ccfff10f66d568b91ed155a798c5eaac2551f160 |
|
01-May-2017 |
Janis Danisevskis <jdanis@google.com> |
Remove use of UniquePtr from keystore Remove UniquePtr from keystore in favour of std::unique_ptr Change-Id: I8e02adab4326028e26dbf59ac836679abe2a40de
/system/security/softkeymaster/keymaster_openssl.cpp
|
44ee6263b8eef8b65cb985ed88e1b413b0f25a12 |
|
14-Jan-2016 |
Adam Langley <agl@chromium.org> |
system/security/softkeymaster: don't pass a structure into |d2i_PrivateKey|. Some OpenSSL parsing functions have, historically, allowed a structure to be passed in to reuse that memory. There have been many bugs arising from this corner case and it's generally best to avoid it. This change just passes in NULL because a new structure was being allocated anyway. Also, the API didn't guarantee that the memory would always be reused – code had to check the updated pointer, which this didn't do. So it might have broken in the future. Change-Id: Iba98f9d11ece457cf6b66e2637bb8cb23f5930d2
/system/security/softkeymaster/keymaster_openssl.cpp
|
e1faa9fe7fa7066fad5fa182467a82084a0434b2 |
|
11-May-2015 |
Shawn Willden <swillden@google.com> |
Set flags correctly for softkeymaster. Change-Id: Ib7f4996d2e2002db4892d5585761a053f6698495
/system/security/softkeymaster/keymaster_openssl.cpp
|
461d97ef953991d2efc7a533d90260fad6e1a249 |
|
18-Mar-2015 |
Shawn Willden <swillden@google.com> |
Fix memory leak in keymaster_openssl. Also, include softkeymaster.h so it can be built from keymaster dir. This is needed for the keymaster0 adapter tests. Bug: 19508876 Change-Id: I8110af586d699d990837005e2a9c209dc1a91c2c
/system/security/softkeymaster/keymaster_openssl.cpp
|
a5bbf2fb2a4853ecf6ae77ffee3efeb7a862498a |
|
24-Feb-2015 |
Shawn Willden <swillden@google.com> |
Separate keymaster0 and keymaster1 HALs. Change-Id: I5c54282c12d1c4b8b22ed4929b6e6c724a94ede4
/system/security/softkeymaster/keymaster_openssl.cpp
|
c0703ac25af5b0e0c7386fb736e39977df0227b8 |
|
12-Jan-2015 |
Chad Brubaker <cbrubaker@google.com> |
Move hardware module methods to libsoftkeymanager This allows keystore to create a keystore_device for the softkeymanager and use that instead of calling the openssl_* methods directly. Change-Id: I232e4ff9ff2b498465d7d3e566e3c4a883ced0c0
/system/security/softkeymaster/keymaster_openssl.cpp
|
b2747fedfbb2f990452b38aad6576c87b493c8c1 |
|
12-Dec-2014 |
Adam Langley <agl@google.com> |
system/security: sync with latest BoringSSL. This change allows system/security to build with the latest BoringSSL. 1) RSA methods have gained a function pointer, |supports_digest|, which allows methods to indicate that they only support certain hash functions via the high-level interface. 2) EC_GROUP_set_point_conversion_form has been removed (it was previously a no-op). Change-Id: I590094d8904f418cfd6baf064ac9799525fbc09e
/system/security/softkeymaster/keymaster_openssl.cpp
|
53d13c518521b219bb5fb6015820e638a4b7a5d7 |
|
24-Sep-2014 |
Adam Langley <agl@google.com> |
Update softkeymaster for BoringSSL. * Disable an odd, 192-bit curve that BoringSSL no longer supports. * Only set the "ASN.1 flag" when not using BoringSSL as it's the default now in BoringSSL. * Use a non-deprecated function to free the thread's error queue. Change-Id: I54a08724aef0344421fe9097e524d66550af0f81
/system/security/softkeymaster/keymaster_openssl.cpp
|
18a00e163f4c107a2c88d51455c4963be783333a |
|
17-Jun-2014 |
Shawn Willden <swillden@google.com> |
Fix softkeymaster EC group memory leak. EC_KEY_set_group dups the group passed to it rather than taking ownership. Change-Id: Id9560b588130ee8be506983cf70aaf79a11bb6e7
/system/security/softkeymaster/keymaster_openssl.cpp
|
2cd28fac7f7cb71f71c54d9de9d407b1dd4e15bc |
|
13-Jun-2014 |
Shawn Willden <swillden@google.com> |
Use template instead of macro to release UniquePtrs. Change-Id: Icb6674517ed48e3f4bb56818eef0c0756d6dd3d3
/system/security/softkeymaster/keymaster_openssl.cpp
|
8d0531e9748aa5e4860d3b52c6b0c88cea52f8bd |
|
17-Jun-2014 |
Shawn Willden <swillden@google.com> |
Make usage of new/delete and malloc/free consistent. All buffers returned to the caller should be allocated with malloc, since the caller assumes it's calling a C API. Internally, stuff allocated with new should be freed with delete, and so on. Change-Id: Ie08d910b9f6ebee38dc39127310e695453d1256f
