Cross Reference: /system/keymaster/aes

History log of /system/keymaster/aes_operation.cpp
Revision	Date	Author	Comments (<<< Hide modified files) (Show modified files >>>)
cb647fec03f71929fd316d2b8f0750f7b24824f3	27-Jan-2016	Shawn Willden <swillden@google.com>	Support input to "finish()" in AndroidKeymaster operations. This CL does not yet take advantage of the simplifications that allowing input to finish() provides. That will require updating the Java layer first, to remove some assumptions and code that assume update() must eventually consume all input. Change-Id: Ie85896027a1d55ddec06750d19addbb1f5e462c8 /system/keymaster/aes_operation.cpp
4fc15704d86aab977c2bdbb14345a2c417be2bab	23-Oct-2015	Shawn Willden <swillden@google.com>	Remove unused variables. Change-Id: Ib6adb9242ed8060d6182501784c249c2cd4926f6 /system/keymaster/aes_operation.cpp
33ab0389e908b98702806c746e7babc0d46eb452	08-Jul-2015	Shawn Willden <swillden@google.com>	Add support for KM_TAG_MIN_MAC_LENGTH. HMAC and AES-GCM keys must be bound to a mininum MAC/tag length at creation, and operations may not specify a length smaller than the minimum, or provide a length smaller than the minimum during verification. Bug: 22337277 Change-Id: Id5ae2f4259045ba1418c28e9de8f4a47e67fd433 /system/keymaster/aes_operation.cpp
e23a2c91145e2294915e5d0cc5d7591c1aa82aca	06-Jul-2015	Shawn Willden <swillden@google.com>	Fix enforcement of block mode and MAC length on AES ops Bug: 22301168 Change-Id: I54b4efffa1786b08704dd6e785360870f155ed80 /system/keymaster/aes_operation.cpp
5532a085818bdf27ede33c9199024b86023e5961	01-Jul-2015	Shawn Willden <swillden@google.com>	Allow any padding mode to be used with keys with KM_PAD_NONE. Bug: 22229156 Change-Id: I5de66c3ed86244452e7776bff9523e35030713e9 /system/keymaster/aes_operation.cpp
0f906ec40f6ade7955c6b967ea522aade54ea2e4	20-Jun-2015	Shawn Willden <swillden@google.com>	Add buffer wrap checks and disable throwing of std::bad_alloc. Android is built with exceptions disabled, but "operator new" and "operator new[]" still throw std::bad_alloc on failure rather than returning new. In general this is a good thing, because it will cause an immediate crash of the process rather than assigning a null pointer which is probably not checked. But most memory allocations in Keymaster are checked, because it's written to run in an environment where new does not throw. This CL updates the code to explicitly use the non-throwing new. A handful of throwing news remain, but only in places where a crash on failure is appropriate. In addition, this CL also inserts buffer wrap checks in key locations and changes the development-machine Makefile to build in 32-bit mode, to make memory problems more apparent. Bug: 21888473 Change-Id: I8ebc5ec12053e4f5274f6f57ce312abc10611cef /system/keymaster/aes_operation.cpp
294a2db0e5f2eb46d84e4f5c9ce25245ac474147	17-Jun-2015	Shawn Willden <swillden@google.com>	Don't enforce purpose, digest or padding on public key operations Bug: 21877150 Change-Id: Iaf00c94aaca892a154aea7aa4e3828bfbd8d9630 /system/keymaster/aes_operation.cpp
c4bfa86500fe46c0796b6d4378f9264f1c4f7d5d	17-Jun-2015	Shawn Willden <swillden@google.com>	Reject AES GCM nonces of other than 12 bytes in length. Bug: 21614165 Change-Id: Ic938193babee9478ccf6779670e7f43b6e31335d /system/keymaster/aes_operation.cpp
