- 02 Nov, 2015 10 commits
-
-
Gaurav Shah authored
-
Gaurav Shah authored
-
Gaurav Shah authored
-
Gaurav Shah authored
-
Gaurav Shah authored
-
Jorge Lucangeli Obes authored
Bug: 25001992 Change-Id: Ia6b9963d5c3c3f9d399be3ac06436e99fdf42e91
-
Darren Krahn authored
BUG: 24571104 Change-Id: I9ddbae39da660f3111569df80c83db9fc88daa0f
-
Darren Krahn authored
Keystore assumes keymaster parameters are allocated with malloc but keymaster's AuthorizationSet allocates with new[]. To avoid memory corruption, reallocate with malloc before passing to keystore. BUG: 24905120 Change-Id: I958d5060b08bb0c97eceded354241e0948d5f3b2
-
Darren Krahn authored
This Cl adds authenticated encryption and decryption methods which require minimal inputs. These methods are suitable for encrypting local state on brillo. BUG: 23528174 TEST=manual using the keystore_cli_v2 tool Change-Id: I41abcd77452e86b1eb7373f9db95b645100e2f0f
-
Darren Krahn authored
KeystoreClient is designed to give native brillo services convenient access to keystore services. This CL also includes a command line tool that uses the KeystoreClient interface. This was used for testing but can also be enhanced to be generally useful. BUG: 23528174 TEST=manual tests using keystore_cli_v2 Change-Id: I6266d98cfc7c4936f803a8133020c032bc519a5b
-
- 26 Oct, 2015 1 commit
-
-
Shawn Willden authored
-
- 22 Oct, 2015 1 commit
-
-
Kenny Root authored
-
- 16 Oct, 2015 2 commits
-
-
Shawn Willden authored
-
Shawn Willden authored
SoftKeymasteDevice can provide software digesting and padding for keymaster1 implementations that don't provide all of the required digests. This CL modifies keymaster to check for such keymaster1 implementations and add a SoftKeymasterDevice wrapper. The SoftKeymasterDevice work necessary to make this function would have required adding an implementation of the keymaster0 API import_keypair in terms of keymaster1 API calls (import_key). Rather than do that, I instead implemented the relevant keystore function directly on the keymaster1 API. This approach is cleaner than adding the same code into the translation layer, and allows removal of the last vestiges of keymaster0 API usage from keystore. Bug: 24873723 Change-Id: Ie4c7bba7943a549f35df3086dccea001edb5bb2b
-
- 10 Oct, 2015 1 commit
-
-
Nick Kralevich authored
-
- 05 Oct, 2015 1 commit
-
-
William Roberts authored
When debugging SE Linux rules, the pid and uid of the source context are helpful in determining what was involved in generating the policy violation. This information was absent from the keystore logs. To remedy this, we add pid and uid to the logs: avc: denied { exist } for pid=571 uid=1000 ... Change-Id: Ic22128720aa8ac225f26896f9e710783c8ab4f70 Signed-off-by:William Roberts <william.c.roberts@intel.com>
-
- 30 Sep, 2015 1 commit
-
-
Adam Langley authored
The BORINGSSL_201509 define was used to make updating BoringSSL in external/boringssl less painful. It allowed code to compile with either the old BoringSSL (which didn't define BORINGSSL_201509) or with the new (which does). Now that the new version has landed, this change removes that support. Change-Id: I19e661419f830459d015bf14e7905af2ec41b735
-
- 24 Sep, 2015 1 commit
-
-
Roman Mazur authored
After kystore was separated to a seaprate repo (moved from frameworks/base) test-keystore script was not update. This change implements insert in keystore_cli and revives tests. Signed-off-by:Roman Mazur <mazur.roman@gmail.com> Change-Id: Iffd8b18ac11cc421280b58b9e66d889bc8dc29
-
- 03 Sep, 2015 1 commit
-
-
Kenny Root authored
* commit 'db441ea6': Prepare for BoringSSL update.
-
- 02 Sep, 2015 2 commits
-
-
Kenny Root authored
-
Adam Langley authored
This change tweaks things as needed so that the code will compile against both the BoringSSL that's currently in Android and a version from upstream. The BORINGSSL_201509 define is temporary to allow the switch to happen without breaking the build and a followup change will remove it. Change-Id: I3d09b5644661353723803bcbda937d34455849a5
-
- 21 Aug, 2015 2 commits
-
-
Tom Cherry authored
* commit 'aae1bbf4': bundle init.rc contents with its service
-
Tom Cherry authored
-
- 20 Aug, 2015 1 commit
-
-
Tom Cherry authored
Bug: 23186545 Change-Id: If471bcc8333d546cde055bbcfc541a26fc21d90f
-
- 14 Aug, 2015 4 commits
-
-
Stephen Hines authored
* commit '2ac5cb65': Fix pessimizing move.
-
Stephen Hines authored
-
Stephen Hines authored
The std::move() here is unnecessary, and prohibits the compiler from performing copy elision. Change-Id: Ibdf515c4c0b0c07ff966c696e671a0526be1528e
-
Dan Albert authored
Using std::move here prevents the compiler from performing copy elision. Change-Id: I21ad9dfec4fe36dd935403c9fd0af5e20e131036 (cherry picked from commit 17ee05c5)
-
- 13 Aug, 2015 2 commits
-
-
- 12 Aug, 2015 8 commits
-
-
Chad Brubaker authored
* commit '48d998cd': Properly check for Blob max length
-
Chad Brubaker authored
* commit 'aca71139': Properly check for Blob max length
-
Chad Brubaker authored
* commit '738d1e9d': Properly check for Blob max length
-
Chad Brubaker authored
* commit '1b8885ba': Properly check for Blob max length
-
Chad Brubaker authored
* commit '0d593526': Properly check for Blob max length
-
Chad Brubaker authored
* commit '54b1e9ad': Properly check for Blob max length
-
Chad Brubaker authored
sizeof(mBlob.value) is incorrect because writeBlob pads up to the next AES_BLOCK_SIZE Bug:22802399 Change-Id: I377edca2c7ea2cf4455f22f5f927fdad79893729
-
Chad Brubaker authored
sizeof(mBlob.value) is incorrect because writeBlob pads up to the next AES_BLOCK_SIZE Bug:22802399 Change-Id: I377edca2c7ea2cf4455f22f5f927fdad79893729
-
- 05 Aug, 2015 2 commits
-
-
