237f4b369bfd8021882007d103b9921fca789263 |
|
24-Apr-2017 |
Bartosz Fabianowski <bartfab@google.com> |
Add device ID attestation method to keymaster Device ID attestation consists of three steps: * Generate a temporary key * Attest the key and desired device IDs * Delete the temporary key Rather than being spread over three keymaster APIs, these operations should happen automatically in a single keymaster method. Bug: 34734938 Test: GTS com.google.android.gts.security.DeviceIdAttestationHostTest Change-Id: Ifabb5163b9e4d12cb309a6b0ca8e5f2f92d212f4
/frameworks/base/core/java/android/security/IKeystoreService.aidl
|
b32aae2a46bc3678e11c7f0ca88e01a192829490 |
|
23-Jun-2016 |
Tucker Sylvestro <tuckeris@google.com> |
Add the onDeviceOffBody API method to KeyStore This is necessary for allowing the KeyStore to lock keys that remain authorized as long as the device is on-body. Bug 28911985 Change-Id: If50bc84d5a1cb23f9b01b1950c3676d1519cc4f5
/frameworks/base/core/java/android/security/IKeystoreService.aidl
|
8d8c7477746c357d54f586fc92e8d422a4fc6441 |
|
02-Feb-2016 |
Shawn Willden <swillden@google.com> |
Add attestation API to Android KeyStore. Bug: 22914603 Change-Id: I7c6162dc7a390aa48a2542494780959b01c23bd4
/frameworks/base/core/java/android/security/IKeystoreService.aidl
|
5bbf04803f050296a6deab10a3c7104743c4e38c |
|
09-Sep-2015 |
Chad Brubaker <cbrubaker@google.com> |
Allow uid to be passed for more operations This expands get, getmtime, exportKey, getKeyCharacteristcs and begin to accept a uid to run as. This is only for system to use keys owned by Wifi and VPN, and not something that can be used to do operations as another arbitrary application. Bug: 23978113 Change-Id: I06aa089859edc934a5415e3b184b917d6d171ae2
/frameworks/base/core/java/android/security/IKeystoreService.aidl
|
68f17203b20a29858b3f7dcefbdf89b8a3b2010f |
|
03-Jun-2015 |
Shawn Willden <swillden@google.com> |
am b183fdca: am 56396c7f: Merge "Track changes to the keystore binder API" into mnc-dev * commit 'b183fdca615e847ed03389905b0a30e30d9d37c5': Track changes to the keystore binder API
|
966486e134c901ea61195b352fdd81476b3639b4 |
|
01-Jun-2015 |
Chad Brubaker <cbrubaker@google.com> |
Track changes to the keystore binder API Output parameters are gone from begin, instead they will returned in the OperationResult and begin, update, and finish may return output parameters. Change-Id: I072afeb6c65f6c512b40603824c25686ac44e7c8
/frameworks/base/core/java/android/security/IKeystoreService.aidl
|
9ce30624a448f439e19960d0dd88103c04676e7d |
|
29-May-2015 |
Chad Brubaker <cbrubaker@google.com> |
Add optional additional entropy to finish If provided the extra entropy will be added to the device before calling finish. If entropy is provided and the device does not support supplying additional entropy then finish will fail with KM_ERROR_UNIMPLEMENTED. Change-Id: If26be118bf382604f6f8e96e833b76e6f9e94d58
/frameworks/base/core/java/android/security/IKeystoreService.aidl
|
e35d49f0d2853b79470ec890113bf4dcef03ab88 |
|
13-May-2015 |
Chad Brubaker <cbrubaker@google.com> |
Cleanup Keystore API Rename confusingly named methods, add userID arguments to all methods that operate on user state and delete methods that have been replaced by the onUser* methods. Some of the old methods have been kept in KeyStore.java in order to ease the transition of various system packages to the new methods. (cherry-picked from commit d8aacca3a197f65021e9b520807b7315b7a59d68) Change-Id: Ic271689d62c36d255c5adee26c7abc2e7ed24df5
/frameworks/base/core/java/android/security/IKeystoreService.aidl
|
d8aacca3a197f65021e9b520807b7315b7a59d68 |
|
13-May-2015 |
Chad Brubaker <cbrubaker@google.com> |
Cleanup Keystore API Rename confusingly named methods, add userID arguments to all methods that operate on user state and delete methods that have been replaced by the onUser* methods. Some of the old methods have been kept in KeyStore.java in order to ease the transition of various system packages to the new methods. Change-Id: Ic271689d62c36d255c5adee26c7abc2e7ed24df5
/frameworks/base/core/java/android/security/IKeystoreService.aidl
|
83ce095c848b972156256855d0f2a2ff4aa068fd |
|
12-May-2015 |
Chad Brubaker <cbrubaker@google.com> |
