GitLab

The check returned true regardless of the algorithm used.

Change-Id: I3ea262d3f56df457bbe571ee9b514c794e22402e

SELinux is always enabled.

Test: device boots and no keystore errors.
Change-Id: I65782894a5e5dc68380d3389e3d41d052e81c288

del() call in upgradeKeyBlob() will check binder client permission first
then delete keyblob file, but keyblob file always inserted by keystore
itself, so every call to upgradeKeyBlob() will get PERMISSION_DENIED error.
Remove del() call instead with mKeyStore->del() to fix it.

Change-Id: I87df619df55c604394eeda4ff3240b5709e5fa7a

am: 23545340

Change-Id: I7b9514d93252c8c54005632479690e0a9ac0705f

am: 2c142311

Change-Id: If8a056b093b567ea1efeeba45878e2b10bbd7d1b

For keymaster2, exportKey() will return need upgrade error when
using old patch_level keyblob, an upgradeKeyBlob() call needed in
exportKey(), like begin() and getKeyCharacteristics().

Test: Built with ". build/envsetup.sh && lunch shamu-eng && make -j32"

Change-Id: I4b3081c2b9091fa2d66c717f5d57dc6e567c50e2

There are three changes in this CL:
1. Persist all characteristics provided at the time of key creation.
   We do this to avoid device-specific keymaster implementations
   stripping keys they are not aware of.
2. Add an onDeviceOffBody API method that will be called whenever a
   wearable device is detected to have been removed.
3. Check whether a key was created with TAG_ALLOW_WHILE_ON_BODY and
   the device has gone off-body since the last auth event when
   deciding whether it can be used.

BUG: 30701680
BUG: 28911985
Change-Id: I6be3af3dee8e576fe713dfdd726502d8b333f224

am: fd05934b

Change-Id: I460e14a523c56e2703fdad89c0f81368d3048bb5

Merge "keystore: use static_cast for conversion between void* and uinti8_t*" am: e260a43a am: 0b7e6492
am: eb44d814

Change-Id: I1abb3aeb1f19705ffd5448a78d82878b0df565ec

am: 26457f43

Change-Id: I9bc8fdfe4a90858e28e5c64816fca474117fde21

am: 3aa6a436

Change-Id: I4e085b18f20446616944f34de84ac1d4feadc00a

am: e3b6e68d

Change-Id: I3013229f0bf78f06221a7f15660d0cbc75d09b46

am: 20f94c89

Change-Id: I501c1bc627620b3066264903e2714ead69b0e1be

am: 1156db46

Change-Id: I6d6aa111778048b93602a8edae50a2851190fbe0

am: 0b7e6492

Change-Id: I48cc0cd45799c1dbdf05dac41a058f4196eb6d47

am: 468ddcb5

Change-Id: Ia61cbbe635e5c9cfdac7304e3c47678de254b42d

am: 204e5eed

Change-Id: I9a5b4458038629790c02b1e1905d19d069ebbc0c

am: db6ccd4d

Change-Id: I0cd37078b9a7240415216116d5b591612d5fb555

am: 62e4fa28

Change-Id: I48b5a55821a74a5f181dcb2eb2139bcbfebee066

am: 3746fcf3

Change-Id: I1c35beb6f96bcf3a30fff7f8ab1f1eb18d3acb75

am: e260a43a

Change-Id: I9c8609aa73b95d9879b9002f591864bf44711865

am: 386ee118

Change-Id: I86dd59e2f73dad3eb7311f6e3a2db2818403c3e1

am: 3ccb1332

Change-Id: I289baee406be895774388e918ae8b5cb4b93d86e

am: 96d62710

Change-Id: I20033b19e56dffc4e0d8ac81ceceb758f9074148

am: 9ec9270d

Change-Id: I707158d096b064dd85a7e07efbb1456eae0a00f5

* changes:
  ExportResult implement Parcelable interface
  OperationResult implements Parcelable interface

am: f2786130

Change-Id: I5a36837c725a9de13c25391c19656e8b419bd185

am: aaf91922

Change-Id: Ifaf8c9fdd89fa74b5d073cbd27503d2d8f05c23b

am: 9fae4d99

Change-Id: I64df64763f1f08f185893f25adde0b93bc5aeb24

Only BoringSSL is supported anymore. The OpenSSL code is not tested.

Test: make -j32
Bug: 31464605
Change-Id: I6394bcf71f9e0b17bd8cbb50f6868df03aa00780

memory allocated in readKeymasterBlob() was not freed.
The memory leak happens when the clientId
and appData for getKeyCharacteristics() or exportKey() is non-null.

Change-Id: Ie0340e122bf25a2385175892e5ff8535cca8710a
Signed-off-by: Bin Chen <pierr.chen@gmail.com>