c1d1feee514e6138e1ed8ff924f5453ba8e1408a |
|
27-Jan-2016 |
Shawn Willden <swillden@google.com> |
Refactor keystore. This CL isn't nearly as big as it looks. It doesn't change keystore functionality, it just moves all of the classes out of the former keystore.cpp into their own .h and .cpp files. Note that this is a cherry-pick from: https://android-review.googlesource.com/#/c/194971 Change-Id: Ide326c4f1d03984994d1bd9a76fa68d37da230dc
/system/security/keystore/auth_token_table.h
|
b2ffa420da26414379b31807eec76ec8c9f3b0a9 |
|
17-Jun-2015 |
Shawn Willden <swillden@google.com> |
Don't check authorizations for pubkey operations. Bug: 21877150 Change-Id: I43dafb66fc3246f4d8e3bf4743fbdcbe072468d1
/system/security/keystore/auth_token_table.h
|
0bdad21c560552ec324733fb5db734fec204a2e9 |
|
19-May-2015 |
Shawn Willden <swillden@google.com> |
Remove references to Google in Android keymaster. Also, remove unneeded inclusion of key_blob.h. Change-Id: I05de61353fc806b90232fab7c1d1cf76aefa35fc
/system/security/keystore/auth_token_table.h
|
bbc7648d285f67b898d24d307b011fb676ba6643 |
|
17-Apr-2015 |
Chad Brubaker <cbrubaker@google.com> |
Flush the auth token table on resetUid This prevents old stale auth tokens from sticking around after clearing. Change-Id: I92e48b6d8cdba92cbc70f718cb45a4d96bd12900
/system/security/keystore/auth_token_table.h
|
ad6514ab7a57504aa3b04bcc383f60940b923710 |
|
09-Apr-2015 |
Chad Brubaker <cbrubaker@google.com> |
Store the key characteristics for operations Instead of storing the key blob and parsing the characteristics out, which some implementations might not support, instead call get characteristics on begin and store that result for subsequent auth calls. Change-Id: I75e39ee28cc440e4ed411b2daaa2744085e1aa12
/system/security/keystore/auth_token_table.h
|
06801e0a7ccabbe8f22cff29b7edb7c7d02d7692 |
|
01-Apr-2015 |
Chad Brubaker <cbrubaker@google.com> |
Add auth token fetching Auth tokens are now fetched from the table in begin update and finish if needed. Begin will not fail on a missing/expired auth token since some authorization requires a valid operation handle. This doesn't yet do any enforcement of the token beyond what the auth token table does, that should happen in the keymaster auth code when it is done. This also includes the key in the operation map since authorization works based off that and not the handle. Change-Id: I62a395b74a925b819f4cde75ae3bfab8b8928cd1
/system/security/keystore/auth_token_table.h
|
489dfe1f3dbdb9377debce826e37294d48fe6754 |
|
17-Mar-2015 |
Shawn Willden <swillden@google.com> |
Add AuthTokenTable. Keystore will use this to manage authentication tokens and identify the correct one to be submitted to keymaster to authorize an authentication-requiring operation. Bug: 19511945 Change-Id: Ie6d2db4bebfa3734e535498d20928b8f8965963c
/system/security/keystore/auth_token_table.h
|