GitLab

* commit '878c359d':
  Add getmtime command for keys

This allows you to check when a key was last modified.

Change-Id: I167844d9a50e26aadfc73a2252b937d2ef09f09d

* commit 'e7f9da44':
  Clear out ENGINE flags when initializing

We don't need our engine to be copied when initialized with
ENGINE_by_id, so just make sure our flags are cleared when we
initialize.

Change-Id: Ie75fad37c2f78a769c425889c1d0661b468cd0c7

* commit '593786c9':
  keymaster HAL users don't need delete_keypair

The keymaster HAL implementations don't need the delete_keypair method,
but keystore currently throws an error when it's not implemented. This
causes problems with at least the OpenSSL software implementation.

Bug: 6985351
Change-Id: I3d7f7dce2a6d4aad38c20f555ab16aa45f1823b8

Change-Id: Ic25a71c0dcde3cda15caaafd93004f477671db24

* commit 'aa8467e5':
  Handle keynames with special characters such as - and .

Bug: http://code.google.com/p/android/issues/detail?id=34577
Bug: 6837950

(cherry-picked from 0114bd9f)

Change-Id: I0c265fe73c1b2c430ffd196a21691264f8f3b555

Bug: http://code.google.com/p/android/issues/detail?id=34577
Bug: 6837950

Change-Id: Id441e341073558ab8b20144a7e7f4f7a92c6a19e

The peril of not using calloc mean delete_all is not initialized until
we explcitly set it. Explicitly set delete_all to NULL to avoid that.

Change-Id: Ic370453e6142c6d1b2566df9844b4fac4bc53042

ENGINE_by_id will load up multiple copies of the engine which will
create a new ex_data index each time it's called. This change makes sure
the ex_data index is only initialized once.

Change-Id: I5e197faf6273ec3b3cafcbeadf7da8ec04a4f50b

This is so that Face Unlock can be a valid option for a lockscreen.
Otherwise get a PERMISSION_DENIED when uid = 101000.

Change-Id: I0085b27dbd4d2f1988ba654acadd72c30f76a47e

Turn on the compiler flags -Wall -Wextra -Werror to make sure no
compiler warnings are added to the project.

Eliminate all unused arguments. Remove unused variables in code.

Change-Id: I0940ba897ac716b4a256f94fcd671f1ff5abc62c

Use the UniquePtr.h include from frameworks/native/include/utils
to fix the pdk build.

Change-Id: Ic415b43d2eb8c0b7ef54b6f3f75b7fa0d5f7a058

Old key types were not distinguished by the keystore itself. This change
takes some of the reserved fields in the old format and changes it to a
version number and key type.

Change-Id: I45bd4cdce042617641fe7bd742bbe26da6024996

To allow efficient deletion by hardware keymaster modules, add a direct
delete_all call when keystore is reset. This will also probably fix
problems where the hardware keymaster gets more keys than keystore knows
about and fills up its storage.

Change-Id: I452e2e609802201dc7db2f52f95b44d72f79efa2

Add hardware crypto capabilities to keystore. This allows hardware
escrow of private key material.

There is also an OpenSSL engine that connects to keystore to allow use
of the keystore keys from native code built into the platform.

This includes a software implementation of keymaster using OpenSSL
as the backend.  This is just as insecure as the previous solution,
but it's needed so devices without hardware support can continue
to operate in the new scheme without a lot of compatibility code.

Change-Id: I2bc67766e1f633ef1cbbd2874a65962074e84f4f

Add a libkeystore_client.so library for clients to use.

Add const-correctness to the keystore.cpp classes.

Increase maximum arguments for future work.

Change-Id: Ia22f8b893aea3115a7b4a0543ad392c17c8528f2

Move keystore from frameworks/base at commit
57ff581bd9b16a192a567f84d0e0a5c82d866343

Change-Id: I1e62488d63810f14e40ffb3d192925ff4eeb8906

No commit message