History log of /system/keymaster/soft_keymaster_device.cpp
Revision Date Author Comments (<<< Hide modified files) (Show modified files >>>)
1e15840cba64d2c687152fa830a39855a596628b 24-Mar-2017 Shawn Willden <swillden@google.com> Add supports_all_digests to SoftKeymasterDevice

Bug: 36549319
Test: VTS
Change-Id: I1ebfff857fbde4170355263fe25bf3f2b709b7d2
/system/keymaster/soft_keymaster_device.cpp
3eed29b69b4c547226b7a88c648de9a160614368 14-Feb-2017 seulhui.lee <seulhui.lee@lge.com> Merge "Fix bugs regarding KeyStore::isHardwareBacked always returning true." am: 1afb826c88 am: 9ae622cb64 am: 1c949bfa57
am: 57c176329c

Change-Id: I42418fae3f6aae85aedfdf370a7d78b1bbb59cec
9fcdb7e4ad9b8922791ee3b3ee6fd6a931d48ea4 11-Jan-2017 Janis Danisevskis <jdanis@google.com> Fix reboots due to unsafe key blob handling in legacy keymaster HAL

Some key blobs seem to upset certain keymaster implementations
such that they cause the device to reboot rather than reporting an
invalid key blob.

This patch removes the fast path to hardware from the software
keymaster implementation of get_key_characteristics, so that key blobs
are properly identified before passed to the correct engine.

This avoids potentially dangerous blobs being passed to keymaster
HALs for the purpose of retrieving key characteristics, that is.

Test: Fix for keystore CTS test
Change-Id: I3aa61d17c72f0319f9e1b682a8bdcf67416d5aea
/system/keymaster/soft_keymaster_device.cpp
c6f1dffc1d09f2283d65cf7ffc1c170e8e82ca97 01-Dec-2016 Shawn Willden <swillden@google.com> Fix EC curve to key size translation in SoftKeymasterDevice.

Test: VTS tests check this.
Change-Id: Ide63980d6801a9bf7f0cdb00996e7cea711c37c9
/system/keymaster/soft_keymaster_device.cpp
3560f7be392fa7f59844b8c5c54c2d75a62aad7b 01-Dec-2016 Shawn Willden <swillden@google.com> Fully support input to finish() in SoftKeymasterDevice.

SoftKeymasterDevice did not support sending input data to finish() when
wrapping keymaster1 hardware.

Test: CL includes unit tests
Change-Id: Ia1e30295904e93093e1ef7b0514304fbb424bbb7
/system/keymaster/soft_keymaster_device.cpp
2c3769c267c3fbbfb4edafad0d2518670914aac8 13-Oct-2016 Shawn Willden <swillden@google.com> Modify SoftKeymasterDevice to fully handle keymaster1 devices

When SoftKeymasterDevice is wrapping a keymaster1 device that does not
implement all of the required digests, it simply rejects creation or
import of HMAC keys that use an unsupported digest. This works only
because keystore has a "fallback" software-only device which will be
used to handle the issue. Treblization makes that fallback device
rather weird. To allow removal of the fallback device,
SoftKeymasterDevice needs to allow creation and import of HMAC keys that
cannot be supported by the underlying hardware, creating a
software-based key and using the software implementation for
operations. This CL makes it do that.

Test: Tested by running dev machine unit tests.
Bug: 32020919
Change-Id: I6cdb5d57dc3360c279bf94a402c3b8fe3d673950
/system/keymaster/soft_keymaster_device.cpp
65d56eb10ba09a4ab036a485143afa2315225e12 25-Aug-2016 seulhui.lee <seulhui.lee@lge.com> Fix bugs regarding KeyStore::isHardwareBacked always returning true.

1. CTS checks whether device supports H/W Keymaster or not with using "KeyStore::isHardwareBacked"
2. H/W Keymaster is mandatory by CDD.
3. CTS couldn't check well because KeyStore::isHardwareBacked always returns true.
4. Hence, software keymaster2 implementation should add its flags as not '0'.

Change-Id: Iab035d534dd501e5d285a121db033bb828ff6553
Signed-off-by: Seulhui Lee <seulhui.lee@lge.com>
/system/keymaster/soft_keymaster_device.cpp
df1adeba7fdff6ae1556f647efb155c71918fa76 25-Apr-2016 Shawn Willden <swillden@google.com> Reject too-large key attestation challenges.

