| 6169239b942fc2f6e8721b219f84b506c106fbe1 |
|
26-Mar-2018 |
Eran Messeri <eranm@google.com> |
Utilize verbose KeyChain errors
As KeyChain reports detailed error codes about failure to generate keys
or attestation records for them, log these detailed errors and throw an
exception if the hardware does not support Device ID attestation.
Bug: 72642093
Bug: 73448533
Test: cts-tradefed run commandAndExit cts-dev -s 127.0.0.1:50487 -a x86_64 -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.DeviceOwnerTest#testKeyManagement -l DEBUG
Change-Id: Ib12efcf48c158373e1fc28cc51d67e70282d029e
/frameworks/base/keystore/java/android/security/IKeyChainService.aidl
|
| 94d56761249a8e8c073867c17bba59b4a898f113 |
|
21-Dec-2017 |
Eran Messeri <eranm@google.com> |
DPM: Implement Device ID attestation
Enable requesting inclusion of device identifiers in the attestation
record issued for keys generated by generateKeyPair.
This is done by passing an array of flags with values indicating which
identifiers should be included.
Since the attestation record will include sensitive identifiers, it can
only be requested by the DPC in Device Owner mode or by the Delegated
Cert Installer in Device Owner mode.
Design note:
DevicePolicyManager defines its own set of constants for the different
identifier types (ID_TYPE_*) and prior to calling
DevicePolicyManagerService it translates them to the values defined by
AttestationUtils (which is not a public class).
The reason is to allow re-use of code in AttestationUtils for preparing
the attestation arguments.
In theory, these constants could be moved from AttestationUtils to
DevicePolicyManager, however that would create a dependency on DPM from
Keystore, which logically does not make sense as Keystore is independent
of the DPM (and in a lower level of the system, conceptually).
Bug: 63388672
Test: cts-tradefed run commandAndExit cts-dev -a armeabi-v7a -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.DeviceOwnerTest#testKeyManagement; runtest frameworks-services -c com.android.server.devicepolicy.DevicePolicyManagerTest#testTranslationOfIdAttestationFlag
Change-Id: Ifb42e8e813fa812a08203b4a81d15b1f91152354
/frameworks/base/keystore/java/android/security/IKeyChainService.aidl
|
| ecf0f22e5831832afb48c86abfaa81234c8db619 |
|
11-Dec-2017 |
Eran Messeri <eranm@google.com> |
DPM: Implement installing certificates for generated keys
Add a new method in the DevicePolicyManager to associate certificates (and
set the user-visibility) with a given key alias.
Conceptually, the new method, setKeyPairCertificate is very similar to
installKeyPair, except it does not install a key, only certificates.
(The new setKeyPairCertificate, together with generateKeyPair is
functionally equivalent to installKeyPair, except the keys are generated
in hardware rather than supplied externally).
Bug: 63388672
Test: cts-tradefed run commandAndExit cts-dev -a armeabi-v7a -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.DeviceOwnerTest#testKeyManagement -l DEBUG
Change-Id: Idbfe151f6e5311766decbc1a010bff78dc60249f
/frameworks/base/keystore/java/android/security/IKeyChainService.aidl
|
| a173064047d304837d907b9b39ece5c14adf2b25 |
|
11-Dec-2017 |
Eran Messeri <eranm@google.com> |
DevicePolicyManager: Support attestation for generated keys.
If the KeyGenParameterSpec passed into
DevicePolicyManager.generateKeyPair contains an attestation challenge,
request an attestation record for the newly-generated key with the
challenge provided.
This particular implementation was chosen, rather than letting the
attestation record be generated at the same time as key generation, to
avoid having the attestation chain stored in Keystore and associated
with the generated alias.
The rationale is that this is a key that is potentially accessible by
multiple applications and the attestation chain may end up being sent
as a TLS client certificate chain, for example.
As the attestation challenge should be unique per device, to avoid
the potential of sending / sharing unique device information, by
explicitly requesting an attestation record after key generation, the
attestation record is only returned to the generateKeyPair client and
not persistend in Keystore.
