| 237f4b369bfd8021882007d103b9921fca789263 |
|
24-Apr-2017 |
Bartosz Fabianowski <bartfab@google.com> |
Add device ID attestation method to keymaster
Device ID attestation consists of three steps:
* Generate a temporary key
* Attest the key and desired device IDs
* Delete the temporary key
Rather than being spread over three keymaster APIs, these operations
should happen automatically in a single keymaster method.
Bug: 34734938
Test: GTS com.google.android.gts.security.DeviceIdAttestationHostTest
Change-Id: Ifabb5163b9e4d12cb309a6b0ca8e5f2f92d212f4
/frameworks/base/core/java/android/security/IKeystoreService.aidl
|
| b32aae2a46bc3678e11c7f0ca88e01a192829490 |
|
23-Jun-2016 |
Tucker Sylvestro <tuckeris@google.com> |
Add the onDeviceOffBody API method to KeyStore
This is necessary for allowing the KeyStore to lock keys that remain
authorized as long as the device is on-body.
Bug 28911985
Change-Id: If50bc84d5a1cb23f9b01b1950c3676d1519cc4f5
/frameworks/base/core/java/android/security/IKeystoreService.aidl
|
| 8d8c7477746c357d54f586fc92e8d422a4fc6441 |
|
02-Feb-2016 |
Shawn Willden <swillden@google.com> |
Add attestation API to Android KeyStore.
Bug: 22914603
Change-Id: I7c6162dc7a390aa48a2542494780959b01c23bd4
/frameworks/base/core/java/android/security/IKeystoreService.aidl
|
| 5bbf04803f050296a6deab10a3c7104743c4e38c |
|
09-Sep-2015 |
Chad Brubaker <cbrubaker@google.com> |
Allow uid to be passed for more operations
This expands get, getmtime, exportKey, getKeyCharacteristcs and begin to
accept a uid to run as. This is only for system to use keys owned by
Wifi and VPN, and not something that can be used to do operations as
another arbitrary application.
Bug: 23978113
Change-Id: I06aa089859edc934a5415e3b184b917d6d171ae2
/frameworks/base/core/java/android/security/IKeystoreService.aidl
|
| 68f17203b20a29858b3f7dcefbdf89b8a3b2010f |
|
03-Jun-2015 |
Shawn Willden <swillden@google.com> |
am b183fdca: am 56396c7f: Merge "Track changes to the keystore binder API" into mnc-dev
* commit 'b183fdca615e847ed03389905b0a30e30d9d37c5':
Track changes to the keystore binder API
|
| 966486e134c901ea61195b352fdd81476b3639b4 |
|
01-Jun-2015 |
Chad Brubaker <cbrubaker@google.com> |
Track changes to the keystore binder API
Output parameters are gone from begin, instead they will returned in the
OperationResult and begin, update, and finish may return output
parameters.
Change-Id: I072afeb6c65f6c512b40603824c25686ac44e7c8
/frameworks/base/core/java/android/security/IKeystoreService.aidl
|
| 9ce30624a448f439e19960d0dd88103c04676e7d |
|
29-May-2015 |
Chad Brubaker <cbrubaker@google.com> |
Add optional additional entropy to finish
If provided the extra entropy will be added to the device before calling
finish. If entropy is provided and the device does not support supplying
additional entropy then finish will fail with KM_ERROR_UNIMPLEMENTED.
Change-Id: If26be118bf382604f6f8e96e833b76e6f9e94d58
/frameworks/base/core/java/android/security/IKeystoreService.aidl
|
| e35d49f0d2853b79470ec890113bf4dcef03ab88 |
|
13-May-2015 |
Chad Brubaker <cbrubaker@google.com> |
Cleanup Keystore API
Rename confusingly named methods, add userID arguments to all methods
that operate on user state and delete methods that have been replaced by
the onUser* methods.
Some of the old methods have been kept in KeyStore.java in order to ease
the transition of various system packages to the new methods.
(cherry-picked from commit d8aacca3a197f65021e9b520807b7315b7a59d68)
Change-Id: Ic271689d62c36d255c5adee26c7abc2e7ed24df5
/frameworks/base/core/java/android/security/IKeystoreService.aidl
|
| d8aacca3a197f65021e9b520807b7315b7a59d68 |
|
13-May-2015 |
Chad Brubaker <cbrubaker@google.com> |
Cleanup Keystore API
Rename confusingly named methods, add userID arguments to all methods
that operate on user state and delete methods that have been replaced by
the onUser* methods.
Some of the old methods have been kept in KeyStore.java in order to ease
the transition of various system packages to the new methods.