Attestation certificates include an app-provided challenge value, which
is defined in the documentation as an arbitrary byte array between 0 and
128 bytes in length, inclusive. SoftKeymaster does not restrict the
length of challenge values during key attestation, and it should.

Bug: 28369352
Change-Id: Ibf16fb93f3bc82783bcc7736eb6de789be70d7a8
/system/keymaster/soft_keymaster_device.cpp
c15af1910d8f451341d0068b5533816ace5defec 10-Mar-2016 Shawn Willden <swillden@google.com> Implement key version binding.

Change-Id: If0f3bc12380b8b65bf1e60d5d8d039eb972c8a15
/system/keymaster/soft_keymaster_device.cpp
e802a1e6cd0837fa9ba58a2a0b376a80ecdaec38 10-Mar-2016 Shawn Willden <swillden@google.com> Remove agree_key and add configure to keymaster2.

Key agreement (ECDH) has been punted from the N release, and a
configuration method has been added to support version binding.

Change-Id: Ie3219e9a5062c2f2bc4e298cd88af764f4c3809c
/system/keymaster/soft_keymaster_device.cpp
530c51f246e1a532dbf12f1cf3be95bb601a9d26 10-Feb-2016 Shawn Willden <swillden@google.com> Fix null pointer dereference in SofKeymasterDevice.

Bug: 26862905
Change-Id: I05823b07fbbc957b7f4b7eacb9f25c1d869a8045
/system/keymaster/soft_keymaster_device.cpp
86a0b87bcc77bd24cedbcdc82699414de7345030 28-Jan-2016 Shawn Willden <swillden@google.com> Revert "Revert "Add attestation support to SoftKeymaster.""

This reverts commit 0fc3ef6f2de4f2204f121e3080a17203bf847cae.

Change-Id: I658ad32b281ab74d3beeee66794b31f193e6d404
/system/keymaster/soft_keymaster_device.cpp
0fc3ef6f2de4f2204f121e3080a17203bf847cae 28-Jan-2016 Shawn Willden <swillden@google.com> Revert "Add attestation support to SoftKeymaster."

This reverts commit fc3cafd487e69c84d83444e1d129d0ab131c4e3d.

Change-Id: I1fb38db044c4039be04d1f75fb89ca9a6404321f
/system/keymaster/soft_keymaster_device.cpp
fc3cafd487e69c84d83444e1d129d0ab131c4e3d 11-Jan-2016 Shawn Willden <swillden@google.com> Add attestation support to SoftKeymaster.

Bug: 22914603
Change-Id: I7650f1b691665bce3024556c2ea38e122c9cb2cf
/system/keymaster/soft_keymaster_device.cpp
c72ae833d2bafc31dff801ad779b146d5c31b527 06-Jan-2016 Shawn Willden <swillden@google.com> Add keymaster2 stub support to SoftKeymasterDevice.

This CL adds a keymaster2 API to SoftKeymasterDevice. It just
delegates to the keymaster1 implementation, and will return errors if
any keymaster2 features are used. This will allow conversion of
keystore to the keymaster2 API, after which the keymaster1 API will be
removed from SoftKeymasterDevice (though it will still be able to wrap
a keymaster1 hardware implementation).

Note that this CL does not update the unit tests to test the
keymaster2 interface. That will come in a future CL.

Change-Id: I2efd696d733c99e916f98ae68586310d3b2abf78
/system/keymaster/soft_keymaster_device.cpp
b87d707b96e6af9dabd23481b5c7a51160630831 25-Nov-2015 Shawn Willden <swillden@google.com> Set SoftKeymasterDevice flags correctly.

Bug: 25166155
Change-Id: Ibaf0ef42744094b2dde26539e8f51d381061eb1e
/system/keymaster/soft_keymaster_device.cpp
01d8f24c45067bc3d909e3aae9a72582f3c985a1 16-Nov-2015 Shawn Willden <swillden@google.com> Fix pass-through of deletion on wrapped KM0 and KM1.

SoftKeymasterDevice was incorrectly directly sending deletion requests
to wrapped hardware. In some cases the key blob passed in by
SoftKeymasterDevice is a hardware blob encapsulated by a wrapper, and we
need to remove the encapsulation before passing it on.

