f38a002624126ca837865826f948edc9100d6e8a |
|
26-Apr-2017 |
Janis Danisevskis <jdanis@google.com> |
Make keymaster more self contained Keymaster uses UniquePtr, a reimplementation of std::unique_ptr offered by the Android framework. As keymaster becomes part of the trebbelized HAL, it must build with the vndk. As such it must not use framework headers. An attempt to replace UniquePtr with std::unique_ptr, which is available in the vndk, failed because keymaster, i.e., parts thereof, must also build and run in the Trusty environment which does not have a full C++ STL. This patch makes keymaster more self contained. To that end the following was done by this patch. * Install a copy of UniquePtr.h in include/keymaster. * Add a tiny subset of STL symbols to keymaster. * Reorganize linking units and * build parts of keymaster with stl: "none". libkeymaster1 was split into libkeymaster_portable and libkeymaster. The former comprises all compilation units that are included in the keymaster TA (trusted app) and must run on Trusty. This library is built with the option stl: "none" to raise compilation errors as soon as someone tries to use STL features. A tiny subset of STL symbols, which are also available in Trusty is weakly defined in keymaster_stl.cpp. The latter library comprises some other functionality that is used by the softkeymasterdevice on Android and may use the STL. Bug: 37467707 Test: keymaster vts tests and keystore cts test Change-Id: I884336e1a2d2c6402a2c7deb27010fd88b907b6b
/system/keymaster/aes_operation.cpp
|
cf3763f666d2236159a22b496b6ede55878aa100 |
|
03-May-2017 |
Janis Danisevskis <jdanis@google.com> |
Revert "Make keymaster more self contained" This reverts commit dcd67c1dd0a457feec619974b3d7d077903012a8. Reason for revert: build breakage Change-Id: Id7a1b29d82f69ab21e7c461dbabc4e1466870359
/system/keymaster/aes_operation.cpp
|
dcd67c1dd0a457feec619974b3d7d077903012a8 |
|
26-Apr-2017 |
Janis Danisevskis <jdanis@google.com> |
Make keymaster more self contained Keymaster uses UniquePtr, a reimplementation of std::unique_ptr offered by the Android framework. As keymaster becomes part of the trebbelized HAL, it must build with the vndk. As such it must not use framework headers. An attempt to replace UniquePtr with std::unique_ptr, which is available in the vndk, failed because keymaster, i.e., parts thereof, must also build and run in the Trusty environment which does not have a full C++ STL. This patch makes keymaster more self contained. To that end the following was done by this patch. * Install a copy of UniquePtr.h in include/keymaster. * Add a tiny subset of STL symbols to keymaster. * Reorganize linking units and * build parts of keymaster with stl: "none". libkeymaster1 was split into libkeymaster_portable and libkeymaster. The former comprises all compilation units that are included in the keymaster TA (trusted app) and must run on Trusty. This library is built with the option stl: "none" to raise compilation errors as soon as someone tries to use STL features. A tiny subset of STL symbols, which are also available in Trusty is weakly defined in keymaster_stl.cpp. The latter library comprises some other functionality that is used by the softkeymasterdevice on Android and may use the STL. Test: keymaster vts tests and keystore cts test Change-Id: Iba03b45cc3d20854c577160f90fe24bfa7857986
/system/keymaster/aes_operation.cpp
|
cb647fec03f71929fd316d2b8f0750f7b24824f3 |
|
27-Jan-2016 |