Add keystore onUserAdded/Removed methods (cherry-picked from commit 31c2897105e6d71f8e6edeab312d2147bbdbaeb1) Change-Id: I73fe9344ec5660e58425d5c85d14381820533d57
/frameworks/base/core/java/android/security/IKeystoreService.aidl
|
31c2897105e6d71f8e6edeab312d2147bbdbaeb1 |
|
12-May-2015 |
Chad Brubaker <cbrubaker@google.com> |
Add keystore onUserAdded/Removed methods Change-Id: I73fe9344ec5660e58425d5c85d14381820533d57
/frameworks/base/core/java/android/security/IKeystoreService.aidl
|
d88fffa58de65e71f46f5da6b4cdd07f6cd5ab30 |
|
07-May-2015 |
Chad Brubaker <cbrubaker@google.com> |
Cleanup keystore password changing and unlocking Add KeyStore.onUserPasswordChanged for the lockscreen to call when the user changes their password. Keystore will then handle the logic of deleting keys. Instead of calling Keystore.password_uid for both unlocking and password changes the behavior has been split into Keystore.unlock and onUserPasswordChanged. (cherry-picked from commit a91a8504191d91d288c55821caa5bf00c9be26a2) Change-Id: I324914c00195d762cbaa8c63084e41fa796b7df8
/frameworks/base/core/java/android/security/IKeystoreService.aidl
|
a91a8504191d91d288c55821caa5bf00c9be26a2 |
|
07-May-2015 |
Chad Brubaker <cbrubaker@google.com> |
Cleanup keystore password changing and unlocking Add KeyStore.onUserPasswordChanged for the lockscreen to call when the user changes their password. Keystore will then handle the logic of deleting keys. Instead of calling Keystore.password_uid for both unlocking and password changes the behavior has been split into Keystore.unlock and onUserPasswordChanged. Change-Id: I324914c00195d762cbaa8c63084e41fa796b7df8
/frameworks/base/core/java/android/security/IKeystoreService.aidl
|
f603e2861430f13a746f80885b5fc00994f64391 |
|
30-Mar-2015 |
Chad Brubaker <cbrubaker@google.com> |
Merge "Add authorization binder methods"
|
dae79e540844741fc35c648efe8bbb00fc8ab781 |
|
27-Mar-2015 |
Chad Brubaker <cbrubaker@google.com> |
Allow entropy to be provided to some operations generateKey and begin can now optionally take an array of bytes to add to the rng entropy of the device before the operation. If entropy is specified and the device does not support add_rng_entropy or the call fails then that device will not be used, leading to fallback or error depending on the situation. Change-Id: Id7d33e3cc959594dfa5483d002993ba35c1fb134
/frameworks/base/core/java/android/security/IKeystoreService.aidl
|
5e73c0eec2bc77222a5a87fb2a135d8303836411 |
|
22-Mar-2015 |
Chad Brubaker <cbrubaker@google.com> |
Make application/client id an object Having it as a raw byte[] caused issues in keystore because keymaster handles a null blob differently than a blob with null contents. Make this explicit in the API. Change-Id: Ifcf550f438608b8f09fc589d00d06fffa6ee463b
/frameworks/base/core/java/android/security/IKeystoreService.aidl
|
5654b36b4667431e49d27c07a06d275656071e75 |
|
18-Mar-2015 |
Chad Brubaker <cbrubaker@google.com> |
Add authorization binder methods Add methods for sending an auth token to keystore and to query the authorization state of a given operation. Change-Id: I223df5c56ae2a251ef31cfe60f06c046c12a5cd8
/frameworks/base/core/java/android/security/IKeystoreService.aidl
|
45ff13ea28005b5af0caa80dbdeb09d49bd73faf |
|
21-Jan-2015 |
Chad Brubaker <cbrubaker@google.com> |
Add Keymaster 0.4 binder API This adds the classes for creating and serializing arguments and results from keymaster as well as the enum values from hardware/libhardware/include/hardware/keymaster_defs.h which will be needed for argument creation as well as converting keymaster error codes into Java exceptions. Change-Id: I61046756361d43d9f02eea370c2cbd07c3638ea3
/frameworks/base/core/java/android/security/IKeystoreService.aidl
|
7a2c973db7756a60f1cdd6cf67411115c1576081 |
|
14-Jan-2015 |
Chad Brubaker <cbrubaker@google.com> |
Generate IKeystoreService using aidl This replaces IKeystoreService.java with IKeystoreService.aidl and changes the methods that passed down a byte[][] to instead pass down a KeystoreArguments which is currently a thin parcelable wrapper around a byte[][]. Change-Id: I6367bcf57562f41a27aab14f1903b74995cb65c2
/frameworks/base/core/java/android/security/IKeystoreService.aidl
|