Bug: 25676862
Change-Id: Ic315c6b08d9ec15aa0be8f28f485a221bc7f1135
/system/keymaster/soft_keymaster_device.cpp
4fc15704d86aab977c2bdbb14345a2c417be2bab 23-Oct-2015 Shawn Willden <swillden@google.com> Remove unused variables.

Change-Id: Ib6adb9242ed8060d6182501784c249c2cd4926f6
/system/keymaster/soft_keymaster_device.cpp
e748085f5ee441a2c0a1380e9da824fd07877873 14-Aug-2015 Jim Miller <jaggies@google.com> Revert "Hack to work around broken bullhead keymaster app."

This reverts commit 3fceedc788498733952279a97944f4ea22892577.

Change-Id: Ie17dd16f8689810af9efe071a0d006e026782af6
/system/keymaster/soft_keymaster_device.cpp
3fceedc788498733952279a97944f4ea22892577 14-Aug-2015 Shawn Willden <swillden@google.com> Hack to work around broken bullhead keymaster app.

Bug: 23193626
Change-Id: I71564a7ff6b3050c5fbb7bd0c12caca5a663334a
/system/keymaster/soft_keymaster_device.cpp
d599b15c0693950bdc72fb867872044fdc484ef5 28-Jul-2015 Shawn Willden <swillden@google.com> Do digesting, and sometimes padding, in SW when HW doesnt.

The keymaster1 specification only requires HW modules to implement
SHA256 out of the list of keymaster1 digest modes. That would force
many keys to be software only, and would break legacy scenarios. This
change uses SoftKeymasterDevice to front keymaster modules that don't
implement the full suite of digests, quietly inserting KM_DIGEST_NONE
and KM_PAD_NONE into key generation/import requests when necessary, then
performing the digesting, and sometimes padding, in software, then
delegating crypto operations to the hardware.

This is only done for RSA and EC keys. Software digesting isn't
possible for HMAC or AES-GCM keys.

Note that this is not the complete fix for the bug. Some changes in
keystore are also required, coming in another CL.

Bug: 22529223
Change-Id: I740572eb11341fb0659085309da01d5cbcd3854d
/system/keymaster/soft_keymaster_device.cpp
5cf45028751471f79d9f8a390f64fe9412acd53a 20-Jul-2015 Shawn Willden <swillden@google.com> Make NONE mean NONE only (not ANY)

KM_DIGEST_NONE and KM_PAD_NONE have implicit meanings of "any digest"
and "any padding", respectively, as well as the expected meanings of "no
digest" and "no padding". This CL changes that so they mean only "no
digest" and "no padding".

Bug: 22556114
Change-Id: I7b0b4c079067d85ba1aa39ae7edf0c6b17a9a500
/system/keymaster/soft_keymaster_device.cpp
d091b0a3c7efe608a474d4ca051951405e304a5d 06-Jul-2015 Shawn Willden <swillden@google.com> Implement delete_key and delete_all_keys in SoftKeymasterDevice.

Bug: 22294523
Change-Id: Ifab60b904e37c7ecca0b8138817af3d3b48199c0
/system/keymaster/soft_keymaster_device.cpp
ada4850659d484dd5ece26dde73072bef16c1517 25-Jun-2015 Shawn Willden <swillden@google.com> Add authorization enforcement to AndroidKeymaster.

Note: Moving List.h into system/keymaster is unfortunate, but required
to allow Trusty to use it. b/22088154 tracks cleaning this up.

Bug: 19511945
Change-Id: Ia1dfe5fda5ea78935611b0a7656b323770edcbae
/system/keymaster/soft_keymaster_device.cpp
36d41e230417ac3b86a1425ebf60fff6d92377ec 17-Jun-2015 Shawn Willden <swillden@google.com> Refactor AndroidKeymaster so all methods use message objects.

Methods with simple argument or return types eschewed message objects,
but this complicates the TrustyKeymaster implementation by requiring it
to build its own system for marshalling and unmarshalling.

Bug: 14674558
Change-Id: I5a88523c9d1a76c8629ff6f93040ceb3c2a9426b
/system/keymaster/soft_keymaster_device.cpp
239375761a65801827769dccf79d183dcdeba769 04-Jun-2015 Chad Brubaker <cbrubaker@google.com> Use wrapped keymaster0 device's value of KEYMASTER_SOFTWARE_ONLY

SoftKeymasterDevice always sets KEYMASTER_SOFTWARE_ONLY but this isn't
true when wrapping a keymaster0 hardware device. This breaks CTS.