34419130408d2a6dcadd7b0f1b6d2c9c4002bbac	09-Jun-2015	Shawn Willden <swillden@google.com>	GCM tags in ciphertext, rather than in params. Also, handle AAD correctly. Bug: 21786749 Change-Id: I26a413f39daf3bd946ed494c7c3b5c6f559fb30b /system/keymaster/aes_operation.cpp
0f39256c68dc689b2eb8b604c4d39f17b9300363	02-Jun-2015	Shawn Willden <swillden@google.com>	Add AES-GCM mode. Bug: 19919114 Change-Id: I27efed097efbd93d587a50f5d82fad80a96e7527 /system/keymaster/aes_operation.cpp
ded8e7d0ad241fc0a930dbebbd9f2e2bf4e929a2	01-Jun-2015	Shawn Willden <swillden@google.com>	Pass output params down to operations. Change-Id: Ibd6956f6b8ef42f272d922050a7e5da3d78cffb7 /system/keymaster/aes_operation.cpp
0629810b145187575bc26c910dded0d24c64569d	26-May-2015	Shawn Willden <swillden@google.com>	Another refactor, deleting AbstractFactoryRegistry. I should have known better than to make these singletons to begin with. Globals create problems. This undoes that mistake. Change-Id: Idf61d5f72e3c34b5c4ddb27cc94b05f506561743 /system/keymaster/aes_operation.cpp
c442467181d8a9427c83fea4f0a272c8a7b46043	11-May-2015	Shawn Willden <swillden@google.com>	Enforce padding parameter for AES. Bug: 20917242 Change-Id: If1c35792279a4b03731552ced86ae7755efc6fc8 (cherry picked from commit 5bc56cdf1e466da3c3ebfeb3f49f07094d11b376) /system/keymaster/aes_operation.cpp
31e063f8ed913369eb30648537fb5827dfd7a0d3	08-May-2015	Shawn Willden <swillden@google.com>	Enforce block mode specifications. Bug: 20917242, 19509156 Change-Id: If09e18540e9ffb968498d8acca8561d85b031562 /system/keymaster/aes_operation.cpp
3ad5f05e1ae2ca4beb1d0b2104c742de869841bc	08-May-2015	Shawn Willden <swillden@google.com>	Enforce padding specifications. Bug: 20917242, 19509156 Change-Id: Ib67076f89ef3d675b5e2e926cc3702fa208dbbb6 /system/keymaster/aes_operation.cpp
344549836442988693f27be8252c31bd2ebefdee	30-Apr-2015	Shawn Willden <swillden@google.com>	Modify RAND_bytes calls to handle -1 return code. Bug: 20554394 Change-Id: I54dce88f7bb90bd5660e9d3a7be9b9646bcc12bd (cherry picked from commit 9ee79fb55049c242b12e067df1a824f18622ccfd) /system/keymaster/aes_operation.cpp
6770635e8ba485102be7a629ba936d8f5cf3d3ab	28-Apr-2015	Shawn Willden <swillden@google.com>	Diagnose erroneous caller nonce/IV. Bug: 20127433 Change-Id: Ic8ec74daf4b732aea6a393fe5f0ed4abe9e6eef2 /system/keymaster/aes_operation.cpp
3ed6d06a378c29deacb1fb9cc33b599b309c3a52	15-Apr-2015	Shawn Willden <swillden@google.com>	Add begin_params to CreationOperation. Allowing several crypto parameters to be repeated on keys means we need to be able to specify them at operation time, which means they'll be passed in to the begin() params. This change makes it possible for operations to actually receive these values. Bug: 19509156 Change-Id: I4504f5206d93ce3040b6a5a8d8dacb5b08eb2b90 /system/keymaster/aes_operation.cpp
969aa382ca37968eff1b45012ab870fdbb775d30	16-Apr-2015	Shawn Willden <swillden@google.com>	Generate nonce if caller doesn't provide one. If the key has KM_TAG_CALLER_NONCE, then the caller is allowed to provide a nonce. Previously the assumption was that the caller was _required_ to provide a nonce. But to play nicer with the Java crypto API, it's better to make the caller nonce optional if KM_TAG_CALLER_NONCE is true. Bug: 19919504 Change-Id: I6189e19017b9026b955f529c7267913de8b04a74 /system/keymaster/aes_operation.cpp
c47c88f1a9ec3fce5e8116b9b5572b58783f56d0	08-Apr-2015	Shawn Willden <swillden@google.com>	Remove OCB Mode. Change-Id: I8f804978208e2c8701bd52dc79b5597a307b7e7a /system/keymaster/aes_operation.cpp
