Age | Commit message (Collapse) | Author |
|
Limit the number of key descriptors sent back.
Backporting - Ported https://r.android.com/2381494
Merged-In: I5e8543a25dd9f1bb504fbc23f35779da0a0153b0
Bug: 267270741
Test: Manual: Generate 2500 keys with a 200 characters name each.
Change-Id: I6d370651441b4186b28cfed243975e64e3e8c85f
|
|
Bug: 243933553
Test: Manual - same as https://r.android.com/2215051
Change-Id: Ie195f05476ff5eee5e589d6f4a3f631c2802fa6a
Merged-In: Ie195f05476ff5eee5e589d6f4a3f631c2802fa6a
(cherry picked from commit 812307d2706c8fcd315486d25ddf54b965b8fbe7)
|
|
Without this init will repeatedly try to start this daemon,
causing logspam.
Also:
* wait until just before tokio conversion to set O_NONBLOCK
* ensure logging code reflects source example
* log at info and higher
* use contexts for better logging
* fall back to println to work around logging problems
* remove wrong copy-pasted comment in Android.bp
Bug: 249531229
Fixes: 249566340
Test: in permissive mode, rm /dev/hw_random before start
Change-Id: Ib70cbcb048f33dca789151622d98c6d56270fa37
Merged-In: Ib70cbcb048f33dca789151622d98c6d56270fa37
(cherry picked from commit 021cf557e6cdf1ff0779e87834532c0e0e893ef8)
|
|
This binary seeds a FIPS-approved DRBG from /dev/hw_random and then
serves seeds to other processes on the system using a socket
(/dev/socket/prng_seeder) that is passed in by init.
This cherry-pick for tm-qpr-dev omits the command line support
to avoid a dependency problem.
Bug: 243933553
Test: Started under init and verified correct operation using strace
Merged-In: Id4461a402d1ac92180a54cc4b241a2720b94d8de
Change-Id: Id4461a402d1ac92180a54cc4b241a2720b94d8de
(cherry picked from commit d21b00001d40f735105c01cd794c62a353aed6f5)
|
|
Test: N/A
Merged-In: I7fc63b385ea866ca13b04b4bccbc6e851340da49
Change-Id: I7fc63b385ea866ca13b04b4bccbc6e851340da49
(cherry picked from commit 0faf1f9fd994c3527a521b19ffe9bea1bfd40840)
|
|
Currently software-emulated keys do not have any update mechanism. Any
software key that is created in previous versions cannot be used once
the device is upgraded. With this change, keys now can be upgraded and
used by the latest keystore.
Change-Id: Ic791baeedd7775df7eafca405440e645b19ec2bc
Test: TreeHugger
Fixes: 223376764
Fixes: 249021523
Merged-In: Ic791baeedd7775df7eafca405440e645b19ec2bc
Ignore-AOSP-First: Cherry-picking to tm-qpr-dev.
|
|
Properly encode an sessiontranscript from P-256 EC Public Key, in
particular ensure that the resulting sessiontranscript which includes an valid P-256 EC public key is expected.
Was able to reproduce this with about 1% failures running a test.
After the fix didn't get a failure in 1,000 runs.
This bug is similar with AOSP patch "identity: Fix uncompressed form encoding of P-256 EC Public Key."
Bug: 239857653
Test: atest --rerun-until-failure 1000 android.security.identity.cts.ReaderAuthTest#readerAuth
Change-Id: Id5ce46977cf3b6ce6c43beda657cd26b24969fe5
(cherry picked from commit e678b870a286cec6c54950440ce733fd6725effb)
Merged-In: Id5ce46977cf3b6ce6c43beda657cd26b24969fe5
|
|
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/security/+/19021559
Change-Id: I2cc99f76d6b861a297e838c6a3f7a54447b66b21
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/security/+/19021559
Change-Id: I31e52f39fdab46fe028291efed004f0757e66d98
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Keystore2 previously did not process the DEVICE_UNIQUE_ATTESTATION tag.
This was an unnecessary step when there was no ability to select the
attestation key provided to the backing Keymaster instance. Now,
however, Keystore2 does need to process generateKey requests for this
tag. This is because it will pass in an RKP key by default and append
those certificates to the result if RKP is present.
This change alters Keystore2 behavior during attestation key selection.
