ba0d5d01bde427b7d7a22cec84cd9304c00b4e14 |
|
25-Apr-2016 |
Shawn Willden <swillden@google.com> |
Fix SoftKeymaster handling of EC curve specification. Keymaster2 should accept EC curve specification either by key size (as done in KM1) or with the new KM_TAG_EC_CURVE, filling in the other value if not specified, and validating that they match if both are provided. SoftKeymaster doesn't correctly implement this KM2 requirement. Bug: 28365747 Change-Id: I27d98b71730b69bb2f0c2543af6c027b1a5670f1
/system/keymaster/ec_keymaster0_key.cpp
|
fabacaf3e6019804cc8a98a2b8296be1d0125519 |
|
26-Mar-2015 |
Thai Duong <thaidn@google.com> |
ECIES: add ECIES-KEM. This version supports HKDF and ECDH with NIST curves. Change-Id: I5af3215e96bb015049574aa18327cd7f7499dbd3
/system/keymaster/ec_keymaster0_key.cpp
|
1181779c5e6c8627b94067d86db6a2f7d5309674 |
|
23-Nov-2015 |
Shawn Willden <swillden@google.com> |
Revert "ECIES: add ECIES-KEM. This version supports HKDF and ECDH with NIST curves." This reverts commit 41998988331ff38e922a59ef008896beb3145ba0. Change-Id: Ifed6b4e5a69310770373a396271f02da5c9d8934
/system/keymaster/ec_keymaster0_key.cpp
|
41998988331ff38e922a59ef008896beb3145ba0 |
|
26-Mar-2015 |
Thai Duong <thaidn@google.com> |
ECIES: add ECIES-KEM. This version supports HKDF and ECDH with NIST curves. Change-Id: Iea5877eba0a9b13610d3d1b33d04b5657edc3550
/system/keymaster/ec_keymaster0_key.cpp
|
4fc15704d86aab977c2bdbb14345a2c417be2bab |
|
23-Oct-2015 |
Shawn Willden <swillden@google.com> |
Remove unused variables. Change-Id: Ib6adb9242ed8060d6182501784c249c2cd4926f6
/system/keymaster/ec_keymaster0_key.cpp
|
d599b15c0693950bdc72fb867872044fdc484ef5 |
|
28-Jul-2015 |
Shawn Willden <swillden@google.com> |
Do digesting, and sometimes padding, in SW when HW doesnt. The keymaster1 specification only requires HW modules to implement SHA256 out of the list of keymaster1 digest modes. That would force many keys to be software only, and would break legacy scenarios. This change uses SoftKeymasterDevice to front keymaster modules that don't implement the full suite of digests, quietly inserting KM_DIGEST_NONE and KM_PAD_NONE into key generation/import requests when necessary, then performing the digesting, and sometimes padding, in software, then delegating crypto operations to the hardware. This is only done for RSA and EC keys. Software digesting isn't possible for HMAC or AES-GCM keys. Note that this is not the complete fix for the bug. Some changes in keystore are also required, coming in another CL. Bug: 22529223 Change-Id: I740572eb11341fb0659085309da01d5cbcd3854d
/system/keymaster/ec_keymaster0_key.cpp
|
34f09c52b08e654b8b76d9796240a5104c13a4a8 |
|
24-Jul-2015 |
Shawn Willden <swillden@google.com> |
Revert "Revert "Report keymaster0 keys as hardware-backed, origin unknown."" This reverts commit 0e0cea3bc8aea903a50c1ee18e9f3309e9f67515. Bug: 22511313 Change-Id: I9c31b8ef604d961e20652c69498324b9dfce5911
/system/keymaster/ec_keymaster0_key.cpp
|
0e0cea3bc8aea903a50c1ee18e9f3309e9f67515 |
|
23-Jul-2015 |
Shawn Willden <swillden@google.com> |
Revert "Report keymaster0 keys as hardware-backed, origin unknown." This reverts commit 9972a539acb4d17368ee607465d61b48acd71bde. Change-Id: Id5beb9c8ae8f3b106adc5f5e62eca0194b926be8
/system/keymaster/ec_keymaster0_key.cpp
|
9972a539acb4d17368ee607465d61b48acd71bde |
|
16-Jul-2015 |
Shawn Willden <swillden@google.com> |
Report keymaster0 keys as hardware-backed, origin unknown. Bug: 22511313 Change-Id: I699df8010e27a546b2186896890c0099bfb149ae
/system/keymaster/ec_keymaster0_key.cpp
|
0f906ec40f6ade7955c6b967ea522aade54ea2e4 |
|
20-Jun-2015 |
Shawn Willden <swillden@google.com> |
Add buffer wrap checks and disable throwing of std::bad_alloc. Android is built with exceptions disabled, but "operator new" and "operator new[]" still throw std::bad_alloc on failure rather than returning new. In general this is a good thing, because it will cause an immediate crash of the process rather than assigning a null pointer which is probably not checked. But most memory allocations in Keymaster are checked, because it's written to run in an environment where new does *not* throw. This CL updates the code to explicitly use the non-throwing new. A handful of throwing news remain, but only in places where a crash on failure is appropriate. In addition, this CL also inserts buffer wrap checks in key locations and changes the development-machine Makefile to build in 32-bit mode, to make memory problems more apparent. Bug: 21888473 Change-Id: I8ebc5ec12053e4f5274f6f57ce312abc10611cef
/system/keymaster/ec_keymaster0_key.cpp
|
398c158a0206217025f327c2d26bb6c86659f5a0 |
|
28-May-2015 |
Shawn Willden <swillden@google.com> |
Move assymetric key factory declarations to includes. This exposes EcKeyFactory and RsaKeyFactory so they can be used for constructing the Trusty KeymasterContext. Note that there are no code changes, just reorganization. Change-Id: I8e8e068fb875f9d9c5c35320a545347dc33bc507
/system/keymaster/ec_keymaster0_key.cpp
|
0629810b145187575bc26c910dded0d24c64569d |
|
26-May-2015 |
Shawn Willden <swillden@google.com> |
Another refactor, deleting AbstractFactoryRegistry. I should have known better than to make these singletons to begin with. Globals create problems. This undoes that mistake. Change-Id: Idf61d5f72e3c34b5c4ddb27cc94b05f506561743
/system/keymaster/ec_keymaster0_key.cpp
|
6270aca8571399aca8ea538acd7386ddecdcc112 |
|
26-May-2015 |
Shawn Willden <swillden@google.com> |
Delegate ECDSA keys to keymaster0 in SoftKeymasterDevice. Bug: 20912868 Change-Id: If63899e3244aed45d939d0165e6d94a1caa9d220
/system/keymaster/ec_keymaster0_key.cpp
|