20d725d20a2ba8eba06caaf5d11e113e069161c0	25-Mar-2015	Thai Duong <thaidn@google.com>	ECIES: implement KM_MODE_CTR. This implementation is rand counter-mode. When encrypting, if the caller doesn't specify the IV, Keymaster will randomly generate a 16-byte IV. Change-Id: I9096b83ca38be161b60b398271c99bc11e804b52 /system/keymaster/aes_operation.cpp
f01329d8692edde9a9ffb88f29f5d684eab481e2	12-Mar-2015	Shawn Willden <swillden@google.com>	Improve error reporting and logging. Bug: 19603049 Bug: 19509317 Change-Id: I041c973802e6c567adc5b1f280fc5bac27ba28d6 /system/keymaster/aes_operation.cpp
92b69a300beb364bfab57a16d1e965dcdf755d4a	14-Mar-2015	Shawn Willden <swillden@google.com>	Fix delete/delete[] mismatch & check for failed alloc. Change-Id: Ieb73e5cb11869436771bf463d41e5510d6b93507 /system/keymaster/aes_operation.cpp
7a62f5e84c579b85104fd617040a57b5dcb9fef2	10-Mar-2015	Shawn Willden <swillden@google.com>	Handle AES CBC IVs via input/output params. Change-Id: Idd98103943e661e0940f274c3b3342192d211438 /system/keymaster/aes_operation.cpp
dfa1c030e941cba4e66b362854d84b19298353c9	07-Feb-2015	Shawn Willden <swillden@google.com>	Add AAD support to AES OCB. Also add OCB test vectors. Change-Id: I33074bfea142aab334916c4567f92a6645fcab9f /system/keymaster/aes_operation.cpp
498e0aa0e02fba5cacf1f9ba012b3f406e1f4e25	04-Mar-2015	Shawn Willden <swillden@google.com>	Remove support for CFB and OFB modes. They're not supported by the openssl in Trusty, and we don't actually need them for now, so just remove them. Change-Id: I6ca385fff34dba8732d001c03c502d62136477a0 /system/keymaster/aes_operation.cpp
f0f68b976b0ffac10d3e0efddc5bee38fd9d1ea3	31-Dec-2014	Shawn Willden <swillden@google.com>	Add AES ECB, CBC, OFB and CFB support. Change-Id: I7a4e8eaa3be5f20e87ab1f16b0b6bfc1fa47b74c /system/keymaster/aes_operation.cpp
567a4a04f43d35b785d50508e6459b01f2ab4d14	31-Dec-2014	Shawn Willden <swillden@google.com>	Switch to using global logger Change-Id: I7af02342320a9a431cd9845baaf5dbcf61d460c2 /system/keymaster/aes_operation.cpp
63ac043f81f8e2a15bbadcb6628b92096295ab6a	29-Dec-2014	Shawn Willden <swillden@google.com>	Refactor operation creation to use an operation factory registry. Also modify GoogleKeymaster to query the operation factories to get lists of supported modes and digests. Change-Id: Ied30185df5dddaeaeb1106df63237757896d77db /system/keymaster/aes_operation.cpp
6dde87c27ec620c0962507b58ece3fbe94bbff02	11-Dec-2014	Shawn Willden <swillden@google.com>	Add AES OCB decryption. Also, refactor to extract functionality that will be common to all AEAD modes. Change-Id: I4bcf12c9d2d464ab1af559c69031904ffae45e25 /system/keymaster/aes_operation.cpp
907c3015d0edf1e43cdc9e0bba0e3fc23dca8cfc	08-Dec-2014	Shawn Willden <swillden@google.com>	Add support for AES OCB encryption. This change was already reviewed, merged and reverted, so I'm skipping the review step this time. Change-Id: Ibc80bec7e47468d4eb668f1bd9a188e51cb7d567 /system/keymaster/aes_operation.cpp
29d898717bc48ca59cd3fb1e30efdad36f13ccec	20-Jan-2015	Shawn Willden <swillden@google.com>	Revert "Add support for AES OCB encryption." This reverts commit 5e251019d7402f4bf43b7acf287cf69372885f1b. /system/keymaster/aes_operation.cpp
5e251019d7402f4bf43b7acf287cf69372885f1b	08-Dec-2014	Shawn Willden <swillden@google.com>	Add support for AES OCB encryption. Change-Id: I97ab46fdce972d29af261041c41cf38d6904e736 /system/keymaster/aes_operation.cpp