Change-Id: Ic271689d62c36d255c5adee26c7abc2e7ed24df5
/frameworks/base/core/java/android/security/IKeystoreService.aidl
|
| 83ce095c848b972156256855d0f2a2ff4aa068fd |
|
12-May-2015 |
Chad Brubaker <cbrubaker@google.com> |
Add keystore onUserAdded/Removed methods
(cherry-picked from commit 31c2897105e6d71f8e6edeab312d2147bbdbaeb1)
Change-Id: I73fe9344ec5660e58425d5c85d14381820533d57
/frameworks/base/core/java/android/security/IKeystoreService.aidl
|
| 31c2897105e6d71f8e6edeab312d2147bbdbaeb1 |
|
12-May-2015 |
Chad Brubaker <cbrubaker@google.com> |
Add keystore onUserAdded/Removed methods
Change-Id: I73fe9344ec5660e58425d5c85d14381820533d57
/frameworks/base/core/java/android/security/IKeystoreService.aidl
|
| d88fffa58de65e71f46f5da6b4cdd07f6cd5ab30 |
|
07-May-2015 |
Chad Brubaker <cbrubaker@google.com> |
Cleanup keystore password changing and unlocking
Add KeyStore.onUserPasswordChanged for the lockscreen to call when
the user changes their password. Keystore will then handle the logic of
deleting keys. Instead of calling Keystore.password_uid for both
unlocking and password changes the behavior has been split into
Keystore.unlock and onUserPasswordChanged.
(cherry-picked from commit a91a8504191d91d288c55821caa5bf00c9be26a2)
Change-Id: I324914c00195d762cbaa8c63084e41fa796b7df8
/frameworks/base/core/java/android/security/IKeystoreService.aidl
|
| a91a8504191d91d288c55821caa5bf00c9be26a2 |
|
07-May-2015 |
Chad Brubaker <cbrubaker@google.com> |
Cleanup keystore password changing and unlocking
Add KeyStore.onUserPasswordChanged for the lockscreen to call when
the user changes their password. Keystore will then handle the logic of
deleting keys. Instead of calling Keystore.password_uid for both
unlocking and password changes the behavior has been split into
Keystore.unlock and onUserPasswordChanged.
Change-Id: I324914c00195d762cbaa8c63084e41fa796b7df8
/frameworks/base/core/java/android/security/IKeystoreService.aidl
|
| f603e2861430f13a746f80885b5fc00994f64391 |
|
30-Mar-2015 |
Chad Brubaker <cbrubaker@google.com> |
Merge "Add authorization binder methods"
|
| dae79e540844741fc35c648efe8bbb00fc8ab781 |
|
27-Mar-2015 |
Chad Brubaker <cbrubaker@google.com> |
Allow entropy to be provided to some operations
generateKey and begin can now optionally take an array of bytes to add
to the rng entropy of the device before the operation. If entropy is
specified and the device does not support add_rng_entropy or the call
fails then that device will not be used, leading to fallback or error
depending on the situation.
Change-Id: Id7d33e3cc959594dfa5483d002993ba35c1fb134
/frameworks/base/core/java/android/security/IKeystoreService.aidl
|
| 5e73c0eec2bc77222a5a87fb2a135d8303836411 |
|
22-Mar-2015 |
Chad Brubaker <cbrubaker@google.com> |
Make application/client id an object
Having it as a raw byte[] caused issues in keystore because keymaster
handles a null blob differently than a blob with null contents. Make
this explicit in the API.
Change-Id: Ifcf550f438608b8f09fc589d00d06fffa6ee463b
/frameworks/base/core/java/android/security/IKeystoreService.aidl
|
| 5654b36b4667431e49d27c07a06d275656071e75 |
|
18-Mar-2015 |
Chad Brubaker <cbrubaker@google.com> |
Add authorization binder methods
Add methods for sending an auth token to keystore and to query the
authorization state of a given operation.
Change-Id: I223df5c56ae2a251ef31cfe60f06c046c12a5cd8
/frameworks/base/core/java/android/security/IKeystoreService.aidl
|
| 45ff13ea28005b5af0caa80dbdeb09d49bd73faf |
|
21-Jan-2015 |
Chad Brubaker <cbrubaker@google.com> |
Add Keymaster 0.4 binder API
This adds the classes for creating and serializing arguments and results
from keymaster as well as the enum values from
hardware/libhardware/include/hardware/keymaster_defs.h which will be
needed for argument creation as well as converting keymaster error
codes into Java exceptions.
Change-Id: I61046756361d43d9f02eea370c2cbd07c3638ea3
/frameworks/base/core/java/android/security/IKeystoreService.aidl
|
| 7a2c973db7756a60f1cdd6cf67411115c1576081 |
|
14-Jan-2015 |
Chad Brubaker <cbrubaker@google.com> |
Generate IKeystoreService using aidl
This replaces IKeystoreService.java with IKeystoreService.aidl and
changes the methods that passed down a byte[][] to instead pass down a
KeystoreArguments which is currently a thin parcelable wrapper around a byte[][].
Change-Id: I6367bcf57562f41a27aab14f1903b74995cb65c2
/frameworks/base/core/java/android/security/IKeystoreService.aidl
|