If the DEVICE_UNIQUE_ATTESTATION tag is present, it will no longer
attempt to select an RKP key and will instead pass nothing in the
attestKey argument for KM.
Bug: 234413909
Test: atest com.android.cts.devicepolicy.MixedDeviceOwnerTest#testKeyManagement
Ignore-AOSP-First: Cherry-pick from AOSP
Change-Id: Ib81fb65570a4e9eb7e7b051f9791071ee78dc02f
Merged-In: Ib81fb65570a4e9eb7e7b051f9791071ee78dc02f
|
|
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/security/+/18751588
Change-Id: I7a616425143c24239213cd3b503c89004a4dae7b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/security/+/18751588
Change-Id: I1a3e0741c8e936418f155c2261549d431439dac4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Bug: 219076736
Test: manual, RoT between locally modified KeyMints
Change-Id: Iad3f14afc9d853e91cc7f7810fd6e592b48cab2d
Merged-In: Iad3f14afc9d853e91cc7f7810fd6e592b48cab2d
Ignore-AOSP-First: manual cp from aosp/2031823
|
|
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/security/+/18638770
Change-Id: I2c3cde2a21a62f08d18ef25102de037851dc17d0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/security/+/18638770
Change-Id: Ic15ad66faf5a55a93e4cada08e1a55623c9a510d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
In https://android-review.googlesource.com/c/platform/system/security/+/1698833
we added a check only for client keys. However, this means that on application deletion only the keystore keys related to the
application are unbound and the attestation keys get orphaned.
Through this change, I am planning to unbind the attestation keys
related to the application as well.
Change-Id: I1c9d1ac6d6943cc53f5d74653e3da72cd4f2adf7
Merged-In: I1c9d1ac6d6943cc53f5d74653e3da72cd4f2adf7
Test: atest keystore2_test
BUG: 232534682
Ignore-AOSP-First: Picking from AOSP
|
|
tm-dev am: 7b28cace73 am: fed9c4818d
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/security/+/18580936
Change-Id: I617d8228fd22b28c4d0d6a5e07e4dfe9eaed7b63
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
tm-dev am: 7b28cace73
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/security/+/18580936
Change-Id: I2469c38f0d2c374a85b6e38939d2010f7b3cfde4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
tm-dev
|
|
In cases of no pending artifacts exist, current_artifacts_ok is not set
in the pushed atom. Fix this by checking the returned value of
checkArtifacts()
Ignore-AOSP-First: Change is required for correct telemtry from Android
T, I will backport this to aosp.
Bug: 233740445
Test: build succeds
Change-Id: I2d7ce37960c2c0f1adea15bde06d21947668b4a4
|
|
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/security/+/18350667
Change-Id: I5c546c93fe907217c5590f0db546e745761e3aab
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/security/+/18350667
Change-Id: I5208c7b964e0e1ab5255b952fbb47ee2556799b7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Bug: 230750270
Test: Local testing with statsd TestDrive script
Ignore-AOSP-First: This targets T and will be cherry-picked to AOSP later.
Change-Id: I8490e31df4a111ff6787ea67dd8a170b410566df
(cherry picked from commit d675e225a798b2e2388a8bd2f93c61caaa87e295)
|
|
2fcd798bc9 am: 8c6abf187f am: c7f77838bf
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2070036
Change-Id: I18abfe9bcf86ae3c14acef954fb67a6b9d27e6eb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
2fcd798bc9 am: 8c6abf187f
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2070036
Change-Id: I89328a9d7b6348a75a3885225c268cf2d64acb54
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
2fcd798bc9
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2070036
Change-Id: Ie43d58a109b751b1c84ae6fa0ead319488193422
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2070036
Change-Id: I7f2d3bcfbc68df85fa2345d791cff4e5e599d24e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2070036
Change-Id: I558b6fe40d513cbea5f4db80470ba386919a68ad
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
|
|
To allow for testing, read the rkp_only properties every time instead
of caching the value. This allows the RemoteProvisioner tests to alter
the property, moving the device in and out of rkp-only mode.