Bug: 63388672
Test: New CTS test to be run with: 'cts-tradefed run commandAndExit cts-dev -a armeabi-v7a -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.DeviceOwnerTest#testKeyManagement -l DEBUG'
Change-Id: I95a9aef179173b571b533301ac438c675e8fe702
/frameworks/base/keystore/java/android/security/IKeyChainService.aidl
|
| 852c8f121f2e502e1e8503bfc230dccb81b681d4 |
|
15-Nov-2017 |
Eran Messeri <eranm@google.com> |
DevicePolicyManager: Add key generation functionality.
This is the crux of the Verified Access feature implementation:
Adding the ability to generate KeyChain keys directly by the
secure hardware, rather than installing software-generated keys
into KeyChain.
Add generateKeyPair to the DevicePolicyManager, which delegates key
generation (via the DevicePolicyManagerService) to the KeyChainService.
Design highlights:
* The key generation is delegated via the DevicePolicyManagerService to
check that only authorized callers request key generation in KeyChain.
* KeyChainService performs the actual key generation so it owns the key
in Keystore outright.
* DevicePolicyManagerService then grants the calling app access to the
Keystore key, so it can actually be used.
* Loading the public/private key pair, as well as attestation
certificate chain, is done in the client code (DevicePolicyManager)
to save parceling / unparceling those objects across process
boundaries twice (for no good reason).
NOTE: The key attestation functionality (that includes Device ID) is
missing/untested. Will be added in a follow-up CL as this one is quite
big already.
HIGHLIGHT FOR REVIEWERS:
* API: New API in DevicePolicyManager.
Bug: 63388672
Test: cts-tradefed run commandAndExit cts-dev -a armeabi-v7a -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.DeviceOwnerTest#testKeyManagement -l DEBUG; adb shell am instrument 'android.security.tests/android.support.test.runner.AndroidJUnitRunner' (After building the KeystoreTests target and installing the apk)
Change-Id: I73762c9123f32a94d454ba4f8b533883b55c44cc
/frameworks/base/keystore/java/android/security/IKeyChainService.aidl
|
| 7039f416c3db02bafc43dda0fc6db87b6ace2745 |
|
08-Nov-2017 |
Eran Messeri <eranm@google.com> |
KeyChain: Adding methods for user-visibility.
Add to the KeyChain aidl two methods for getting and setting whether
a key can be selectable by the user or not.
See
https://googleplex-android-review.git.corp.google.com/#/c/platform/packages/apps/KeyChain/+/3199414/
Test: To be determined.
Bug: 65624467
Change-Id: Ib31a11ca432a5d29fdb8ed5349598dbff4bcb516
/frameworks/base/keystore/java/android/security/IKeyChainService.aidl
|
| 05dc9f764c9d399add8b7495e680f66d098c55eb |
|
22-Feb-2017 |
Bartosz Fabianowski <bartfab@google.com> |
Add API for checking which CA certs were installed by the DO/PO
With this API, the system can determine whether a CA cert was
installed by the user or the user's DO/PO.
Bug: 32692748
Test: unit tests (see DevicePolicyManagerTest.java for invocation)
Test: cts-tradefed run cts-dev --module CtsDevicePolicyManagerTestCases
Change-Id: I3bcae5ac18ec2b110154184fc515df804fd73da6
/frameworks/base/keystore/java/android/security/IKeyChainService.aidl
|
| abaa0695c5361b36a7a2cdbe87c77bf60be20af7 |
|
20-Feb-2017 |
Robin Lee <rgl@google.com> |
Delete ParcelableString, add StringParceledListSlice
Both inherit from package private BaseParceledListSlice.
This is still bad, but it's not as bad. The existing code that uses
this can just do Foo.bar().getList() now instead of having to marshal
to and from an oddball type at either end as well.
In the longer term ParceledListSlice<> should be eliminated, but it's
not clear how far into the future that is going to happen.
Test: runtest -x services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java
Test: runtest -x core/tests/coretests/src/android/content/pm/ParceledListSliceTest.java
Change-Id: Ie69b96b5215d6e04990f6d31345772cdfee21d78
/frameworks/base/keystore/java/android/security/IKeyChainService.aidl
|
| b43659170824dd8d753d9249fe6ccfd37c6221ae |
|
23-Mar-2016 |
Rubin Xu <rubinxu@google.com> |
Add DevicePolicyManager API to install a client cert chain.