Note this with how the wrapper is implemented _some_ keys from the
wrapped adapter will be software backed and there is no way to tell in
keychain where it'll land.

Bug: 21635583
Change-Id: Ic2e38d4ffe12536eea37e688aaf17c2516f3194b
/system/keymaster/soft_keymaster_device.cpp
62b1922b3e458fac65ab284879f0bd96ea4033f0 04-Jun-2015 Chad Brubaker <cbrubaker@google.com> Fix missing delete_keypair and delete_all

delete_keypair and delete_all always existed in SoftKeymasterDevice and
always returned an error, this causes keystore's delete to fail because
it gives the impression the key was unable to be deleted.

Instead SoftKeymasterDevice will track these two optional methods, if
they exist int the underlying device then SoftKeymasterDevice will
expose them and simply pass though, otherwise the methods will be null
in the SoftKeymasterDevice's device.

Bug: 21634519
Change-Id: I5ecb86644d5a3b6a517aa040b08b0902443e5be1
/system/keymaster/soft_keymaster_device.cpp
0e2ee44913880a582488a9cb7e1ffe0711111891 01-Jun-2015 Shawn Willden <swillden@google.com> Update SoftKeymasterDevice to track keymaster1 API changes.

Change-Id: I8472a75ea60c73794ce31cacab9bcaad8482358f
/system/keymaster/soft_keymaster_device.cpp
0cbfbc5b72a0d5bafffa3c2e93eeeea0edf91b83 01-Jun-2015 Shawn Willden <swillden@google.com> Don't bother parsing keymaster0 signing params.

The keymaster0 signing API includes a void* to a structure that depends
on key type (RSA or EC). Previously we've tried to determine what the
key type is and to extract proper parameters, by calling
get_key_characteristics and examining the result. But this is all
pointless. The possible contents of that signing structure is fixed, so
we may as well just set the values directly. This does mean that we set
KM_TAG_PADDING for EC keys, even though ECDSA doesn't use padding.
That's okay, though. Keymaster1 implementations should ignore
extraneous tags. And in any case, we'll soon stop even providing the
keymaster0 APIs, so the issue will disappear.

Change-Id: Id4ee756dedc716978323767d51b4e3db357da662
/system/keymaster/soft_keymaster_device.cpp
2beb628bfefae72fa6bb84a6235da7e3de532823 21-May-2015 Shawn Willden <swillden@google.com> Delegate RSA keys to keymaster0 in SoftKeymasterDevice.

Bug: 20912868
Change-Id: I515a125f1247357d2cd9b4633c3b223590848093
/system/keymaster/soft_keymaster_device.cpp
0cb6942d3efb6c056f96321c82a4b3d86af601d6 26-May-2015 Shawn Willden <swillden@google.com> Revert "Revert "Large refactor to move context out of AndroidKeymaster.""

This reverts commit 13fbe3e93247943c26e7ca2ed27b6d650282b8bf.

Bug: 20912868, 19799085
Change-Id: Iadd6ce5cbe94956c2a2fe277f1bf5b108e4bcf57
/system/keymaster/soft_keymaster_device.cpp
13fbe3e93247943c26e7ca2ed27b6d650282b8bf 23-May-2015 Shawn Willden <swillden@google.com> Revert "Large refactor to move context out of AndroidKeymaster."

This reverts commit 8ba2a043f0d44ad3f58d4af518f9391c03eca9c3.

I need to update the Volantis non-secure code in sync. Reverting while I get that done.

Change-Id: I0fb9f928e7e624ad678050a04bb873b43b1c9a48
/system/keymaster/soft_keymaster_device.cpp
8ba2a043f0d44ad3f58d4af518f9391c03eca9c3 18-May-2015 Shawn Willden <swillden@google.com> Large refactor to move context out of AndroidKeymaster.

AndroidKeymaster made a number of assumptions about its context that are
really only valid for TEE-based usage. In addition, KeyFactory made
some similarly TEE-focused assumptions about key blob creation and
parsing.

Both concerns have been moved to a new KeymasterContext class, which is
responsible for building and parsing key blobs in a manner appropriate
for the context in which AndroidKeymaster is running, as well as
providing other context-specific services, such as random number
generation.

