summaryrefslogtreecommitdiff
path: root/keystore/java/android/security/KeyStore.java
Commit message (Collapse)AuthorAgeFilesLines
* Framework support for AndroidKeyStore migrationJohn Wu2022-01-211-10/+0
| | | | | | | | | | | | | - Add a new boolean attribute `inheritKeyStoreKeys` to allow apps to indicate whether they want keys to be transferred to the updated app - Call the appropriate KeyStore method to migrate keys from the old namespace to the new one - Clear keys owned by the previous app ID if it is removed Test: atest SharedUserMigrationTest#testKeyMigration Test: atest AndroidPackageTest Bug: 179284822 Change-Id: I321b85b88c150f17709a2270c0cbaf368ca035cc
* Keystore 2.0: Remove Keystore 1.0 SPI with all remaining referencesJanis Danisevskis2021-04-011-1303/+34
| | | | | | Bug: 171305684 Test: CtsKeystoreTestCases Change-Id: I337515dadc9e45b909bff058d4e13371b4fa843c
* Keystore 2.0: Add onDeviceOffBody to AndroidKeyStoreMaintenance.Janis Danisevskis2021-03-231-0/+1
| | | | | | | | | Also have KeyStore.onDeviceOffBody call AndroidKeyStoreMaintenance.onDeviceOffBody. Test: N/A Bug: 171305684 Change-Id: I0b01764bfc4c5828d17ccfffb4f8dad5f3bcea6d
* Keystore 2.0: Remove hidden Keystore API from locksettings tests.Janis Danisevskis2021-03-151-1/+1
| | | | | | Test: N/A Bug: 171305684 Change-Id: I6fd90c29dd1fb077c25f1bd428fb8adf9782330e
* Keystore2: Integrate getState method of IKeystoreMaintenance AIDL.Hasini Gunasinghe2021-03-121-0/+14
| | | | | | Bug: 176123105 Test: TBD Change-Id: I8bc6bf219f7c4bb3722c310debcc8a276d14ed98
* Keystore 2.0: Clear Uid/NamesapceJanis Danisevskis2021-02-251-0/+4
| | | | | | | Implement uid/namespace clearing for Keystore 2.0. Test: Verified that keys get deleted when an app gets uninstalled. Change-Id: I1b0b65e977177a6e34c500b00b5070ec18be2671
* Keystore 2.0: Revisite Authorization.javaJanis Danisevskis2021-02-191-1/+1
| | | | | Test: N/A Change-Id: I4da26175741c5313aec17d30a3e534a2172d87b4
* Update frameworks to use unbundled version of BouncyCastle.Daulet Zhanguzin2021-01-281-2/+2
| | | | | | | | | Previously BouncyCastle methods were exposed as libcore APIs (@CorePlatformApi), which no longer possible when ART is updatable module (and can't guarantee BouncyCastle API stability) Bug: 154796679 Test: Treehugger Change-Id: I908681841a6766de88761767c77c4e2d4b5f56d5
* Integrate IKeystoreAuthorization aidl's addAuthToken with Keystore SPI.Hasini Gunasinghe2021-01-191-0/+1
| | | | | | | | | | | | | This CL introduces the Keystore SPI class for IKeystoreAuthorization aidl interface and implements the calling code for addAuthToken method. Bug: 166672367 Bug: 177830239 Bug: 177791435 Bug: 177787061 Bug: 177787180 Test: VTS test Change-Id: I9f0adc97efadd0fa1a1f16dd5ec811f4151a2b03
* Revert "Integrate IKeystoreAuthorization aidl's addAuthToken wit..."Louis Chang2021-01-181-1/+0
| | | | | | | | | | | | Revert submission 1519257-rename_auth_service Reason for revert: breaking WM presubmit, b/177787180 Reverted Changes: Ib847b68d4:Integrate IKeystoreAuthorization aidl's addAuthTok... I7893ab452:Integrate IKeystoreAuthorization aidl's addAuthTok... I4a092119c:Implement addAuthToken method of IKeystoreAuthoriz... Change-Id: Iea9bf7e7b3d1e968bbbe39f4ec08dcc3577cee07
* Integrate IKeystoreAuthorization aidl's addAuthToken with Keystore SPI.Hasini Gunasinghe2021-01-141-0/+1
| | | | | | | | | This CL introduces the Keystore SPI class for IKeystoreAuthorization aidl interface and implements the calling code for addAuthToken method. Bug: 166672367 Test: VTS test Change-Id: I7893ab4520b16533b9fddc9909297856e0b523ae
* Add maxTargetSdk restriction to unused APIs.Mathew Inwood2020-11-041-7/+7