When installing a keypair the caller will have the option to specify a
certificate chain which will later be returned to whoever requests access
to the keypair via KeyChain.
Bug: 18239590
Change-Id: Id21ef026e31537db38d891cb9b712dd4fe7159c7
/frameworks/base/keystore/java/android/security/IKeyChainService.aidl
|
| fbc65644b9bda216699f5f1f883d6dfa2668e545 |
|
03-Aug-2015 |
Robin Lee <rgl@google.com> |
DevicePolicy API to remove an installed KeyPair
The keypair is specified by alias and removed via a call to the
KeyChainService, which will have installed the pair in the first place.
Bug: 22541933
Change-Id: I37317e7c22e89816156e6e9a7abf4c5a59e8440a
/frameworks/base/keystore/java/android/security/IKeyChainService.aidl
|
| 26408ccd8e852d947e58021792bfc3b315e5948d |
|
08-Sep-2014 |
Bernhard Bauer <bauerb@google.com> |
Add DevicePolicyManager PrivateKey mgmt
Additional device policy API to install keypairs to the keychain
silently.
Bug: 15065444
Change-Id: Idc25774c9ab1a61080290bebd6f5c4f24e6ee2e0
/frameworks/base/keystore/java/android/security/IKeyChainService.aidl
|
| f0ae135049048424bceccb0799b12377181b25f0 |
|
18-Aug-2014 |
Zoltan Szatmary-Ban <szatmz@google.com> |
Extend IKeyChainService AIDL with CACert retrieval
Bug:16029580
Change-Id: I41a3bd2f3bd95550e59f1d0d0acd0e765d7b62d7
/frameworks/base/keystore/java/android/security/IKeyChainService.aidl
|
| 3291de8f6c8bc7ffa5992a2a5a5c2cf8bb0adf4b |
|
15-Aug-2014 |
Zoltan Szatmary-Ban <szatmz@google.com> |
Revert "Revert "Revert "Revert "Revert "Update Trusted Credentials screen in settings"""""
This reverts commit c9249c69813c6fb889d71d84583c67ae2942e6de.
Change-Id: I5504fddaf7b18efb73cd6c76678b3b39ce9b0229
/frameworks/base/keystore/java/android/security/IKeyChainService.aidl
|
| f8d72cc14f70f5af13342c4c7b107a8ab60dfe23 |
|
15-Aug-2014 |
Zoltan Szatmary-Ban <szatmz@google.com> |
Revert "Revert "Revert "Revert "Update Trusted Credentials screen in settings""""
This reverts commit 87efe74e092236c372d3b6909009641123aa416a.
This should be fine now with all the dependency CLs +2-ed
Change-Id: I96ad14ad5ff81e6b5391035cb6c5a62339c6cc40
/frameworks/base/keystore/java/android/security/IKeyChainService.aidl
|
| f75aadc028f2e79541a269bf2c74dcb3482e2ec7 |
|
15-Aug-2014 |
Narayan Kamath <narayan@google.com> |
Revert "Revert "Revert "Update Trusted Credentials screen in settings"""
This reverts commit 19c8ce291e89a9ef1442a20e1feab421b11536d7.
Change-Id: Ie5a5571127311e0a29f314c0566e779cfe940b53
/frameworks/base/keystore/java/android/security/IKeyChainService.aidl
|
| 1e7bc0def8c62b91d3eb985a51bec54063ce83f5 |
|
15-Aug-2014 |
Zoltan Szatmary-Ban <szatmz@google.com> |
Revert "Revert "Update Trusted Credentials screen in settings""
This reverts commit 0f0de0bdd021bad5f85fdb0399a4ea91a1611e25.
Change-Id: Ia3d0907e3d7c2ec42d64e45f60e3dfaffb932c3d
/frameworks/base/keystore/java/android/security/IKeyChainService.aidl
|
| 678e3ecc937c00969830700dffb42fb1ee232f7c |
|
07-Aug-2014 |
Zoltan Szatmary-Ban <szatmz@google.com> |
Revert "Update Trusted Credentials screen in settings"
This reverts commit 4fde5aa9fab931d9becfc49f7d7b8526ad5640d9.