In addition, the refactor reduces the need for the KeyBlob and
UnencryptedKeyBlob classes, which encode too many assumptions about blob
formatting and encryption, to the point that they can be removed and
replaced by a handful of utility functions which are much cleaner and
more flexible.

How to review this CL:

I looked hard at breaking this up into smaller CLs, but it's mostly not
feasible. However, it's probably easier to approach it by starting with
the fundamental changes, and then looking at the cascade effects.

1. Look at keymaster_context.h. The core of the change was pulling this
set of features out of AndroidKeymaster. Note that the revised approach
to key blob creation does not involve the KeyBlob and UnencryptedKeyBlob
classes, but instead goes directly from raw key material plus ancillary
data (e.g. auth sets) to a serialized buffer ready to return to
keystore. The same is true in reverse direction for parsing key blobs.

2. Look at key.h. The revised KeyFactory GenerateKey, ImportKey and
LoadKey methods are essential. GenerateKey and ImportKey no longer
produce a Key object, because all that's needed is a returnable blob.
LoadKey produces a Key object, but it starts with raw key material,
rather than an UnencryptedKeyBlob. Also note the change to the Key
class; because Key objects are only created by LoadKey, when there's a
need to use a key, there's only one constructor.

3. Look at asymmetric_key.h, rsa_key.h and rsa_key.cpp. rsa_key.cpp
provides a good example of how the new structure works. GenerateKey and
ImportKey do all of the work necessary to produce an OpenSSL RSA key and
extract the internal representation (using EvpToKeyMaterial; defined in
asymmetric_key.h because it's the same for EC keys). Then, with the raw
key data in hand, they call KeymasterContext::CreateKeyBlob to wrap the
key data in a key blob that can be returned to the caller -- whatever
that wrapping means in the current context. There's a subtlety not
apparent here which is crucial to the rationale for the refactoring:
RsaKeyFactory uses KeymasterContext::get_instance to retrieve the
context, but key factories which depend on operating in a particular
context can use a different way to get their context object, which may
have a larger interface. RsaKeymaster0KeyFactory will do this.

4. Look at soft_keymaster_context. In
particular, SoftKeymasterContext::CreateKeyBlob and ParseKeyBlob.
CreateKeyBlob allocates authorization tags from key_description to
hw_enforced and sw_enforced, then encrypts the key material and
serializes it to a blob. This approach is compatible with the keys
softkeymaster has been producing, but I'm going to change it (post M),
because there's no reason to bother encrypting SW keys with a SW key.
ParseKeyBlob reverses the process to recover the unencrypted key
material and the auth lists. One debatable point was the decision to
implement BuildHiddenAuthorizations and SetAuthorizations here, since
all contexts will need something similar, and they really should all do
it the same. I may refactor later to pull that functionality up to
KeymasterContext; it will depend on what I learn implementing
TrustyKeymasterContext and HybridKeymasterContext (used for the
keymaster0 adapter).

5. Look at ocb_utils and auth_encrypted_key_blob. These contain the key
encryption and key blob serialization code which was formerly split
between AndroidKeymaster::SerializeKeyBlob, UnencryptedKeyBlob and
KeyBlob, now divided into separate encryption and serialization
utilities. Note the refactored key_blob_test.cpp, updated to use the
new utilities rather than UnencryptedKeyBlob.

6. Look at soft_keymaster_device.cpp. Since KeyBlob no longer exists to
provide a nice way to peer into a blob to extract the algorithm, for use
in determining how to parse the keymaster0 signing key params (which
come in as a void*, yuck), we now have to use get_key_characteristics to
recover the params. This was the right way all along; the device layer
should not depend on being able to parse key blobs.

7. The rest.

Bug: 20912868, 19799085
Change-Id: Ieb74b8da39974f674eb8baa959bde75011fdd2e8
/system/keymaster/soft_keymaster_device.cpp
f923963fda888eac9e7997b71d5525ea2f82a091 12-May-2015 Shawn Willden <swillden@google.com> Move key factory registration into SoftKeymasterDevice.

So we can do it differently in the keymaster0 adapter.

Bug: 20912868
Change-Id: If4c602cc0fab3e59cd2e395a97e21dd8cb3a176f
/system/keymaster/soft_keymaster_device.cpp
b6837e7a62a1192e33beef586282812239ee8b28 16-May-2015 Shawn Willden <swillden@google.com> Remove references to Google in Android keymaster reference implementation.

