| 8effa36ca6440604cf10bbc34fba2b60ff304f54 |
|
25-Jun-2015 |
Alex Klyubin <klyubin@google.com> |
Use standard copyright banner in android/security/keymaster.
Bug: 18088752
Change-Id: I22eec18130cc46222d50481164069e7714154979
/frameworks/base/core/java/android/security/keymaster/KeyCharacteristics.java
|
| ae6cb7aad56bb006769cd8a69b92af7236644fc1 |
|
23-Jun-2015 |
Alex Klyubin <klyubin@google.com> |
Keymaster INT, LONG and DATE tag values are unsigned.
This CL ensures that Android Keystore framework code complies with
signedness of keymaster tags. In particular:
* INT tags are unsigned 32-bit numbers, and
* LONG and DATE tags are unsigned 64-bit numbers.
The ensure compliance, KeymasterArguments and KeyCharacteristics
classes through which Android Keystore interacts with Keymaster tags
have been modified as follows:
* ENUM and INT tags which used to be conflated are now added/queried
via separate methods, because ENUM can remain represented as an int
data type whereas INT is now represented as a long data type with
permitted range being [0; 2^32).
* Methods for adding/quering LONG tags have been switched from the long
data type to the BigInteger data type and now ensure that the value
is in the permitted [0; 2^63).
* Methods for adding/querying DATE tags now ensure the Date value is
in the permitted range [0; 2^63) ms since Unix epoch.
* Methods for adding tags throw an IllegalArgumentException if the tag
type is unsuitable for the method. This is to ensure that tags with
invalid values cannot be added through similar methods (e.g., INT tag
added via an ENUM tag addition method invoked with a negative value).
Bug: 22008538
Change-Id: I6eefd5cbb561cc52d27de952691af4d9d5e1af1e
/frameworks/base/core/java/android/security/keymaster/KeyCharacteristics.java
|
| 708fc9404501ac42b6cac925fe3e10801b5f633b |
|
29-Apr-2015 |
Alex Klyubin <klyubin@google.com> |
Add KeyPermanentlyInvalidatedException.
This enables users of AndroidKeyStore crypto to differentiate between
the key being unusable until the user is authenticated
(UserNotAuthenticatedException) and the key being permanently unusable
(KeyPermanentlyInvalidatedException). The latter is the case when the
secure lock screen has been disabled or reset, and, for keys that
require user authentication for every use, when a new fingerprint is
enrolled or all fingerprints are unenrolled.
NOTE: The KeyPermanentlyInvalidatedException subsumes/replaces the
NewFingerprintEnrolledException which has thus been removed. There
is no way to find out whether a key was permenently invalidated
specifically because a new fingerprint was added.
Bug: 20642549
Bug: 20526234
Change-Id: I0206cd99eef5c605c9c4d6afc5eea02eb3b1fe6b
/frameworks/base/core/java/android/security/keymaster/KeyCharacteristics.java
|
| 1eda77ae2122e2b85084eb429fbeecec0b9962e5 |
|
28-Apr-2015 |
Alex Klyubin <klyubin@google.com> |
Align AndroidKeyStore API with user auth API.
This simplifies the AndroidKeyStore API around user authentication: no
more explicit control over which user authenticators are bound to
which keys.
User-authenticated keys with timeout are unlocked by whatever unlocks
the secure lock screen (currently, password/PIN/pattern or
fingerprint). User-authenticated keys that need authentication for
every use are unlocked by fingerprint only.
Bug: 20526234
Bug: 20642549
Change-Id: I1e5e6c988f32657d820797ad5696797477a9ebe9
/frameworks/base/core/java/android/security/keymaster/KeyCharacteristics.java
|
| 5927c9f1b12f597839a664c1c6593114175cbcd8 |
|
10-Apr-2015 |
Alex Klyubin <klyubin@google.com> |
Use JCA names for block modes, paddings, and digests.
This replaces int-based enums from KeyStoreKeyConstraints with
String values commonly used in JCA API.
As part of under the hood refactoring:
* KeyStoreKeyCharacteristics and KeyStoreKeyConstraints have been
merged into KeyStoreKeyProperties.
* KeymasterUtils methods operating on KeymasterArguments and
KeymasterCharacteristics have been moved to their respective
classes.
Bug: 18088752
Change-Id: I9c8b984cb3c28184adb617e34d87f2837bd1d3a1
/frameworks/base/core/java/android/security/keymaster/KeyCharacteristics.java
|
| 45ff13ea28005b5af0caa80dbdeb09d49bd73faf |
|
21-Jan-2015 |
Chad Brubaker <cbrubaker@google.com> |
Add Keymaster 0.4 binder API
This adds the classes for creating and serializing arguments and results
from keymaster as well as the enum values from
hardware/libhardware/include/hardware/keymaster_defs.h which will be
needed for argument creation as well as converting keymaster error
codes into Java exceptions.
Change-Id: I61046756361d43d9f02eea370c2cbd07c3638ea3
/frameworks/base/core/java/android/security/keymaster/KeyCharacteristics.java
|