Test: RemoteProvisionerUnitTests
Bug: 27306369
Change-Id: If9a616fd36095175f4aea07c897c67a11eb04bcf
|
|
d12141441b am: 9f7c9943cb am: 285bb857a6
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2068372
Change-Id: I9312a4f4f8659755e9d9c99eabadf7e8e2a81f58
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
d12141441b am: 9f7c9943cb
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2068372
Change-Id: I3bfcb20311ea498fe4a37b7341a78496d3886d51
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2068372
Change-Id: I833a6e2347b64b08f4c8bdef605698f241b637e0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
f16fb9f3a8 am: a454b17334 am: bb485e4000 am: 075dae43fe
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2066831
Change-Id: I8bb9a0d45c4cc04d02d50adddc778fa6d6984f13
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
sc-v2-dev-plus-aosp-without-vendor@8433047 am: b25470cd30 -s ours am: 23a1b57bb2 -s ours am: 42622d5034 -s ours am: 79edea66fd -s ours
am skip reason: Merged-In Ifc2e14a9b60e364323794eaa5a8c181c4f0a78ee with SHA-1 11a8dab786 is already in history
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/security/+/17805218
Change-Id: Ia2f24e6eeeb1dad97b533b772fbb4d00d88b0674
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2068372
Change-Id: I4e1d5abaa7a401f077ae43bc2693665ee4a1b731
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2068372
Change-Id: I7e27a7dedc0d4252509cdb53a7ca1f2bb72c1a49
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
|
|
f16fb9f3a8 am: a454b17334 am: bb485e4000
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2066831
Change-Id: I939b4a3b355fd72c61cf0a804494a2f34cd775d0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
sc-v2-dev-plus-aosp-without-vendor@8433047 am: b25470cd30 -s ours am: 23a1b57bb2 -s ours am: 42622d5034 -s ours
am skip reason: Merged-In Ifc2e14a9b60e364323794eaa5a8c181c4f0a78ee with SHA-1 11a8dab786 is already in history
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/security/+/17805218
Change-Id: Ib1d716a17fbf5c9c97e68fb65f28401eb3d1be4c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
f16fb9f3a8 am: a454b17334
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2066831
Change-Id: I6e027e7ad0fd0d280c488e1a8fcd0d7ceba9416d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
sc-v2-dev-plus-aosp-without-vendor@8433047 am: b25470cd30 -s ours am: 23a1b57bb2 -s ours
am skip reason: Merged-In Ifc2e14a9b60e364323794eaa5a8c181c4f0a78ee with SHA-1 11a8dab786 is already in history
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/security/+/17805218
Change-Id: Ib42e70efda5ab061ddd74f84f9b480b823d4dd33
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Bug: 222737227
Test: m rust
Change-Id: I4f35c8e50a1837608ab69a7609caff9c485e8c85
|
|
f16fb9f3a8
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2066831
Change-Id: Ida19f5b72990311f8bfe1d19a765f1539804017c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Original change: https://android-review.googlesource.com/c/platform/system/security/+/2066831
Change-Id: I57e85c0f306b964d3e321eb3ad690ed5d4ec923c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
|
|
sc-v2-dev-plus-aosp-without-vendor@8433047 am: b25470cd30 -s ours
am skip reason: Merged-In Ifc2e14a9b60e364323794eaa5a8c181c4f0a78ee with SHA-1 11a8dab786 is already in history
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/security/+/17805218
Change-Id: Iadad3bcbba5ae6cbc0a8bbbcf3435892809f724d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
An empty key pool should not allow fallback to the batch key if the
vendor indicates the system is rkp only.
Additionally, if the system is misconfigured (e.g. marked as rkp only
and has no remotely provisioned component hal) then we should insist
on checking RKP keys anyway. This will result in the given system
always returning OUT_OF_KEYS, which will fail various tests.
Test: keystore2_test
Test: RemoteProvisionerUnitTests
Bug: 227306369
Change-Id: I027bc56ff167abf99b18be01dccf05f90dd07f2a
|
|
Bug: 226662282
Merged-In: Ifc2e14a9b60e364323794eaa5a8c181c4f0a78ee
Change-Id: Id87ce6ee433f6fc31d18ccdee5a2eb2bc62633e5
|
|
ad3d746a66 am: 2ebc418ad9 am: e0b398b566
Original change: https://android-review.googlesource.com/c/platform/system/security/+/1956047
Change-Id: I7e0af6a8461dfef039ea9a51855697cc0192f0c3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|