Change-Id: I05de61353fc806b90232fab7c1d1cf76aefa35fc
/system/keymaster/soft_keymaster_device.cpp
125e4866f98eb1b5ad65a563afd34aca215d983d 11-May-2015 Shawn Willden <swillden@google.com> Remove rescoping support.

Change-Id: Ia8e36e41e04f15befccbb7b4138f599849facd28
(cherry picked from commit 0c14b2c5f42abdab58118106d5a7117a88d4a324)
/system/keymaster/soft_keymaster_device.cpp
f5d7f91fc77418763f8ae026ca3bf456316c7815 10-Apr-2015 Shawn Willden <swillden@google.com> Rename ECDSA to EC.

Change-Id: I5435297fe37e0482b16d24b8e167f4a41175030a
/system/keymaster/soft_keymaster_device.cpp
9c65b2bd1978a918b52a459596dafc7dde992416 08-Apr-2015 Shawn Willden <swillden@google.com> Remove reference to DSA and rename KM_ALGORITHM_ECDSA.

Change-Id: Ibffddc5c3a5c728182f5ca7f6a76381413fc8645
/system/keymaster/soft_keymaster_device.cpp
d7a5c71d3b59cc27bccf364378bcfd4cd2553978 10-Apr-2015 Shawn Willden <swillden@google.com> Fix RSA and ECDSA key import in softkeymaster.

Bug: 20055613
Change-Id: Ie1998476659cb4c9e1311f0391cc3a6ecb9204ca
/system/keymaster/soft_keymaster_device.cpp
c609659a4b469778f523bece9ad0235fcfe6dd91 17-Mar-2015 Shawn Willden <swillden@google.com> Update keymaster Makefile to check for signed/unsigned mismatches

Also update unit tests which contained mismatches. That will have to be
done to get the unit tests building for on-device testing.

Change-Id: I1106b206058b3dac1f6e72ac6a13d88609fa4006
/system/keymaster/soft_keymaster_device.cpp
f01329d8692edde9a9ffb88f29f5d684eab481e2 12-Mar-2015 Shawn Willden <swillden@google.com> Improve error reporting and logging.

Bug: 19603049
Bug: 19509317
Change-Id: I041c973802e6c567adc5b1f280fc5bac27ba28d6
/system/keymaster/soft_keymaster_device.cpp
95dda36620149d1b8de57d175df9ba34a64e895d 27-Feb-2015 Shawn Willden <swillden@google.com> Move keymaster test fixture to utils, so we can reuse it.

Change-Id: I7e080326a97712bc1b6810e7231ecf78b7d4e28f
/system/keymaster/soft_keymaster_device.cpp
5fad785a94716e4b71d51dcf2434ec09ff447b27 27-Jan-2015 Shawn Willden <swillden@google.com> Add initial support for rescoping.

This code does not yet validate that rescoping is authorized. A future
CL will integrate rescoping enforcement.

Change-Id: Iff66860630eef717562bce7c534a09d80b85a7a3
/system/keymaster/soft_keymaster_device.cpp
e52da3d27ffc00711f68a8c8065ebd1d2c877392 10-Mar-2015 Shawn Willden <swillden@google.com> am 12105116: Merge changes I2b7ca81b,I8308b23d,I33074bfe

* commit '12105116914f22e71d9fca6dbb429e1d07ea26be':
Add rileyspahn@'s keymaster enforcement code.
Implement AddRngEntropy.
Add AAD support to AES OCB.
f0346ae5637a1f6e5cdc1cf7d20ba468bf2fad64 04-Mar-2015 Shawn Willden <swillden@google.com> am 567a4a04: Switch to using global logger

* commit '567a4a04f43d35b785d50508e6459b01f2ab4d14':
Switch to using global logger
cd695824a87fa9adc2d287012ddc791bb2ec63cd 26-Jan-2015 Shawn Willden <swillden@google.com> Implement AddRngEntropy.

Change-Id: I8308b23d900b0f6132dd480516e123c82ee8bcb3
/system/keymaster/soft_keymaster_device.cpp
dfa1c030e941cba4e66b362854d84b19298353c9 07-Feb-2015 Shawn Willden <swillden@google.com> Add AAD support to AES OCB.

Also add OCB test vectors.

