3876b1be27e3aefde9a72eb2e4f856e94fc5f946 |
|
09-Sep-2015 |
Alex Klyubin <klyubin@google.com> |
Support cross-UID access from AndroidKeyStore. This is meant for exposing the pre-existing cross-UID access to keys backed by the keystore service via higher-level JCA API. For example, this lets system_server use Wi-Fi or VPN UID keys via JCA API. To obtain a JCA AndroidKeyStore KeyStore for another UID, use the hidden system API AndroidKeyStoreProvider.getKeyStoreForUid(uid). To generate a key owned by another UID, invoke setUid(uid) on KeyGenParameterSpec.Builder. This CL does not change the security policy, such as which UID can access/modify which UIDs' keys. The policy is that only certain system UIDs are permitted to access keys of certain other system UIDs. Bug: 23978113 Change-Id: Ie381530f41dc41c50d52f675fb9e68bc87c006de
/frameworks/base/keystore/java/android/security/keystore/AndroidKeyStoreKeyFactorySpi.java
|
6f2eb6d7a642b842976f5eeac2733b6f7e128711 |
|
14-Jul-2015 |
Alex Klyubin <klyubin@google.com> |
Fix Android Keystore key factories to obey JCA contract. Android Keystore provider's KeyFactory and SecretKeyFactory implementations were throwing UnsupportedOperationException instead of InvalidKeyException/InvalidKeySpecException from their translateKey/generateKey methods. Bug: 22459811 Change-Id: I6d5a5dc1bed724e858ad324d558b7480b9b848da
/frameworks/base/keystore/java/android/security/keystore/AndroidKeyStoreKeyFactorySpi.java
|
7ecb298c6d5a4af561ed98dbc0ff4040132d01d5 |
|
23-Jun-2015 |
Alex Klyubin <klyubin@google.com> |
Fix typo in Android Keystore KeyFactory exception message. The typo was pointed out by kroot@ in code review of 4ecd092226fbd748b4a26f3bbb5c4d25a3488fff after it was submitted. Bug: 18088752 Change-Id: I50d2fa93e1a2d352fe432e34ce98add82a71c483
/frameworks/base/keystore/java/android/security/keystore/AndroidKeyStoreKeyFactorySpi.java
|
4ecd092226fbd748b4a26f3bbb5c4d25a3488fff |
|
18-Jun-2015 |
Alex Klyubin <klyubin@google.com> |
Support more KeySpecs in Android Keystore KeyFactory. This adds support obtaining RSAPublicKeySpec, ECPublicKeySpec, X509EncodedKeySpec from Android Keystore public keys. Using a KeyFactory to obtain such specs is the endorsed way for obtaining algorithm-specific parameters or X.509 encoding of PublicKey instances. Bug: 18088752 Change-Id: I2c653238e3c89d9cfc97bea6c8a0ef0c6d039385
/frameworks/base/keystore/java/android/security/keystore/AndroidKeyStoreKeyFactorySpi.java
|
97a27a73e6c5f5800303596ceebf314d90429d35 |
|
04-Jun-2015 |
Alex Klyubin <klyubin@google.com> |
Export KeyFactory backed by Android Keystore. The KeyFactory can be used to obtain information (KeyInfo) about Android Keystore private keys. Bug: 18088752 Change-Id: Ied1a69928f391537de6765cef7dc7d7241cf62bb
/frameworks/base/keystore/java/android/security/keystore/AndroidKeyStoreKeyFactorySpi.java
|