GitLab

generateKey and begin can now optionally take an array of bytes to add
to the rng entropy of the device before the operation. If entropy is
specified and the device does not support add_rng_entropy or the call
fails then that device will not be used, leading to fallback or error
depending on the situation.

Change-Id: Id7d33e3cc959594dfa5483d002993ba35c1fb134

This is a no-op.

Change-Id: Ifc0d51d594011069ab80e6fc21603e10e720a5d2

Previously a null client/app id was translated into a blob with
length=0, data=NULL, but this was a bit janky and required null ids to
be set on key creation/import.

Change-Id: I27607a50f4dc5a898625b569f5293369f0039eba

Add methods for sending an auth token to keystore and to query the
authorization state of a given operation. These methods are currently
stubs until authorization is implemented.

Change-Id: I0f97ffb3afe19c1f1d8a00bfc95e27616e7cb06c

Add a static method for reading const byte arrays from parcels since its
used in most of the new APIs.

Change-Id: Icb4b75d0d1fcbeab00d59dbdfdfca8dd93884928

Some authorization code needs to know the actual underlying operation
handle, not simply a reference to it, so return it in case it is needed.
Note that the handle cannot be used by the application to reference an
operation.

Change-Id: I4c883dde17168b7f6c1643d81741a4c2686d3159

Keystore will use this to manage authentication tokens and identify the
correct one to be submitted to keymaster to authorize an
authentication-requiring operation.

Bug: 19511945
Change-Id: Ie6d2db4bebfa3734e535498d20928b8f8965963c

Also, include softkeymaster.h so it can be built from keymaster
dir.  This is needed for the keymaster0 adapter tests.

Bug: 19508876
Change-Id: I8110af586d699d990837005e2a9c209dc1a91c2c

Change-Id: I365ea9082e14bccb83018e8ea67a10408362c550

Change-Id: I2a87cb61c340a099cc98d1a2db9e7390fb001b5d

Change-Id: I5bc24bc3177c6fc88141a42ed4d6a7a3d42e2c2f

Some build targets use clang which has this on with -Wall and -Wextra so
to be consistent with warnings enable it for all targets.

Change-Id: I63c46d9c516f6c2ce27a7c33c5677b0ee3c22eca

Change-Id: Ie2d46b2a864c9b0e75f4a055f2cc68810c16e763

The module relative path was accidentally erased when BoringSSL
compatibility was added. This restores the path so that WiFi with
keystore-backed credentials works again (among other things).

Bug: 19680487
Change-Id: Iee7c13d7b60d93f1520886e90ec23875bd52ab9a

Change-Id: I02e1ff4ef67f5e3dcd34453ac2a16218961a03bf

Change-Id: Ib63de5d9ee8da60599af2e644122ac6777720c8c

* commit 'b0f70423':
  Implement keymaster 1.0 add_rng_entropy

Change-Id: Ib027930049dec289b62e45eaa6cad32c03d9556c

* commit '1b0fbce9':
  Use keymaster 1.0 softkeymaster

* commit 'ad4661a0':
  Add Keymaster 1.0 binder methods

This changes the fallback device to the new keymaster 1.0 softkeymaster
as well as changes keystore to use keymaster1_device_t's everywhere
internally. It is safe to cast a keymaster0_device_t* to a
keymaster1_device_t* and access all the keymaster0 methods, but all
keymaster 1.0 method calls on the hardware device MUST check that the
device version is >= keymaster 1.0.

Change-Id: I6a5906da774f774723c14ea71f69b1c1efcc5a33