| | | | | | | | | | | These are APIs that have @UnsupportedAppUsage but for which we don't have any evidence of them currently being used, so should be safe to remove from the unsupported list. Bug: 170729553 Test: Treehugger Merged-In: I626caf7c1fe46c5ab1f39c2895b42a34319f771a Change-Id: I54e5ecd11e76ca1de3c5893e3a98b0108e735413
* Merge "Preserve interrupted state across waiting for future" am: 3a91c75184 ↵Treehugger Robot2020-06-171-27/+43
|\ | | | | | | | | | | | | | | am: f6574a21c2 Original change: https://android-review.googlesource.com/c/platform/frameworks/base/+/1340128 Change-Id: Ica523ae5269ba5e2a339653024870fefa581ad64
| * Preserve interrupted state across waiting for futureJanis Danisevskis2020-06-161-27/+43
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A normal synchronous binder call would not be influenced by an interrupted thread. With the move to asynchronous keystore IPC we wait on a future which can throw an interrupted exception. The Java crypto API does not expect the implementation to throw interrupted exceptions though. So to preserve the expected behavior we wrap the Future.get() calls in a loop that handles the interrupted exception and sets the interrupted state after the get completed successfully. Bug: 147398412 Bug: 155254932 Test: atest android.keystore.cts.CipherTest#testEncryptsAndDecryptsInterrupted Change-Id: I066180e8028cc426fa1b3739fa007faa17c8c012 Merged-In: I066180e8028cc426fa1b3739fa007faa17c8c012
| * Merge android10-qpr2-s3-release to aosp/master - DO NOT MERGEBill Yi2020-05-051-0/+11
| |\ | | | | | | | | | | | | | | | Change-Id: I7ce0992bd12158655c0f4833fd924c8012386996 Merged-In: I34d1d5f9a751c1d7680a5a5941c39b9fe33a473b Merged-In: Icd731877c220b0e3b39258812030313cbaba90c0
| | * RESTRICT AUTOMERGERubin Xu2020-03-191-0/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Update keyguard locked state from TrustManagerService TrustManagerService holds the ground truth about whether a user is locked or not, so update keystore using the information there, instead of doing it from KeyguardStateMonitor. This fixes the issue of work profile locked state not being correctly pushed to keystore. Note: since this change is likely to be backported as a security patch, I'm refraining from doing major refactoring right now. Bug: 141329041 Bug: 144430870 Test: manually with KeyPairSampleApp Change-Id: I3472ece73d573a775345ebcceeeb2cc460374c9b (cherry picked from commit f9418dbb2c2469dd271e4aebefda5b6a4b485f3a)
| * | Use new UnsupportedAppUsage annotation.Artur Satayev2020-01-091-2/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | Existing annotations in libcore/ and frameworks/ will deleted after the migration. This also means that any java library that compiles @UnsupportedAppUsage requires a direct dependency on "unsupportedappusage" java_library. Bug: 145132366 Test: m && diff unsupportedappusage_index.csv Change-Id: I4bc8c9482e4bb1af21363f951affff7ee3fefeab Merged-In: I4bc8c9482e4bb1af21363f951affff7ee3fefeab
* | | Clean up biometric system serverKevin Chyn2020-02-201-44/+19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 1) BiometricService / AuthService always need to be started, since on Android 11 and later, the public credential auth API comes through this path. 2) Consolidate getAuthenticatorId() and expose via AuthService. This is used only by the platform during key generation. Instead of asking each individual service, AuthService will return a list of IDs for sensors which are enrolled and meet the required strength. Test: atest com.android.server.biometrics Test: fingerprint device, CtsVerifier biometric section Test: face unlock device, CtsVerifier biometric section Test: remove biometrics from device, CtsVerifier biometric section Bug: 148419762 Bug: 149795050 Change-Id: I2c5385b1cd4f343fabb0010e1fe6fb1ea8283391
* | | Use new UnsupportedAppUsage annotation.Artur Satayev2019-12-181-2/+1
