| Age | Commit message (Collapse) | Author |
|---|
|
In Keymaster2PassthroughContext::ParseKeyBlob we use GetTagValue to
retrieve the blobs of application id and application value. GetTagValue
only fills a keymaster_blob_t with pointers to memory owned by the
corresponding AuthorizationSet, however, we passed in pointers to
KeymasterBob which takes ownership leading to an invalid free.
This was independently reported and fixed by:
Yan, Shaopu <shaopu.yan@intel.com>
vink.shen@mediatek.corp-partner.google.com
Bug: 79305673
Bug: 80554869
Change-Id: I1c8e54ba5fe1d2d6b70abc9cf95432fb1c5e55f6
|
|
Bug: 78245564
Change-Id: I7635ae56be09a4d352e3612c7eab8abc2299538f
|
|
Make import key wrapping functions available so VTS tests can use
them. Also fix a small bug in authorization list ASN1 format.
Bug: 77588764
Test: VtsHalKeymasterV4_0TargetTest
Change-Id: I8c77f61c239ddb7ad1c103e610514d05ec4c5c91
|
|
"niap-asym-write-api-pi-dev" into pi-dev
* changes:
Restore "Add "Unlocked device required" parameter to keys"
Add "unlocked device required" API
|
|
Without these break statements, execution will fall through and the wrong
error code will be returned.
This issue was found by enabling -Wimplicit-fallthrough.
Bug: 76101949
Test: compiles with -Wimplicit-fallthrough
Change-Id: I1f55b7bbdb741fcb287a309323c7acc493abba49
|
|
Add a keymaster parameter for keys that should be inaccessible when
the device screen is locked. "Locked" here is a state where the device
can be used or accessed without any further trust factor such as a
PIN, password, fingerprint, or trusted face or voice.
This parameter is added to the Java keystore interface for key
creation and import, as well as enums specified by and for the native
keystore process.
This reverts commit a1ba90df6372d7194fcb2fa59d69f0d53b2141a6.
Test: CTS tests in I8a5affd1eaed176756175158e3057e44934fffed
(cherry picked from commit cff1364ed2d18b23b987188aededbbb422ce147e)
Bug: 67752510
Merged-In: I62d4176f04077af96779cb53c628a8579a7679d1
Change-Id: I62d4176f04077af96779cb53c628a8579a7679d1
|
|
Add a keymaster parameter for keys that should be inaccessible when
the device screen is locked. "Locked" here is a state where the device
can be used or accessed without any further trust factor such as a
PIN, password, fingerprint, or trusted face or voice.
This parameter is added to the Java keystore interface for key
creation and import, as well as enums specified by and for the native
keystore process.
This is the API only, full functionality will be added in a later
commit.
Test: CTS tests in CtsKeystoreTestCases
Bug: 67752510
Merged-In: I967193e7f3be4f7a4ddea004b9b203fe035a5d44
Change-Id: I967193e7f3be4f7a4ddea004b9b203fe035a5d44
(cherry picked from commit c9c285e340c42b6c356135bef822f8ed54968019)
|
|
This bug was introduced in I06b61128ff72b119747cfce9cab754b22a13ec00.
Bug: 76101949
Test: compiles with -Wimplicit-fallthrough
Change-Id: I4df472854946b40319a0677c9f8f5f2c52129f34
|
|
This reverts commit dfb351cc0248d54f8e535cb2e7ce78eaa8dfb399.
Reason for revert: Regression in creating auth-bound keys
Bug: 73773914
Bug: 67752510
Change-Id: I7ae70cfab3629ebad349df449e72dac73f432613
|
|
Add a keymaster parameter for keys that should be inaccessible when
the device screen is locked. "Locked" here is a state where the device
can be used or accessed without any further trust factor such as a
PIN, password, fingerprint, or trusted face or voice.
This parameter is added to the Java keystore interface for key
creation and import, as well as enums specified by and for the native
keystore process.
This reverts commit 2a1977b2c383a05c58cda0e773f29c49192e9a4a.
