GitLab

Declare explicit conversion constructors.

Bug: 28341362
Change-Id: Ibd0d6b7ec63ccb8f910e9da15771ff4d0031f4c4
Test: build with clang-tidy

Add parentheses around macro arguments used beside binary operators.

Bug: 28705665
Change-Id: I4ea2db63c18e40dabc10d42bfa5c936a71d6c628

Bug: 28341362
Change-Id: I116d2667550eec7a080bd5fcf073a8e7206c7c53

libkeystore_binder's headers include libbinder headers and consumers
of those headers will require libbinder's include paths as well.

Bug: 27804373
Test: This compiles with a modified libbinder include path.

Change-Id: Id8aef2c91fe118d413115c204b2c81c559ad4134

RSA_FLAG_EXT_PKEY, despite the name, is only about calling the RSA_METHOD's
mod_exp hook while reusing the rest of the RSA_private_transform logic. This
code doesn't provide mod_exp and instead overrides private_transform, so the
flag is a no-op.

Set padding mode to PAD_NONE for AES when using
non GCM block ciphers.

BUG=27555165

Change-Id: I11cd860a9aee01aea1699ef149bde4af5cfa746e
Signed-off-by: Sourabh Banerjee <sbanerje@codeaurora.org>

am: 6148b204

* commit '6148b204':
  keystore_cli_v2: Removed test for KM_TAG_PURPOSE.

Enforcement of this tag may be nuanced. E.g. HW may not allow decryption
with a signing key, but may not control for example, restricting an AES
key to encryption-only.

Bug: 27309299
Change-Id: Ie0a49ddb033f5a95f0943bbc3b4bbd2fbf9bcedb

am: 187b8f7a

* commit '187b8f7a':
  keystore_cli_v2: Add support for testing against v0.3.

am: 29c54e37

* commit '29c54e37':
  Fix various memory errors.

Also drop some of the tags that were being checked but aren't strictly
required to be hardware-backed.

Testing for 0.3 basically means not running AES or HMAC tests.

BUG=27309299

Change-Id: Ie885027af287c878d185514f302985433667c09f

Bug: 26910835
Change-Id: I2973221a798b08bbde6dc7ac5464a99b2dc26b4d

am: ec431738

* commit 'ec431738':
  system/security/softkeymaster: don't pass a structure into |d2i_PrivateKey|.

Some OpenSSL parsing functions have, historically, allowed a structure
to be passed in to reuse that memory. There have been many bugs arising
from this corner case and it's generally best to avoid it.

This change just passes in NULL because a new structure was being
allocated anyway. Also, the API didn't guarantee that the memory would
always be reused – code had to check the updated pointer, which this
didn't do. So it might have broken in the future.

Change-Id: Iba98f9d11ece457cf6b66e2637bb8cb23f5930d2

* changes:
  Add KM_TAG_ALLOW_WHILE_ON_BODY
  Add attestation support to keystore.

Actually, this change eliminates the need to update keystore_cli_v2
every time a tag is added, which also has the effect of supporting
KM_TAG_ALLOW_WHILE_ON_BODY.

Change-Id: I15dd4ec4b7cab52dba43ec5d0afc6f8caf922389

Bug: 22914603
Change-Id: I14fbfbe30b96c5c29278fa548e06b65f15942fe2

This CL doesn't wire in any of the new keymaster2 features, it just uses
the keymaster2 HAL rather than the keymaster1 HAL.  This means that if
keymaster1 hardware is found, it is unconditionally wrapped in
SoftKeymasterDevice, so keymaster2 functionality can (eventually) be
provided.

Change-Id: Ica2cb0751e4e0a82c56c36b03f94da54ef62d9a3

This CL isn't nearly as big as it looks.  It doesn't change keystore
functionality, it just moves all of the classes out of the former
keystore.cpp into their own .h and .cpp files.

Change-Id: I29a1ce21bff574be56128b32fc417e5a3d3c55fb

Change-Id: I6a584c8f0ae7a0461ea33836f0ca15bc89f2367f

am: 80b09638

* commit '80b09638':
  Limit maximum number of concurrent keystore operations.

am: 108a5d34

* commit '108a5d34':
  Limit maximum number of concurrent keystore operations.

am: e5f3a444

* commit 'e5f3a444':
  ECIES: adding ECIES-KEM

am: ab421460

* commit 'ab421460':
  ECIES: adding ECIES-KEM