Shawn Willden <swillden@google.com> |
Support input to "finish()" in AndroidKeymaster operations. This CL does not yet take advantage of the simplifications that allowing input to finish() provides. That will require updating the Java layer first, to remove some assumptions and code that assume update() must eventually consume all input. Change-Id: Ie85896027a1d55ddec06750d19addbb1f5e462c8
/system/keymaster/aes_operation.cpp
|
4fc15704d86aab977c2bdbb14345a2c417be2bab |
|
23-Oct-2015 |
Shawn Willden <swillden@google.com> |
Remove unused variables. Change-Id: Ib6adb9242ed8060d6182501784c249c2cd4926f6
/system/keymaster/aes_operation.cpp
|
33ab0389e908b98702806c746e7babc0d46eb452 |
|
08-Jul-2015 |
Shawn Willden <swillden@google.com> |
Add support for KM_TAG_MIN_MAC_LENGTH. HMAC and AES-GCM keys must be bound to a mininum MAC/tag length at creation, and operations may not specify a length smaller than the minimum, or provide a length smaller than the minimum during verification. Bug: 22337277 Change-Id: Id5ae2f4259045ba1418c28e9de8f4a47e67fd433
/system/keymaster/aes_operation.cpp
|
e23a2c91145e2294915e5d0cc5d7591c1aa82aca |
|
06-Jul-2015 |
Shawn Willden <swillden@google.com> |
Fix enforcement of block mode and MAC length on AES ops Bug: 22301168 Change-Id: I54b4efffa1786b08704dd6e785360870f155ed80
/system/keymaster/aes_operation.cpp
|
5532a085818bdf27ede33c9199024b86023e5961 |
|
01-Jul-2015 |
Shawn Willden <swillden@google.com> |
Allow any padding mode to be used with keys with KM_PAD_NONE. Bug: 22229156 Change-Id: I5de66c3ed86244452e7776bff9523e35030713e9
/system/keymaster/aes_operation.cpp
|
0f906ec40f6ade7955c6b967ea522aade54ea2e4 |
|
20-Jun-2015 |
Shawn Willden <swillden@google.com> |
Add buffer wrap checks and disable throwing of std::bad_alloc. Android is built with exceptions disabled, but "operator new" and "operator new[]" still throw std::bad_alloc on failure rather than returning new. In general this is a good thing, because it will cause an immediate crash of the process rather than assigning a null pointer which is probably not checked. But most memory allocations in Keymaster are checked, because it's written to run in an environment where new does *not* throw. This CL updates the code to explicitly use the non-throwing new. A handful of throwing news remain, but only in places where a crash on failure is appropriate. In addition, this CL also inserts buffer wrap checks in key locations and changes the development-machine Makefile to build in 32-bit mode, to make memory problems more apparent. Bug: 21888473 Change-Id: I8ebc5ec12053e4f5274f6f57ce312abc10611cef
/system/keymaster/aes_operation.cpp
|
294a2db0e5f2eb46d84e4f5c9ce25245ac474147 |
|
17-Jun-2015 |
Shawn Willden <swillden@google.com> |
Don't enforce purpose, digest or padding on public key operations Bug: 21877150 Change-Id: Iaf00c94aaca892a154aea7aa4e3828bfbd8d9630
/system/keymaster/aes_operation.cpp
|
c4bfa86500fe46c0796b6d4378f9264f1c4f7d5d |
|
17-Jun-2015 |
Shawn Willden <swillden@google.com> |
Reject AES GCM nonces of other than 12 bytes in length. Bug: 21614165 Change-Id: Ic938193babee9478ccf6779670e7f43b6e31335d
/system/keymaster/aes_operation.cpp
|
34419130408d2a6dcadd7b0f1b6d2c9c4002bbac |
|
09-Jun-2015 |
Shawn Willden <swillden@google.com> |
GCM tags in ciphertext, rather than in params. Also, handle AAD correctly. Bug: 21786749 Change-Id: I26a413f39daf3bd946ed494c7c3b5c6f559fb30b
/system/keymaster/aes_operation.cpp
|