/system/security/softkeymaster/keymaster_openssl.cpp
|
1406b8af2b1490405557561fc88fb70ae17a6b79 |
|
12-Jun-2014 |
Shawn Willden <swillden@google.com> |
Reformat software keymaster with clang-format. I'm going to be making extensive changes in these files so it's convenient to apply clang-format up front so I can let it handle formatting for the real work. Also made them pass cpplint.py (except that cpplint wants me to name the softkeymaster.h guard incorrectly). Change-Id: I0f3717300c3536feabc38f0f0648aeb51bf77cee
/system/security/softkeymaster/keymaster_openssl.cpp
|
6489e02e134e4779d35c4a340ff68ad445fde133 |
|
02-Dec-2013 |
Matteo Franchin <matteo.franchin@arm.com> |
Use %zu, %td for size_t, ptrdiff_t, respectively. Changing ALOG format strings to %zu (for one size_t integer) and to %td (for a couple of pointer differences). These changes are necessary when compiling for LP64 architectures. Change-Id: I9bb667500af1b82c360f0fc84e50d70bd46cba6e Signed-off-by: Matteo Franchin <matteo.franchin@arm.com>
/system/security/softkeymaster/keymaster_openssl.cpp
|
26cfc08add3966eca5892e3387cf5ed6dc3068fb |
|
11-Sep-2013 |
Kenny Root <kroot@google.com> |
Use canonical UniquePtr.h header Change-Id: Iab1dc428c2330a07a5944a1cfbb25c8134b11950
/system/security/softkeymaster/keymaster_openssl.cpp
|
b4d2e0233f6aeb69d4c2a216830709040e52366e |
|
04-Sep-2013 |
Kenny Root <kroot@google.com> |
Provide fallback for keymaster implementations Some implementations won't support ECDSA or DSA, so provide a fallback for them by using the softkeymaster implementation. This will allow us to universally support ECDSA and DSA on all platforms regardless of HAL version. (cherry picked from commit 17208e0de5a42722901d803118745cca25fd10c1) Bug: 10600582 Change-Id: Ic02102cb2b7f66e2ad3469f4edd9d03c4ae3fdf4
/system/security/softkeymaster/keymaster_openssl.cpp
|
6071179a371fcd4c238375068ffd7d3cedea615d |
|
16-Aug-2013 |
Kenny Root <kroot@google.com> |
Add support for DSA and ECDSA key types Change-Id: Ibee8d172eeb36f1a2e2ce62f275aea55ada5bcbf
/system/security/softkeymaster/keymaster_openssl.cpp
|
07438c8d7256d3788dac323b4d0055f201e0bec9 |
|
02-Nov-2012 |
Kenny Root <kroot@google.com> |
Switch keystore to binder Change-Id: I6dacdc43bcc1a56e47655e37e825ee6a205eb56b
/system/security/softkeymaster/keymaster_openssl.cpp
|
c0ff10d48be65cbf498636539316cc378b1c9424 |
|
17-May-2012 |
Kenny Root <kroot@google.com> |
Make sure delete_all function pointer is NULL The peril of not using calloc mean delete_all is not initialized until we explcitly set it. Explicitly set delete_all to NULL to avoid that. Change-Id: Ic370453e6142c6d1b2566df9844b4fac4bc53042
/system/security/softkeymaster/keymaster_openssl.cpp
|
98c2f8fcc1263a9d94adac66994fffc96c0df699 |
|
28-Mar-2012 |
Colin Cross <ccross@android.com> |
use UniquePtr.h from frameworks/native Use the UniquePtr.h include from frameworks/native/include/utils to fix the pdk build. Change-Id: Ic415b43d2eb8c0b7ef54b6f3f75b7fa0d5f7a058
/system/security/softkeymaster/keymaster_openssl.cpp
|
822c3a99d930e9299e2fad2fb3e0ff91b119b95a |
|
24-Mar-2012 |
Kenny Root <kroot@google.com> |
Add support for upgrading key types Old key types were not distinguished by the keystore itself. This change takes some of the reserved fields in the old format and changes it to a version number and key type. Change-Id: I45bd4cdce042617641fe7bd742bbe26da6024996
/system/security/softkeymaster/keymaster_openssl.cpp
|
70e3a86abd2c412d602a018967c01c177eb6cf4e |
|
16-Feb-2012 |
Kenny Root <kroot@google.com> |
Add keymaster to keystore with soft implementation Add hardware crypto capabilities to keystore. This allows hardware escrow of private key material. There is also an OpenSSL engine that connects to keystore to allow use of the keystore keys from native code built into the platform. This includes a software implementation of keymaster using OpenSSL as the backend. This is just as insecure as the previous solution, but it's needed so devices without hardware support can continue to operate in the new scheme without a lot of compatibility code. Change-Id: I2bc67766e1f633ef1cbbd2874a65962074e84f4f
/system/security/softkeymaster/keymaster_openssl.cpp
|