a0ca076cfdaba1fecf6109d573f3dca5801
/system/keymaster/include/keymaster/logger.h
|