0f39256c68dc689b2eb8b604c4d39f17b9300363 |
|
02-Jun-2015 |
Shawn Willden <swillden@google.com> |
Add AES-GCM mode. Bug: 19919114 Change-Id: I27efed097efbd93d587a50f5d82fad80a96e7527
/system/keymaster/aes_operation.cpp
|
ded8e7d0ad241fc0a930dbebbd9f2e2bf4e929a2 |
|
01-Jun-2015 |
Shawn Willden <swillden@google.com> |
Pass output params down to operations. Change-Id: Ibd6956f6b8ef42f272d922050a7e5da3d78cffb7
/system/keymaster/aes_operation.cpp
|
0629810b145187575bc26c910dded0d24c64569d |
|
26-May-2015 |
Shawn Willden <swillden@google.com> |
Another refactor, deleting AbstractFactoryRegistry. I should have known better than to make these singletons to begin with. Globals create problems. This undoes that mistake. Change-Id: Idf61d5f72e3c34b5c4ddb27cc94b05f506561743
/system/keymaster/aes_operation.cpp
|
c442467181d8a9427c83fea4f0a272c8a7b46043 |
|
11-May-2015 |
Shawn Willden <swillden@google.com> |
Enforce padding parameter for AES. Bug: 20917242 Change-Id: If1c35792279a4b03731552ced86ae7755efc6fc8 (cherry picked from commit 5bc56cdf1e466da3c3ebfeb3f49f07094d11b376)
/system/keymaster/aes_operation.cpp
|
31e063f8ed913369eb30648537fb5827dfd7a0d3 |
|
08-May-2015 |
Shawn Willden <swillden@google.com> |
Enforce block mode specifications. Bug: 20917242, 19509156 Change-Id: If09e18540e9ffb968498d8acca8561d85b031562
/system/keymaster/aes_operation.cpp
|
3ad5f05e1ae2ca4beb1d0b2104c742de869841bc |
|
08-May-2015 |
Shawn Willden <swillden@google.com> |
Enforce padding specifications. Bug: 20917242, 19509156 Change-Id: Ib67076f89ef3d675b5e2e926cc3702fa208dbbb6
/system/keymaster/aes_operation.cpp
|
344549836442988693f27be8252c31bd2ebefdee |
|
30-Apr-2015 |
Shawn Willden <swillden@google.com> |
Modify RAND_bytes calls to handle -1 return code. Bug: 20554394 Change-Id: I54dce88f7bb90bd5660e9d3a7be9b9646bcc12bd (cherry picked from commit 9ee79fb55049c242b12e067df1a824f18622ccfd)
/system/keymaster/aes_operation.cpp
|
6770635e8ba485102be7a629ba936d8f5cf3d3ab |
|
28-Apr-2015 |
Shawn Willden <swillden@google.com> |
Diagnose erroneous caller nonce/IV. Bug: 20127433 Change-Id: Ic8ec74daf4b732aea6a393fe5f0ed4abe9e6eef2
/system/keymaster/aes_operation.cpp
|
3ed6d06a378c29deacb1fb9cc33b599b309c3a52 |
|
15-Apr-2015 |
Shawn Willden <swillden@google.com> |
Add begin_params to CreationOperation. Allowing several crypto parameters to be repeated on keys means we need to be able to specify them at operation time, which means they'll be passed in to the begin() params. This change makes it possible for operations to actually receive these values. Bug: 19509156 Change-Id: I4504f5206d93ce3040b6a5a8d8dacb5b08eb2b90
/system/keymaster/aes_operation.cpp
|
969aa382ca37968eff1b45012ab870fdbb775d30 |
|
16-Apr-2015 |
Shawn Willden <swillden@google.com> |
Generate nonce if caller doesn't provide one. If the key has KM_TAG_CALLER_NONCE, then the caller is allowed to provide a nonce. Previously the assumption was that the caller was _required_ to provide a nonce. But to play nicer with the Java crypto API, it's better to make the caller nonce optional if KM_TAG_CALLER_NONCE is true. Bug: 19919504 Change-Id: I6189e19017b9026b955f529c7267913de8b04a74
/system/keymaster/aes_operation.cpp
|
c47c88f1a9ec3fce5e8116b9b5572b58783f56d0 |
|
08-Apr-2015 |
Shawn Willden <swillden@google.com> |
Remove OCB Mode. Change-Id: I8f804978208e2c8701bd52dc79b5597a307b7e7a
/system/keymaster/aes_operation.cpp
|
20d725d20a2ba8eba06caaf5d11e113e069161c0 |
|
25-Mar-2015 |
Thai Duong <thaidn@google.com> |