Change-Id: I581c38d64e9829b0079bafa42615f2aa0bf64763
/frameworks/base/keystore/java/android/security/IKeyChainService.aidl
|
| 1386627335a79dd02fb34db344e63ca3abfce013 |
|
15-Jul-2014 |
Zoltan Szatmary-Ban <szatmz@google.com> |
Update Trusted Credentials screen in settings
Trusted credentials for both the primary user and its managed profiles are shown
on the Trusted Credentials fragment. All functionalities (e.g. disabling/enabling
of certificates) remain available.
Bug: 16029580
Change-Id: Ia92ae02d8c572bf4a3be172f6c255726cefc0fa1
/frameworks/base/keystore/java/android/security/IKeyChainService.aidl
|
| 5423e68d5dbe048ec6f042cce52a33f94184e9fb |
|
14-Nov-2011 |
Kenny Root <kroot@google.com> |
Add signing to keystore
Change the keystore to keep the private keys in keystore. When returned,
it uses the OpenSSL representation of the key to allow users to use it
in various operations through the OpenSSL ENGINE that connects to
keystore.
Change-Id: I3681f98cb2ec49ffc4a49f3821909313b4ab5735
/frameworks/base/keystore/java/android/security/IKeyChainService.aidl
|
| ab8b84ad3847788d83da557606aa27d4102e6b52 |
|
13-Jul-2011 |
Fred Quintana <fredq@google.com> |
Make the KeyChain handled its own grants rather than having
AccountManagerService handle them.
Change-Id: I89d272b22766f85019c1f947153d69e6dbb74c68
/frameworks/base/keystore/java/android/security/IKeyChainService.aidl
|
| 6da00334478df64921b68fcbb45c9d1eef6f35bd |
|
27-Jun-2011 |
Brian Carlstrom <bdc@google.com> |
Moving ssl_certificate layout, resources, and helper code to SslCertificate
Add IKeyChainService.deleteCaCertificate
Change-Id: If42341bc732efcfe4f958c00cdd6c0fec11a3c75
/frameworks/base/keystore/java/android/security/IKeyChainService.aidl
|
| ba1a667b1d6c95050f6c88316ac58fe9e0ff878b |
|
25-May-2011 |
Brian Carlstrom <bdc@google.com> |
Remove need for onActivityResult from KeyChain API
Change-Id: I97bb9db06978f6dc039d22bfee116671d7b3e336
/frameworks/base/keystore/java/android/security/IKeyChainService.aidl
|
| 8e9929c4d0730de4c9f01435a7cfe2db8855e24d |
|
17-May-2011 |
Brian Carlstrom <bdc@google.com> |
Simplify KeyChain API by removing now unneeded CA certificate lookup (1 of 3)
frameworks/base
Remove getCaCertificates and findIssuer from IKeyChainService,
these are now done via libcore's TrustedCertificateStore (as part
of the default TrustManager implementation)
keystore/java/android/security/IKeyChainService.aidl
Simplify KeyChain API. Now that the CA certificates are visible
through the default TrustManager, the KeyChain is solely focused on
retrieving PrivateKeys and their associated certificates. The
calling API for KeyChain to simply a single KeyChain.get() call
that returns a KeyChainResult, removing the need for a KeyChain
instance that needs to be closed.
keystore/java/android/security/KeyChain.java
keystore/java/android/security/KeyChainResult.java
master/libcore
Remove getDefaultIndexedPKIXParameters and
getIndexedPKIXParameters which was used as part of the prototype
of looking up CAs via the KeyChain but is obsoleted by the new
default TrustManager implementation.