Test: CTS tests in I8a5affd1eaed176756175158e3057e44934fffed
Bug: 67752510
Change-Id: I7deb31db153d7545055afee1eacef55e6ca451a0
|
|
am: d72dd842f0
am: 1200aa15a6 -s ours
Change-Id: I491c2e5371443ed20de1e837e4fead0e8f1e03c9
|
|
am: d72dd842f0
Change-Id: I8fce12e9cc76fd6b1759508ff9af1451cf5acc40
|
|
am: f9524f57bf
Change-Id: I4e7cbe1847387636b9e73180a4d2f9b28cb7acc7
|
|
|
|
Clear() should reset the error field or it does not recover
AuthorizationSets that have encountered an error before.
Added test ClearRecoversFromError to authorization_set_test.cpp
Test: host test (run make in keymaster director)
Bug: 72702959
Merged-In: I1c422135cb7d235157d17785f5df927164d1e166
Change-Id: I1c422135cb7d235157d17785f5df927164d1e166
|
|
Clear() should reset the error field or it does not recover
AuthorizationSets that have encountered an error before.
Added test ClearRecoversFromError to authorization_set_test.cpp
Test: host test (run make in keymaster director)
Bug: 72702959
Change-Id: I1c422135cb7d235157d17785f5df927164d1e166
|
|
This reverts commit d98e6865503ee2c63c4e73796f7ad8b6cb87c450.
Reason for revert: Build breakages on elfin, gce_x86_phone.
Bug: 72679761
Bug: 67752510
Change-Id: Iaa6b154f1ec4a2095ed5704d7670f8cae0d8c2f7
|
|
Add a keymaster parameter for keys that should be inaccessible when
the device screen is locked. "Locked" here is a state where the device
can be used or accessed without any further trust factor such as a
PIN, password, fingerprint, or trusted face or voice.
This parameter is added to the Java keystore interface for key
creation and import, as well as enums specified by and for the native
keystore process.
Test: go/asym-write-test-plan
Bug: 67752510
Change-Id: I100e55de7080edb2bd705c2ab9d116f72bac97f8
|
|
|
|
Bug: 31675676
Test: local unit tests and VtsHalKeymasterV4_0TargetTest
Change-Id: Ia865b035604b3d42ab5b3de6f22b2fac8400ddbf
|
|
|
|
|
|
Test: VtsHalKeymasterV4_0TargetTest
Change-Id: I1f9a952ee2ad3605f67f58c9f57a46df57556f92
|
|
Bug: 31675676
Test: make (will run local unit tests)
Change-Id: I4ed2ebcb087ccf6b9976c8899fc795c09dfad408
|
|
•Add KM_PURPOSE_WRAP for wrapped key import
•Parse the wrapped key format
Test: tests/android_keymaster_test
Change-Id: I06b61128ff72b119747cfce9cab754b22a13ec00
|
|
am: 8b86f605ae -s ours
Change-Id: I049ae33586ff0fa34d6fb1f958f277591aae5b47
|
|
am: e50ef30e57
Change-Id: I34657664e80733526bbe94685394ae624ea1d2fb
|
|
am: dbca658abf
Change-Id: Ic63f671d204c6a6de8d8e53a0ead3d4c77f3aec5
|
|
There are no logic changes in this CL.
Test: make (local unit tests)
Change-Id: Id6635a20ffa52f71f3dad3281d8dd831fff7aeb7
|
|
In preparation for adding 3DES support, this CL moves the code that
does all the block cipher work from AesOperation to
EvpBlockCipherOperation (and associated classes). To make it easier
to see what was changed, the block cipher code was left in
aes_operation.{cpp|h}. The next CL will move it to separate files.
Test: make (local unit tests), CTS & VTS
Change-Id: Ibbf870c351425ea8d990218aa0ae089d0b2ada4b
|
|
The Keymaster implementation creates a Key object and then passes it
to an Operation object, which copies parts of it. The Key object is
not needed after the Operation has been created, so much of that
copying is unnecessary. This CL begins changes that by passing an
rvalue reference to the Key to the Operation, and modifying operations
so they move the pieces of the Key that they need out, wherever
possible.
Test: make (local unit tests), VTS and CTS
Change-Id: I6c9a27d9ee85ccaeed1efb0fcc3ed0f8694c5771
|
|
Disables the integer overflow sanitizer in libkeymaster.
