| Age | Commit message (Collapse) | Author |
|---|
|
Bug: 220074017
Change-Id: Idfdd94e902f656ac65a2a75dfdd199f6f85ba472
|
|
The code was doing a reference compare, not object value comparison,
resulting in failures in the KeyStore setEntry API.
Test: CtsKeystoreTestCases:android.keystore.cts.AndroidKeyStoreTest
Bug: 197138784
Change-Id: I2c5e47283eed5694951869e9ea3853364ddef9d1
Merged-In: I2c5e47283eed5694951869e9ea3853364ddef9d1
|
|
Callbacks on ServiceConnection happen on the main UI thread for an
application. Since the thread that calls bindService then immediately
blocks to wait for the service to be connected, this will cause a
deadlock if key operations are happening on the main UI thread.
This bug has likely not been detected yet since key operations are not
supposed to be performed on the main UI thread, however it was uncovered
in a similar application during other testing. This fix ensures the
ServiceConnection object's callbacks will be triggered from a separate
thread from the calling thread.
Bug: 196571032
Test: Apps that run key operations on the UI thread don't hang.
Change-Id: I630a0ef2560a8ebd962de54c65e3d6277133a1cb
|
|
|
|
This file was written on the assumption that bindService was
synchronous, which it isn't. This change adds a CountDownLatch to force
the class to wait for the binding to finish. If the relevant key
generation service is not present on the system, then this
functionality will just silently be skipped over.
Bug: 190222116
Test: atest RemoteProvisionerUnitTests
Change-Id: Ie34997a08aa743642c66a20c4b756cd47bff4af1
Merged-In: Ie34997a08aa743642c66a20c4b756cd47bff4af1
|
|
The KeyMint spec requires the specification of the EC_CURVE tag when
generating an EC key. This patch adds the correct curve tag parameter to
the parameter list.
Test: CtsVerifier Protected confirmation test.
Bug: 192908276
Change-Id: I2e7dd4868abda85d244e73592ff12d688f5c21fc
|
|
Renaming the vpnstore interface to legacykeystore.
Bug: 191373871
Test: TBD
Change-Id: Icd304ef621f0de52d6ebc415a0628d63f827fbcd
|
|
support Signature object
Bug: 191661889
Test: m droid
Merged-In: Ie65dcfe96f3bb00cc9af4d49e4e1d1f57bde438a
Change-Id: Ie65dcfe96f3bb00cc9af4d49e4e1d1f57bde438a
(cherry picked from commit 507a653a6e35fd3bf5b9a5927e4c17307593bcae)
|
|
|
|
This reverts commit d05498b9d8d30ca69eaafe920c5915ee472058eb.
Reason for revert: Bugged on non-RKP systems.
Bug: 190222116
Change-Id: Ie7d17d4251c381c1bae6a76cd9b0246c551f8042
|
|
|
|
This file was written on the assumption that bindService was
synchronous, which it isn't. This change adds a CountDownLatch to force
the class to wait for the binding to finish.
Bug: 190222116
Test: atest RemoteProvisionerUnitTests
Change-Id: I917a61da612f21f9a0f783bea5d24270d4e1db42
|
|
Previous releases explicitly check for invalid inputs. These checks
were removed with the move to keystore2 -- add them back.
Remove old prepareAttestationArguments* methods, as they are no
longer referenced.
Fixes: 188741672
Test: com.google.android.gts.security.DeviceIdAttestationHostTest
Change-Id: I4eeec8367ebdfad527395206ab9e89b409e02631
|
|
keymasterHwEnforcedUserAuthenticators is zero." am: 3b2decbb34 am: bc9360ea4e am: 791f088436
Original change: https://android-review.googlesource.com/c/platform/frameworks/base/+/1705645
Change-Id: Ieea062bd379150daf14406376e2e26b9499832fe
|
|
keymasterHwEnforcedUserAuthenticators is zero."
|
|
Original change: https://android-review.googlesource.com/c/platform/frameworks/base/+/1706425
Change-Id: I261fe4c6a0d926486052fdd2a812f709c419f78f
|
|
* changes:
Fixed KeyGenParameterSpecTest
Keystore 2.0 SPI: Fix NPE in getUniqueAliases.
|
|
am: fa8d51d5a6 am: ad73e362f0 am: 41d04381e9
Original change: https://android-review.googlesource.com/c/platform/frameworks/base/+/1706447
Change-Id: I3247db1b8db8691705a3a7856d696a84f0fd1413
|
|
getUniqueAliases may return a null if an error occurred. This would lead
to a NPE in engineAliases.
