GitLab

* commit '48d998cd':
  Properly check for Blob max length

* commit 'aca71139':
  Properly check for Blob max length

* commit '738d1e9d':
  Properly check for Blob max length

* commit '1b8885ba':
  Properly check for Blob max length

* commit '0d593526':
  Properly check for Blob max length

sizeof(mBlob.value) is incorrect because writeBlob pads up to the next
AES_BLOCK_SIZE

Bug:22802399
Change-Id: I377edca2c7ea2cf4455f22f5f927fdad79893729

am 63bc525c: am 853b8d79: am fd1ad379: am 1c73457a: am b124c9e8: Fix unchecked length in Blob creation

* commit '63bc525c':
  Fix unchecked length in Blob creation

* commit '853b8d79':
  Fix unchecked length in Blob creation

* commit 'fd1ad379':
  Fix unchecked length in Blob creation

* commit '1c73457a':
  Fix unchecked length in Blob creation

* commit 'b124c9e8':
  Fix unchecked length in Blob creation

Applications can specify arbitrary blobs using insert(), check their
length to prevent overflow issues.

Bug:22802399
Change-Id: I4097bd891c733914df70da5e2c58783081d913bf

* commit '57a72ec8':
  keystore-engine: comment out unused args

* commit '3ad91aa7':
  keystore-engine: comment out unused args

This fixes the build when -Werror -Wunused-parameter is enabled in the
compiler options.

Change-Id: I4581492c23885de8d31d2e66483ee281c0045c58

* commit 'ef76546c':
  Add test for AuthTokenTable.Clear.

* commit '28befb5e':
  Add test for AuthTokenTable.Clear.

Also fix tests broken by the change from 32 to 64-bit timestamps.

Change-Id: I5a80c6795880fe7231b1d311db7f3e0869913947

* commit 'd914f657':
  Flush the auth token table on resetUid

* commit '7a4dd551':
  Flush the auth token table on resetUid

* commit 'bb9c9dbc':
  Support KM_LONG_REP

* commit '9484bb01':
  Support KM_LONG_REP

This prevents old stale auth tokens from sticking around after clearing.

Change-Id: I92e48b6d8cdba92cbc70f718cb45a4d96bd12900

Change-Id: I37814bcb03dc8918e27226ec43230fa4218723d0

* commit '83ee2e7a':
  Refactor permission and state checking

* commit 'f1b8f6bf':
  Refactor permission and state checking

Move the permission checking code to checkBinderPermission and
checkBinderPermissionOrSelf target to simplify permission checking code
and clean up keystore methods. Also adds
checkBinderPermissionAndKeystoreState as a helper method to check the
permission and the unlock state of the keystore.

Change-Id: I77c94af1593d2a7fd100c79a6364583067ffa559

* commit 'a11517f6':
  Fix addAuthToken api

* commit '00300a11':
  Fix addAuthToken api

A binder token is not written thus cannot be read

Change-Id: Id44acf3e7001f2b027041ef8c7c324e687ab0fcd

* commit 'cf0de02b':
  Store the key characteristics for operations

* commit '368a1f93':
  Store the key characteristics for operations

Instead of storing the key blob and parsing the characteristics out,
which some implementations might not support, instead call get
characteristics on begin and store that result for subsequent auth
calls.

Change-Id: I75e39ee28cc440e4ed411b2daaa2744085e1aa12