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLParametersImpl.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustManagerImpl.java
packages/apps/KeyChain
Tracking simplified IKeyChainService, removing now unneeded
implementation, updating tests.
src/com/android/keychain/KeyChainService.java
tests/src/com/android/keychain/tests/KeyChainServiceTest.java
tests/src/com/android/keychain/tests/KeyChainTestActivity.java
Change-Id: I847b28c2f467c85f24d2b693a2fecc1cb46426b4
/frameworks/base/keystore/java/android/security/IKeyChainService.aidl
|
| 2627d53f65be672e9a27f735975de1bf3aebfec1 |
|
13-May-2011 |
Brian Carlstrom <bdc@google.com> |
Make CertInstaller installed CA certs trusted by applications via default TrustManager (1 of 6)
frameworks/base
Adding IKeyChainService APIs for CertInstaller and Settings use
keystore/java/android/security/IKeyChainService.aidl
libcore
Improve exceptions to include more information
luni/src/main/java/javax/security/auth/x500/X500Principal.java
Move guts of RootKeyStoreSpi to TrustedCertificateStore, leaving only KeyStoreSpi methods.
Added support for adding user CAs in a separate directroy for system.
Added support for removeing system CAs by placing a copy in a sytem directory
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/RootKeyStoreSpi.java
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustedCertificateStore.java
Formerly static methods on RootKeyStoreSpi are now instance methods on TrustedCertificateStore
luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustManagerImpl.java
Added test for NativeCrypto.X509_NAME_hash_old and X509_NAME_hash
to make sure the implementing algortims doe not change since
TrustedCertificateStore depend on X509_NAME_hash_old (OpenSSL
changed the algorithm from MD5 to SHA1 when moving from 0.9.8 to
1.0.0)
luni/src/test/java/org/apache/harmony/xnet/provider/jsse/NativeCryptoTest.java
Extensive test of new TrustedCertificateStore behavior
luni/src/test/java/org/apache/harmony/xnet/provider/jsse/TrustedCertificateStoreTest.java
TestKeyStore improvements
- Refactored TestKeyStore to provide simpler createCA method (and
internal createCertificate)
- Cleaned up to remove use of BouncyCastle specific X509Principal
in the TestKeyStore API when the public X500Principal would do.
- Cleaned up TestKeyStore support methods to not throw Exception
to remove need for static blocks for catch clauses in tests.
support/src/test/java/libcore/java/security/TestKeyStore.java
luni/src/test/java/libcore/java/security/KeyStoreTest.java
luni/src/test/java/org/apache/harmony/xnet/provider/jsse/NativeCryptoTest.java
packages/apps/CertInstaller
Change CertInstaller to call IKeyChainService.installCertificate
for CA certs to pass them to the KeyChainServiceTest which will
make them available to all apps through the
TrustedCertificateStore. Change PKCS12 extraction to use AsyncTask.
src/com/android/certinstaller/CertInstaller.java
Added installCaCertsToKeyChain and hasCaCerts accessor for use by
CertInstaller. Use hasUserCertificate() internally. Cleanup coding
style.
src/com/android/certinstaller/CredentialHelper.java
packages/apps/KeyChain
Added MANAGE_ACCOUNTS so that IKeyChainService.reset
implementation can remove KeyChain accounts.
AndroidManifest.xml
Implement new IKeyChainService methods:
- Added IKeyChainService.installCaCertificate to install certs
provided by CertInstaller using the TrustedCertificateStore.
- Added IKeyChainService.reset to allow Settings to remove the
KeyChain accounts so that any app granted access to keystore
credentials are revoked when the keystore is reset.
src/com/android/keychain/KeyChainService.java
packages/apps/Settings
Changed com.android.credentials.RESET credential reset action to
also call IKeyChainService.reset to remove any installed user CAs
and remove KeyChain accounts to have AccountManager revoke
credential granted to private keys removed during the RESET.
src/com/android/settings/CredentialStorage.java
Added toast text value for failure case
res/values/strings.xml
system/core
Have init create world readable /data/misc/keychain to allow apps
to access user added CA certificates installed by the CertInstaller.
rootdir/init.rc
Change-Id: I2e4b169cbb35d32d97f5d6a00d988fa389eadcb2
/frameworks/base/keystore/java/android/security/IKeyChainService.aidl
|
| b9a07c18e678da35b4c2a618b315fa174a21e818 |
|
11-Apr-2011 |
Brian Carlstrom <bdc@google.com> |
Adding KeyChain API and IKeyChainService
Change-Id: Id3eaa2d1315481f199777b50e875811e3532988a
/frameworks/base/keystore/java/android/security/IKeyChainService.aidl
|