| 9371e95bb0aa3df0a433c711de071f92be5de4d8 |
|
23-Feb-2018 |
Brian Young <bcyoung@google.com> |
Add "unlocked device required" keystore API
Add a keymaster parameter for keys that should be inaccessible when
the device screen is locked. "Locked" here is a state where the device
can be used or accessed without any further trust factor such as a
PIN, password, fingerprint, or trusted face or voice.
This parameter is added to the Java keystore interface for key
creation and import, as well as enums specified by and for the native
keystore process.
This commit adds the API only, full functionality will be added in a
later change.
Test: CTS tests in CtsKeystoreTestCases
Bug: 67752510
Merged-In: I210fbb635a2c98e3d6208859387a5eb3f10ab976
Change-Id: I210fbb635a2c98e3d6208859387a5eb3f10ab976
(cherry picked from commit 947877a55c9adeb7fbbe2d6215735515e4cec9e3)
/system/security/keystore/binder/android/security/IKeystoreService.aidl
|
| eec88d343a1105d4da5c108c49258e2ccc131f4a |
|
27-Feb-2018 |
TreeHugger Robot <treehugger-gerrit@google.com> |
Merge "Add isConfirmationPromptSupported() method."
|
| 64ec1fefbd40956fa8544bf34922cff55e96f997 |
|
27-Feb-2018 |
Janis Danisevskis <jdanis@google.com> |
Fix appId, clientId, appData refactoring oopsie
Test: yes
Change-Id: Ibbead8ca5b2d302395cfdc3224f7bcd477b708e7
/system/security/keystore/binder/android/security/IKeystoreService.aidl
|
| 1a49231d4a31d3a8a42ef345f03063852c19de2f |
|
26-Feb-2018 |
David Zeuthen <zeuthen@google.com> |
Add isConfirmationPromptSupported() method.
This will be used by the android.security.ConfirmationDialog.isSupported() and
is intended so that apps can know ahead of time whether the device implements
the ConfirmationUI HAL.
Bug: 63928580
Test: Manually tested.
Change-Id: I6347824b4e2330a93b7a7ffd7cf5b206009a564e
/system/security/keystore/binder/android/security/IKeystoreService.aidl
|
| ccb492da4478a11210b1a7aa885ad38958ca837f |
|
23-Feb-2018 |
Brian Young <bcyoung@google.com> |
Revert "Restore "Add "Unlocked device required" parameter to keys""
This reverts commit 05900c1ad8bb08646bdcbb68a90904b86ebf1c45.
Reason for revert: Regression in creating auth-bound keys
Bug: 73773914
Bug: 67752510
Change-Id: I2b247ec871d2a0a2adb9100559e4c821aeba265d
/system/security/keystore/binder/android/security/IKeystoreService.aidl
|
| 05900c1ad8bb08646bdcbb68a90904b86ebf1c45 |
|
08-Dec-2017 |
Brian C. Young <bcyoung@google.com> |
Restore "Add "Unlocked device required" parameter to keys"
Add a keymaster parameter for keys that should be inaccessible when
the device screen is locked. "Locked" here is a state where the device
can be used or accessed without any further trust factor such as a
PIN, password, fingerprint, or trusted face or voice.
This parameter is added to the Java keystore interface for key
creation and import, as well as enums specified by and for the native
keystore process.
This reverts commit 1b75929a58c32882d21d04ee1df2a60a199923bd.
Test: CTS tests in I8a5affd1eaed176756175158e3057e44934fffed
Bug: 67752510
Change-Id: I4becf698f8bc34b7a9d53ab2200480480fdd1a9c
/system/security/keystore/binder/android/security/IKeystoreService.aidl
|
| 3bd6a51a6d49e465bcb03a43998f5bd9367fb59c |
|
14-Feb-2018 |
Logan Chien <loganchien@google.com> |
Fix PDK build
This commit moves "IConfirmationPromptCallback.aidl" and
"IKeystoreService.aidl" to "system/security/keystore/binder" so that
"libkeystore_aidl" can be built in PDK builds.
Test: Run `cts-tradefed run cts -m CtsKeystoreTestCases` on Pixel 2017
and the test results are idential with and without this CL.
Test: Build PDK with special manifest described in
http://b/69539820#comment18 and http://b/69539820#comment19.
Test: Build a target (described in http://b/72961456) with
`platform.zip` built from master FSK source tree.
Bug: 69539820
Bug: 72961456
Change-Id: Ia0979568835efaf24508b0fac97357c85fd3f44c
/system/security/keystore/binder/android/security/IKeystoreService.aidl
|