This patch makes getUniqueAliases return an empty HashSet instead.
Test: atest KeystoreTests
Change-Id: I387d90ea851a8b9c18bb2b20d1a0bfc1ab76c99f
|
|
Test: N/A
Bug: 184108046
Change-Id: I7401b88e5055cb781113656021f3ec274d1951a4
|
|
keymasterHwEnforcedUserAuthenticators is zero.
Bug: 186562600
Test: atest android.appsecurity.cts.AuthBoundKeyTest#useInvalidatedAuthBoundKey
Change-Id: I52a9c04b3e000416fb141d90d8d1f034348499de
|
|
02359c00d6 am: 85d779c4a4
Original change: https://android-review.googlesource.com/c/platform/frameworks/base/+/1698089
Change-Id: I9aefcc9b3b93a37437885d7e6fb1a8d9734b3dd1
|
|
Instead of always wrapping errors in a DeviceIdAttestationException,
check to see if the underlying cause was originally a
DeviceIdAttestationException. If so, unwrap the cause and just re-throw
that, preserving the original error.
Bug: 183827468
Test: GtsGmsCoreSecurityTestApp
Change-Id: Iab78ccaff91dd1de615e1d2b18f709027aecd59e
|
|
cf5f4d6cbf am: 9c975f2335
Original change: https://android-review.googlesource.com/c/platform/frameworks/base/+/1671106
Change-Id: I2c7e8050ca82f81ca865a76bd11a39d82eb09dcc
|
|
If biometric unlock is enabled, we tell keystore at lock time so that
a key can be set up in KM which unlocks UNLOCKED_DEVICE_REQUIRED keys
based on auth tokens carrying those SIDs. This also has the effect that
if there is no biometric unlock, UNLOCKED_DEVICE_REQUIRED keys have
full cryptographic protection, per NIAP requirements.
Test: aosp/1686345
Bug: 163866361
Change-Id: Ia4d01faa998c76b2b33ad3520730466ac59e6d8d
|
|
am: 3310a9a81f am: eaca45fcf3
Original change: https://android-review.googlesource.com/c/platform/frameworks/base/+/1680128
Change-Id: I2ad6bfc44915687bc24c0ec60ebf99244f4758b1
|
|
|
|
|
|
AndroidKeyStoreCipherSpiBase.engineDoFinal may get called with a null
input argument. In the case where we forward the operation to the
default provider doFinal() needs to be called instead of
doFinal(byte[], int, int).
Bug: 183913233
Test: atest android.keystore.cts.CipherTest#testEncryptsAndDecryptsUsingCipherStreams
Change-Id: Ia3afaf281be7c8e5493ac8e4155a7aa02d1d37f0
|
|
267fc8b764 am: 7716e67ea3
Original change: https://android-review.googlesource.com/c/platform/frameworks/base/+/1682025
Change-Id: I67913263f9bfb5380d915e716f19511db847a339
|
|
|
|
965c7e3c91 am: c40e1d5131
Original change: https://android-review.googlesource.com/c/platform/frameworks/base/+/1676196
Change-Id: Ifa0aafc8c2f5d412e2336c55db027277d94ca84e
|
|
am: 87a312952c
Original change: https://android-review.googlesource.com/c/platform/frameworks/base/+/1676925
Change-Id: Id028c5a629cd6a5c58604af4bff12c5779e38911
|
|
|
|
|
|
Bug: 183098396
Test: atest MixedDeviceOwnerTest#testKeyManagement
Change-Id: I89b51a1fb4be3b53eb46a7c194924b5255cd262b
|
|
As a part of internal libcore API cleanup some of the functions
previously exposed are getting removed from public surface.