| | | | | | | | | | | | | | | | | | | | | | | | Existing annotations in libcore/ and frameworks/ will deleted after the migration. This also means that any java library that compiles @UnsupportedAppUsage requires a direct dependency on "unsupportedappusage" java_library. Bug: 145132366 Test: m && diff unsupportedappusage_index.csv Change-Id: I4bc8c9482e4bb1af21363f951affff7ee3fefeab
* | | Merge "Removing binder access to deprecated KeyStore function reset" am: ↵Max Bires2019-11-191-10/+0
|\| | | | | | | | | | | | | | | | | | | | | | | 9eb7fcfba6 am: 0ae9cd3faa am: c47567db49 Change-Id: I8e8d072dbf3edcb53eb32f86e0898c1bef791267
| * | Merge "Removing binder access to deprecated KeyStore function reset"Treehugger Robot2019-11-201-10/+0
| |\ \
| | * | Removing binder access to deprecated KeyStore function resetMax Bires2019-11-111-10/+0
| | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This api call is not accessible from the java API and is intended to be deprecated. This CL cleans up the potential to directly call into binder and use this functionality. Also cleans up imports to appease the repo hooks Test: Android builds Change-Id: I95b27a001a6d6ba6c7d1f952bdda456a78b7f99c
* | | Merge "Allow for input_data on finish." am: 4a83b14ada am: 02c287a628Rob Barnes2019-11-191-4/+15
|\| | | | | | | | | | | | | | | | | am: 51e842e43c Change-Id: I3ed4477e925a203ae8a7b1dde9744ade4a32e93c
| * | Allow for input_data on finish.Rob Barnes2019-11-141-4/+15
| |/ | | | | | | | | | | | | | | This additional input will be unused for now, but future changes are expected to utilize it. Test: Keystore CTS Tests Change-Id: I5c388032e3710e3825bdb06b26443a5ae2c034a3
* | Update keyguard locked state from TrustManagerServiceRubin Xu2019-11-081-0/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | TrustManagerService holds the ground truth about whether a user is locked or not, so update keystore using the information there, instead of doing it from KeyguardStateMonitor. This fixes the issue of work profile locked state not being correctly pushed to keystore. Note: since this change is likely to be backported as a security patch, I'm refraining from doing major refactoring right now. Bug: 141329041 Test: manually with KeyPairSampleApp Change-Id: I3472ece73d573a775345ebcceeeb2cc460374c9b
* | Spelling fix in KeyStore.javaSolomon Kinard2019-07-031-1/+1
|/ | | | | Test: none Change-Id: I37c535a358b0b157f0e04978658816036c52ebab
* Fix refactoring glitch in KeyStore.javaJanis Danisevskis2019-04-171-2/+1
| | | | | | Bug: 129974578 Test: atest android.keystore.cts Change-Id: I3ba732e15e522bd31e7eb813677d3ea884328cb6
* Keystore.java: Make apps tolerant to keystore crashesJanis Danisevskis2019-04-021-43/+115
| | | | | | | | | | | | Since keystore accepts asynchronous requests it may be that apps wait forever if keystore dies. This patch adds a death recipient to all keystore promises so that Keystore.java gets notified when keystore dies. Test: atest android.keystore.cts Bug: 111443219 Bug: 128991260 Change-Id: Ie6e4a4f371287f83a2cdf4069d5686c67d8aebc1
* Adding KEY_PERMANENTLY_INVALIDATED intMax Bires2019-02-181-0/+5
| | | | | | | | | | | This is to keep it in sync with response codes in keystore.h. This commit also adds the KeyPermanentlyInvalidatedException to all the methods that could receive this error code out of KeyStore. Bug: 118883532 Test: atest cts/hostsidetests/appsecurity/src/android/appsecurity/cts/AuthBoundKeyTest.java Change-Id: I878a628824e2eeb639ec5678b1a5d3d10428a918
* Limit access to suspected false positives.Mathew Inwood2018-12-281-2/+3