Change-Id: I33074bfea142aab334916c4567f92a6645fcab9f
/system/keymaster/soft_keymaster_device.cpp
567a4a04f43d35b785d50508e6459b01f2ab4d14 31-Dec-2014 Shawn Willden <swillden@google.com> Switch to using global logger

Change-Id: I7af02342320a9a431cd9845baaf5dbcf61d460c2
/system/keymaster/soft_keymaster_device.cpp
4a551dbca528d5a3b0cf28e53d05cd681b5fe157 27-Feb-2015 Shawn Willden <swillden@google.com> am 98e90755: Merge "Separate keymaster0 and keymaster1 HALs."

* commit '98e9075571d41904c86ed7d78aabef32eac6068f':
Separate keymaster0 and keymaster1 HALs.
3025502b3f6094c675a732cbfeb9ff3d7801e3a2 24-Feb-2015 Shawn Willden <swillden@google.com> Separate keymaster0 and keymaster1 HALs.

For the moment soft_keymaster_device still supports the keymaster0
APIs. This will change soon.

Change-Id: I5c54282c12d1c4b8b22ed4929b6e6c724a94ede4
/system/keymaster/soft_keymaster_device.cpp
7c77fe034dbf2c768fd580b0b6692b2ccf8bc344 24-Feb-2015 Shawn Willden <swillden@google.com> am 3745efd1: Merge "Check return codes in softkeymaster."

* commit '3745efd184f9989137289b8a6fcb32afc308f94a':
Check return codes in softkeymaster.
ddf2d676648e3510a003e4a985782d5b51b41b0b 21-Feb-2015 Shawn Willden <swillden@google.com> Check return codes in softkeymaster.

Also add some more logging and a test for ECDSA-192.

Change-Id: Icc4327bb1f5cb14bc22a63e80592e29a349f1bc2
/system/keymaster/soft_keymaster_device.cpp
efa4815bafecb1e3088566b7a8b86a0259a68e6f 20-Feb-2015 Dan Albert <danalbert@google.com> Fix the clang build.

Change-Id: I4e3b46b4d8554d3c5e04d610e8b97eb27ba10b30
/system/keymaster/soft_keymaster_device.cpp
6bfbff0020bb964a736e30d717b338e3e3973a36 07-Feb-2015 Shawn Willden <swillden@google.com> Add additional params to update and finish operations.

Change-Id: I78a81b1ceb47a2abb189da4b0446800a56ec88c3
/system/keymaster/soft_keymaster_device.cpp
834d4130bab134a83b52bc66e25c3a57b202e0e2 12-Feb-2015 Chad Brubaker <cbrubaker@google.com> Move soft_keymaster headers to include/keymaster

Change-Id: Ie832ff6db1b1a0f4994641f3088c898fb35697b9
/system/keymaster/soft_keymaster_device.cpp
95e1382b75bab7d8b4cce3c1267fa23df2006957 16-Dec-2014 Shawn Willden <swillden@google.com> Refactor AesKey, extracting most functionality to SymmetricKey.

Symmetric key material handling is the same for all symmetric keys
(except, perhaps, DES if we want to handle parity bits correctly), so
move it into a common base.

Change-Id: I6ad5d35ce9020c1ae155bf0a8f2efe35674b1604
/system/keymaster/soft_keymaster_device.cpp
5b53c999edcd819ab2e5318bfd4589bc969fcbcc 02-Feb-2015 Shawn Willden <swillden@google.com> Revert "Revert "Add SoftKeymasterDevice""

This reverts commit ecf2ae9fc5fd66a0f12d9adce8aa9010f66ae863.
/system/keymaster/soft_keymaster_device.cpp
ecf2ae9fc5fd66a0f12d9adce8aa9010f66ae863 29-Jan-2015 Brian Carlstrom <bdc@google.com> Revert "Add SoftKeymasterDevice"

This reverts commit 2079ae8a94f7f19e89d94c842a4f4055bb21c39a.
/system/keymaster/soft_keymaster_device.cpp
2079ae8a94f7f19e89d94c842a4f4055bb21c39a 22-Jan-2015 Shawn Willden <swillden@google.com> Add SoftKeymasterDevice

SoftKeymasterDevice implements the keymaster HAL API by calling directly
to a GoogleKeymaster instance.

Change-Id: If530b98fecbef05815b685efff9295539614fd52
/system/keymaster/soft_keymaster_device.cpp