d16d923716a4e54ca4c9003ff4b356705f1e10b7 |
|
22-Jan-2018 |
TreeHugger Robot <treehugger-gerrit@google.com> |
Merge "Add additional parameters to importWrappedKey"
|
3c665a20c7a63fc601b5d21d8bf7a1b5567ffa6f |
|
19-Jan-2018 |
Shawn Willden <swillden@google.com> |
Add additional parameters to importWrappedKey Bug: 31675676 Test: local unit tests and VtsHalKeymasterV4_0TargetTest Change-Id: Ia865b035604b3d42ab5b3de6f22b2fac8400ddbf
/system/keymaster/android_keymaster/android_keymaster.cpp
|
18534d54bc4b5087dc10d4c8901ce38ed19669db |
|
08-Jan-2018 |
Shawn Willden <swillden@google.com> |
Add VerifyAuthorization support. Test: VtsHalKeymasterV4_0TargetTest Change-Id: I1f9a952ee2ad3605f67f58c9f57a46df57556f92
/system/keymaster/android_keymaster/android_keymaster.cpp
|
dd7e8a099bdc6310c066d7b99f29faa8d0932c86 |
|
12-Jan-2018 |
Shawn Willden <swillden@google.com> |
AndroidKeymaster: ImportWrappedKey •Add KM_PURPOSE_WRAP for wrapped key import •Parse the wrapped key format Test: tests/android_keymaster_test Change-Id: I06b61128ff72b119747cfce9cab754b22a13ec00
/system/keymaster/android_keymaster/android_keymaster.cpp
|
deffcb7efaac94b2c674247cb9888a0af3d7e256 |
|
08-Jan-2018 |
Shawn Willden <swillden@google.com> |
Move Key into Operation The Keymaster implementation creates a Key object and then passes it to an Operation object, which copies parts of it. The Key object is not needed after the Operation has been created, so much of that copying is unnecessary. This CL begins changes that by passing an rvalue reference to the Key to the Operation, and modifying operations so they move the pieces of the Key that they need out, wherever possible. Test: make (local unit tests), VTS and CTS Change-Id: I6c9a27d9ee85ccaeed1efb0fcc3ed0f8694c5771
/system/keymaster/android_keymaster/android_keymaster.cpp
|
8b940582387a8a8f35584bd557b01a8b87610481 |
|
02-Jan-2018 |
Shawn Willden <swillden@google.com> |
Implement HMAC sharing in Android keymaster. Test: make tests/android_keymaster_test.run Change-Id: I5372b97e97a2e13bd551c422bb15d27246d8cb47
/system/keymaster/android_keymaster/android_keymaster.cpp
|
59c6af81b6b510dd991ab04b8d65f1bab966d0c8 |
|
01-Jun-2017 |
Janis Danisevskis <jdanis@google.com> |
Key class takes ownership of AuthorizationSets The key object is constantly passed around together with the two authorization sets, while the Key class has a field for the combined authorizations sets. This is doubly awkward. 1. In the combined authorization list the information about the level of enforcement is lost. 2. The combined authorization list takes up memory that is up to the same size as the two separate authorization list which have roughly the same life cycle. Also the allocation of the additional memory can cause the constructor of Key to fail (i.e., in the TEE environment) which gave rise to the error [out] parameter to communicate the failure to the caller. With this patch, the constructor of Key takes ownership of the individual authorization lists. This preserves the information about the enforcement levels (1). The AuthorizationSets can now be passed around conveniently with the key it belongs to. The memory for authorizations is no longer duplicated (2). And the move semantic of the constructor guarantees that it can no longer fail obviating the need for the error [out] parameter. Additionally the Key class now keeps the original key blob around. It also got a key_factory_ field allowing a key to be associated with its factory. This is particularly useful for hybrid keymaster implementation where keys can have different factories, depending on their authorizations. Test: VtsHalKeymasterV3_0TargetTest Bug: 67358942 Change-Id: I1d235e16f9120b3d29ef4c71ff7a19d98700559f
/system/keymaster/android_keymaster/android_keymaster.cpp
|
dc877aea40979bb5a18206cd9cec7bb4f31442e2 |
|
15-May-2017 |
Janis Danisevskis <jdanis@google.com> |
UniquePtrize Operations Have Operations handled by UniquePtrs. Also add keymaster::remove_reference and keymaster::move to express proper move semantics without requiring stl. Test: VtsHalKeymasterV3_0TargetTest Bug: 67358942 Change-Id: I2b1802835316daa93e424c1ce1f49a03d00d93ff
/system/keymaster/android_keymaster/android_keymaster.cpp
|
f3dc0b841da2c8938e4a8081ef6c6199ed92c876 |
|
15-May-2017 |