Math#randomLongInternal is a wrapper around java.util.Random and has no
specific implications so its usages are get refactored.
Bug: 154796679
Test: m droid
Change-Id: I29e0e9307fbaf9c1ac018b83014efb2d3dd74479
|
|
* Add URI matching documentation
Bug: 177979648
Test: build docs
Change-Id: I44d40e919cce1b4f955f562b1cf6cbad450b4b58
|
|
This namespace is required by LocksettingsService to protect the
synthetic password key from removal when the user removes the
credentials or wipes AID_SYSTEM app data.
Bug: 184664830
Test: N/A
Change-Id: Ie752a75d2cb2ebf1f4e5814bc2cbc807cc754c21
|
|
0992040e48
Original change: https://android-review.googlesource.com/c/platform/frameworks/base/+/1677200
Change-Id: Ie4972c2b9da95515b3e98f66af716e7d1fcf156c
|
|
CryptoObject still called the legacy AndroidKeystoreProvider which did
not return the correct operation handle for per operation auth bound
keys.
Bug: 184804041
Bug: 185181377
Test: CtsVerifier->Security->Biometric Tests->2a Strong Biometrics +
Crypto
Merged-In: I0bceff0425e7ef32c394f33deda3c78f729c0c6c
Change-Id: I0bceff0425e7ef32c394f33deda3c78f729c0c6c
|
|
The key migration API is required by locksettingsservice to move the
synthetic password key out of AID_SYSTEM to protect it from deletion
when the user removes credentials from AID_SYSTEM.
Bug: 184664830
Test: N/A
Change-Id: I8d0ffb79870affc8ac055574b6f808a984aa5e52
|
|
1f82f476c0 am: cf64e636a8 am: 1a4f20ceac
Original change: https://android-review.googlesource.com/c/platform/frameworks/base/+/1664321
Change-Id: I8c1146a0b86cfca21bf9f3e837b4315cca3d5f86
|
|
getAttestationIds shall return an empty array instead of null.
Bug: 184026478
Test: N/A
Change-Id: I6c6233fa50a83cf7d6354d2783525704a3b39d0d
|
|
Original change: https://android-review.googlesource.com/c/platform/frameworks/base/+/1649541
Change-Id: I88ec6146f4b2bbfd159eb124fd01dcdc4b0b6f1f
|
|
|
|
am: a8b1b1a2e6 am: 08945c21ef am: 66ead4fb0b
Original change: https://android-review.googlesource.com/c/platform/frameworks/base/+/1624872
Change-Id: I08fcf329e59c309d9292edc846653b02e7a60f21
|
|
Bug: 171305684
Test: CtsKeystoreTestCases
Change-Id: I337515dadc9e45b909bff058d4e13371b4fa843c
|
|
a087245e03 am: 3dd40d172b
Original change: https://android-review.googlesource.com/c/platform/frameworks/base/+/1661581
Change-Id: I99cb5fd94c4ee02688709ad00e3ffbc3e2f388e7
|
|
Added SPDX-license-identifier-Apache-2.0 to:
drm/java/Android.bp
graphics/java/Android.bp
identity/Android.bp
identity/java/Android.bp
keystore/java/Android.bp
location/java/Android.bp
location/tests/Android.bp
lowpan/java/Android.bp
media/mca/effect/java/Android.bp
media/mca/filterfw/java/Android.bp
media/mca/filterpacks/java/Android.bp
mime/java/Android.bp
mms/java/Android.bp
opengl/java/Android.bp
rs/java/Android.bp
sax/java/Android.bp
services/tests/servicestests/test-apps/PackageParsingTestManifests/Android.bp
telecomm/java/Android.bp
telephony/common/Android.bp
tests/FlickerTests/test-apps/Android.bp
Added SPDX-license-identifier-Apache-2.0 SPDX-license-identifier-BSD to:
telephony/java/Android.bp
Bug: 68860345
Bug: 151177513
Bug: 151953481
Test: m all
Exempt-From-Owner-Approval: janitorial work
Change-Id: I2ee0af9ce8f74de2172b359b41d2c52a8b8f7e6c
|