Bug: 30969751
Bug: 63927620
Test: Compiles, device boots.
Change-Id: Id1de4a284d3da6d217102850e81cb1e131fab77a
Merged-In: Id1de4a284d3da6d217102850e81cb1e131fab77a
(cherry picked from commit eb9d7531c7c7a7a16d993e99fa289224f36be43e)
|
|
|
|
* changes:
Implement HMAC sharing in Android keymaster.
Partially fix keymaster unit tests.
Add CKDF implementation.
|
|
Disables the integer overflow sanitizer in libkeymaster.
Bug: 30969751
Bug: 63927620
Test: Compiles, device boots.
Change-Id: Id1de4a284d3da6d217102850e81cb1e131fab77a
|
|
The Keymaster1 specification allows implementations to provide less
than the full suite of digest algorithms. At minimum they need only
provide SHA256. If keystore detects that keymaster1 hardware provides
less than a full set, it creates a software keymaster wrapper around
the hardware. If an operation requests a digest algorithm that the
hardware does not support, the wrapper performs the digesting in
software and passes the pre-digested data to the hardware for the
final operation.
Each of these two keymaster instances (the software wrapper and the
wrapped hardware) manage their own operation table. The hardware
needs its table to figure out which in-progress operation to update or
finish. The software wrapper needs its table to figure out which
hardware operation handle to forward to the hardware for update or
finish. Note that the software wrapper's table is only used for
operations that require software digesting.
The bug causes the software wrapper to fail to remove entries from its
table when they're completed. After 16 such operations the table is
full, preventing any future operations from being started until the
device is rebooted.
Test: CTS
Bug: 71703554
Change-Id: Ifc1e2a9af9532e6a8f1cd3d0ad3ca079f126a0b7
|
|
Test: make tests/android_keymaster_test.run
Change-Id: I5372b97e97a2e13bd551c422bb15d27246d8cb47
|
|
There's still one failure in
VerificationOperationsTest.EcdsaAllDigestsAndKeySizes, but leaving
that for now.
Test: Run "make" in system/keymaster.
Change-Id: Id751126d095e57d34804d8c5d605ae60f7e0ef54
|
|
Test: make ckdf_test.run
Change-Id: Ia436694cc90fc9a8407525bd2b995c7cf37047c5
|
|
Keymaster 4.0 is being revised to remove references to 3.0, so we
don't have to deal with a mixture of types. This CL updates
system/keymaster for that change.
Test: VtsHalKeymasterV4_0TargetTest
Change-Id: I3dfaf6ff61390bd1037b2ddb829b3aa22ff99c94
|
|
With this patch we can create reference hals that pretend to be
secure keymaster implementations. This is only to make Keystore happy
It will not pose a security risk because the pretending instances don't
have the right attestation certificate to impersonate an actual secure
implementation.
Change-Id: Ied79884a7cf354652c48bb7d7cd9385f26ad91d2
|
|
Everything in libkeymaster_staging needs to be portable, so in
libkeymaster_portable. Some fixes were needed to make it build
without STL.
Test: CTS & VTS
Change-Id: Ida09c962d893594e22d896e213b0d776c6b6b108
|
|
Test: N/A
Change-Id: I96b6784cead2d7340ac538df1ac5f63766d776c9
|
|
Test: not yet
Change-Id: I186fabdf5dea8d6b592cd778c07e62fb969348fd
|
|
Change-Id: I7446e2aaddc1c611518fa11cea2a049848030f40
|
|
am: 61a99a62a0
Change-Id: I956a367a379849de20a3559553d84e0f8606e9e2
|
|
am: 897d282599 -s ours
Change-Id: I32da93c47953ea22611356be55bab0579561b507
|
|
Exempt-From-Owner-Approval: Changes already landed internally
Change-Id: I0a53fc8d84fc01717feb4521203811fe2d9e487c
|
|
softkeymaster is already gone. android_keymater_test wasn't compiling.
Test: tests/android_keymaster_test
Change-Id: If12d91aeff8ebed4537a54c3c05ce817f9c03c04
|
|
|