ECIES: implement KM_MODE_CTR. This implementation is rand counter-mode. When encrypting, if the caller doesn't specify the IV, Keymaster will randomly generate a 16-byte IV. Change-Id: I9096b83ca38be161b60b398271c99bc11e804b52
/system/keymaster/aes_operation.cpp
|
f01329d8692edde9a9ffb88f29f5d684eab481e2 |
|
12-Mar-2015 |
Shawn Willden <swillden@google.com> |
Improve error reporting and logging. Bug: 19603049 Bug: 19509317 Change-Id: I041c973802e6c567adc5b1f280fc5bac27ba28d6
/system/keymaster/aes_operation.cpp
|
92b69a300beb364bfab57a16d1e965dcdf755d4a |
|
14-Mar-2015 |
Shawn Willden <swillden@google.com> |
Fix delete/delete[] mismatch & check for failed alloc. Change-Id: Ieb73e5cb11869436771bf463d41e5510d6b93507
/system/keymaster/aes_operation.cpp
|
7a62f5e84c579b85104fd617040a57b5dcb9fef2 |
|
10-Mar-2015 |
Shawn Willden <swillden@google.com> |
Handle AES CBC IVs via input/output params. Change-Id: Idd98103943e661e0940f274c3b3342192d211438
/system/keymaster/aes_operation.cpp
|
dfa1c030e941cba4e66b362854d84b19298353c9 |
|
07-Feb-2015 |
Shawn Willden <swillden@google.com> |
Add AAD support to AES OCB. Also add OCB test vectors. Change-Id: I33074bfea142aab334916c4567f92a6645fcab9f
/system/keymaster/aes_operation.cpp
|
498e0aa0e02fba5cacf1f9ba012b3f406e1f4e25 |
|
04-Mar-2015 |
Shawn Willden <swillden@google.com> |
Remove support for CFB and OFB modes. They're not supported by the openssl in Trusty, and we don't actually need them for now, so just remove them. Change-Id: I6ca385fff34dba8732d001c03c502d62136477a0
/system/keymaster/aes_operation.cpp
|
f0f68b976b0ffac10d3e0efddc5bee38fd9d1ea3 |
|
31-Dec-2014 |
Shawn Willden <swillden@google.com> |
Add AES ECB, CBC, OFB and CFB support. Change-Id: I7a4e8eaa3be5f20e87ab1f16b0b6bfc1fa47b74c
/system/keymaster/aes_operation.cpp
|
567a4a04f43d35b785d50508e6459b01f2ab4d14 |
|
31-Dec-2014 |
Shawn Willden <swillden@google.com> |
Switch to using global logger Change-Id: I7af02342320a9a431cd9845baaf5dbcf61d460c2
/system/keymaster/aes_operation.cpp
|
63ac043f81f8e2a15bbadcb6628b92096295ab6a |
|
29-Dec-2014 |
Shawn Willden <swillden@google.com> |
Refactor operation creation to use an operation factory registry. Also modify GoogleKeymaster to query the operation factories to get lists of supported modes and digests. Change-Id: Ied30185df5dddaeaeb1106df63237757896d77db
/system/keymaster/aes_operation.cpp
|
6dde87c27ec620c0962507b58ece3fbe94bbff02 |
|
11-Dec-2014 |
Shawn Willden <swillden@google.com> |
Add AES OCB decryption. Also, refactor to extract functionality that will be common to all AEAD modes. Change-Id: I4bcf12c9d2d464ab1af559c69031904ffae45e25
/system/keymaster/aes_operation.cpp
|
907c3015d0edf1e43cdc9e0bba0e3fc23dca8cfc |
|
08-Dec-2014 |
Shawn Willden <swillden@google.com> |
Add support for AES OCB encryption. This change was already reviewed, merged and reverted, so I'm skipping the review step this time. Change-Id: Ibc80bec7e47468d4eb668f1bd9a188e51cb7d567
/system/keymaster/aes_operation.cpp
|
29d898717bc48ca59cd3fb1e30efdad36f13ccec |
|
20-Jan-2015 |
Shawn Willden <swillden@google.com> |
Revert "Add support for AES OCB encryption." This reverts commit 5e251019d7402f4bf43b7acf287cf69372885f1b.
/system/keymaster/aes_operation.cpp
|
5e251019d7402f4bf43b7acf287cf69372885f1b |
|
08-Dec-2014 |
Shawn Willden <swillden@google.com> |
Add support for AES OCB encryption. Change-Id: I97ab46fdce972d29af261041c41cf38d6904e736
/system/keymaster/aes_operation.cpp
|