Janis Danisevskis <jdanis@google.com> |
Moved operation handle generation into the begin operation I moved the generation of a operation handle into the operation implementation. Random number generation is highly implementation dependent, and the bookkeeping of operations is very generic. An AndroidKeymaster implementation that uses another legacy keymaster implementation does not need either. But while the bookkeeping is very lightweight and self contained, the random number generation pulls in dependencies (here openssl) which are not needed. Therefore, I decided to move the generation of operation handles out of the OperationTable (bookkeeping). And into the begin operation, where dependencies to crypto functionality already exists. Edit: This patch now also includes the fix for Bug: 65286954 Previously fixed by CL: I320c5d03911942e873680ba0d7ea91044920e936 Bug: 65286954 Test: VtsHalKeymasterV3_0TargetTest Bug: 67358942 Change-Id: Idd27915e4f3db816d3257144fb9e1c664920ffba
/system/keymaster/android_keymaster/android_keymaster.cpp
|
3bfda165bb8a2b91dfe039c92f96cd50aa3d8c2e |
|
12-May-2017 |
Janis Danisevskis <jdanis@google.com> |
Move attestation related code to seperate compilation unit Attestation related functions from KeymasterContext are never called by AndroidKeymaster but rather by the code that imiplmenets attestation. Therefore, this patch moves this interface from KeymasterContext to AttestationRecordContext in attestation_record.h. Also - Move attestation key material to contexts/soft_attestation_certs for reuse by other contexts. - Moved attestation related code from asymmetric_key to attestation_utils. Test: VtsHalKeymasterV3_0TargetTest Bug: 67358942 Change-Id: I38ed66f69629893783dc639166855963ae7b43f6
/system/keymaster/android_keymaster/android_keymaster.cpp
|
a93a1fa619c986265cd8c06c9de2bd34c6d68152 |
|
12-May-2017 |
Janis Danisevskis <jdanis@google.com> |
Removed unused code and more cleanup - whitespace fixes - initialize uninitialized class field - use existing typedef instead of longform of UniquePtr specialization Test: VtsHalKeymasterV3_0TargetTest Bug: 67358942 Change-Id: I18adb32952315a0392399c2d74a11d7990f435b0
/system/keymaster/android_keymaster/android_keymaster.cpp
|
41d5a7486e335387c8dd9437e0c84b285b5c7f28 |
|
12-May-2017 |
Janis Danisevskis <jdanis@google.com> |
Factoring GenerateRandom out of the KeymasterContext GenerateRandom is never called by AndroidKeymaster and is, therefore, not requiered to be part of the KeymasterContext interface. This patch moves Generate Random out of KeymasterContext and introduces a new abstract interface GenerateRandom. It also provides a default openssl based impelemtation, SoftwareRandomSource. As of this patch GenerateRandom is still called by OperationTable which is part of the AndroidKeymaster core logic. This is why KeymasterContext still implements the new RandomSource interface unconditionally. This will change in a subsequent commit. Test: VtsHalKeymasterV3_0TargetTest Bug: 67358942 Change-Id: Ib16aeb80bf777d7b08d06deadae8a32de280f8ba
/system/keymaster/android_keymaster/android_keymaster.cpp
|
f54cc93ccf57a94f9a2c660dbf3e06494adf178d |
|
11-May-2017 |
Janis Danisevskis <jdanis@google.com> |
Reorganize keymaster directories Keymaster files have been reorganized into the following directories - android_keymaster The core android keymaster logic including some utilities that have no special libray dependencies - km_openssl Openssl based implementation primitives of android keymaster. These primitives can be used to implemented an openssl based software implementation of AndroidKeymaster. - legacy_support Primitives implemented in terms of older keymaster hal version. These primitives can be used to implement AndroidKeymaster in terms of keymaster 0 or 1 hals. They are used to provide wrappers around old keymaster hals, filling in missing features with software implementations. - contexts Implementations of various contexts from pure software to legacy hal hybrids. - key_blob_utils Support code for formatting keymaster key blobs including support for legacy android keymaster blob formats. Test: VtsHalKeymasterV3_0TargetTest Bug: 67358942 Change-Id: Ia8eacd301a5c5fa5f5f625caafcec5d07e168249
/system/keymaster/android_keymaster/android_keymaster.cpp
|