GitLab

The targetUid was not being used as the user to store the key as, so it
was ending up under the calling UID. This change matches the code for
insert and generate now.

(cherry picked from commit 360f51f7)

Bug: 8634328
Change-Id: I6bb9f66687552af990fdf90501f183930910ba8d

In order to let apps use keystore more productively, make the blob
encryption optional. As more hardware-assisted keystores (i.e., hardware
that has a Keymaster HAL) come around, encrypting blobs start to make
less sense since the thing it's encrypting is usually a token and not
any raw key material.

(cherry picked from commit 0c540aad)

Bug: 8122243
Change-Id: Ie97f6df1ba141b1ed8007413ec1a834b0486cc2a

(cherry picked from commit aae26fc0)

Bug: 8566369
Change-Id: Ic1b604f6cc0c3a950e7ce1b98604a9fd7419f720

Split the directories out per-user. Each Android user ID gets its own
directory and master key. This gives each user its own locked/unlocked
state.

Add migration code that converts existing keystores to this scheme. This
even migrates keys that used the non-public API, but only for the
primary user. The secondary users may have a different lock screen
pattern that would no longer work to unlock the master key.

Bug: 7249554
Change-Id: Ie135235ab1eb88ddb2d89a6cb4ffd8fb6736c573

Check should be that the 'is_software' flag is off.

Change-Id: Ic03ef957f6aa62b959b24fe8e4ff202f431aab89

Change-Id: Ie96b2d22af839b67daed4f194e37864cd50e8463

During an upgrade, a blob would be written out to disk. Whenever a blob
is written to disk, it is encrypted in-place. After upgrade, keystore
would attempt to use the blob, but get garbage instead of what it
expected since it was encrypted.

This moves the work of writing up a level so it can then re-read the
blob after upgrade.

Bug: 7249554
Change-Id: I3946c5db1c2fc57ace476db04f792e3b82d1cb15

Add ability for system UID to clear all entries for a different UID.

Bug: 3020069
Change-Id: Ibfeea6aae9006cb2ef7052ead72b2704dfce3cb4

Add an API to query the HAL to see what kind of storage it reports the
device is.

Change-Id: I37951e989ad724e2352df6e321f03f19e58b4fca

After discussion, it was determined that duplicate would be less
disruptive and it still fit in the current HAL model.

Change-Id: Id6ff97bfa5ec4cca9def177677263e9be1c9619f

To support the WiFi service, we need to support migration from the
system UID to the wifi UID. This adds a command to achieve the
migration.

Bug: 8122243
Change-Id: I31e2ba3b3a92c582a6f8d71bbb139c408c06814f

Previously we redirected all calls from the wifi or vpn UIDs to the
system UID's namespace. This switches the paradigm to allow system to
write into wifi and vpn UID keystore spaces instead.

Change-Id: Ib9144cb12435b09ab2e8c24b75366cf9762965fe

Most callers only care if the keystore is unlocked for use and not
whether it's in a specific state. Change this now so we can change the
states later.

Change-Id: I2de87c84fd16b33ee9e3eca3843a8260e1f5af87

During a failure, return a null value instead of an empty list.

Change-Id: I34763c90eb65b0ed6bbe2757310992541feeb1a8

This will allow explicit indication of which UID to put things under for
trusted UIDs (e.g., system UID) in a future change instead of putting
things only in the calling UID.

Change-Id: Ifc321a714d874a1142890138101ce4166906f413

Change-Id: Ib056ad6b4f2149292100cda9106de19eb7b2e259

This was left-over from previous changes and nothing really used it any
more.

Change-Id: Id7bb58ffbc3f5b7f337e9bdbe8d0be315105cb26

When an error condition happens, keystore might memcpy a NULL pointer
which would cause a SIGSEGV. Avoid trying to copy it in that case.

Bug: 8019596
Change-Id: Ifcfc75401c41595fc2c2f0172c718c8d3bb93020

Change-Id: I3d5e3d4114d40902a6cf25a4c8ffabea4cc7851f

Change-Id: Ie71722747b6f0c5f53a8f333e838a54057eb9ab5