| | | | | | | | | | | | | | | | | | | | | Members modified herein are suspected to be false positives: i.e. things that were added to the greylist in P, but subsequent data analysis suggests that they are not, in fact, used after all. Add a maxTargetSdk=P to these APIs. This is lower-risk that simply removing these things from the greylist, as none of out data sources are perfect nor complete. For APIs that are not supported yet by annotations, move them to hiddenapi-greylist-max-p.txt instead which has the same effect. Exempted-From-Owner-Approval: Automatic changes to the codebase affecting only @UnsupportedAppUsage annotations, themselves added without requiring owners approval earlier. Bug: 115609023 Test: m Change-Id: I020a9c09672ebcae64c5357abc4993e07e744687
* Merge "Changed uid output parameter from an int array to a list of strings." ↵Rob Barnes2018-12-201-5/+7
|\ | | | | | | | | | | | | | | am: 7eae0132c1 am: 4718f665d4 am: 23ae50885f Change-Id: Ieefd1262586a3fbcf13999193c1e058abf1e0a8e
| * Changed uid output parameter from an int array to a list of strings.Rob Barnes2018-12-121-5/+7
| | | | | | | | | | | | | | | | | | Why?: 1) Returning an array list is unsafe because it must be allocated in Java and C++ must not change the size. 2) List<Integer> is not supported by AIDL, but List<String> is. I decided it was simpler to pass back integers encoded as strings than to create yet another parcelable. Bug: b/119616956 Test: ./list_auth_bound_keys_test.sh Test: Temporarily modified settings app to call listUidsOfAuthBoundKeys Change-Id: I3bf7578c96e800c8d35fba897f52220136dcd657
* | Merge "Fix deleting legacy key blobs" am: c24a4b5f44 am: b3c61fac5fJanis Danisevskis2018-11-211-4/+8
|\| | | | | | | | | | | am: 4d8a0decdb Change-Id: I74ba06e7371696806a8ab1adbd7e65d806e208c4
| * Fix deleting legacy key blobsJanis Danisevskis2018-11-211-4/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Since the keystore alias prefix USERSKEY was deprecated Credentials.deleteUserKeyTypeForAlias tried to delete key the remaining prefix first and if that failed tried to delete the legacy prefix. However, KeyStore.delete returns true if the key was deleted or did not exist. So the first call to delete would return true whether the key existed or not and the legacy alias would never be deleted. This patch introduces a new flavor of KeyStore.delete, that returns an error code instead of a boolean. The caller can now distinguish the nature of the failure. Credentials.deleteUserKeyTypeForAlias now checks this return code and attempts to delete the legacy variant if KEY_NOT_FOUND was returned. Bug: 117818447 Change-Id: Ifae1f3dbb07d85d94f430ead2cdd3e39d22436a4
* | Merge "Fix IllegalArgumentException in KeyChain" am: 932f96b27f am: e73f8e8827Janis Danisevskis2018-11-161-5/+4
|\| | | | | | | | | | | am: 28b8cd58ca Change-Id: I327e931490d3d81b824b134795a57add7c257c74
| * Fix IllegalArgumentException in KeyChainJanis Danisevskis2018-11-151-5/+4
| | | | | | | | | | | | | | | | The legacy support importKey method uses the wrong method to add date fields to the import keymaster arguments. Bug: 119549023 Change-Id: Iff841086f6616303b365ad28aae429ccae1f3406
* | Merge "Update KeyStore for new biometric modalities"TreeHugger Robot2018-11-161-1/+25
|\ \
| * | Update KeyStore for new biometric modalitiesKevin Chyn2018-11-021-1/+25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Biometrics are now generic from KeyStore point of view Bug: 113624536 Test: Unable to create keys when no templates enrolled Test: Able to create keys when templates are enrolled Test: No regression in Fingerprint Keys are invalidated after enrolling another FP Change-Id: I6bdc20eb58c8a0c10a986519d4ba9e1843ebc89d
* | | Merge "Added listUidsForAuthBoundKeys to KeyStore" am: 73e9640194 am: 3090f045a7Rob Barnes2018-11-151-0/+26
|\ \ \ | | |/ | |/| | | | | | | | | | am: 919f2169e7 Change-Id: I3ed8dcb49baffac2215b0a32e25241bcbd74e9c8
| * | Merge "Added listUidsForAuthBoundKeys to KeyStore"Rob Barnes2018-11-151-0/+26
| |\ \
| | * | Added listUidsForAuthBoundKeys to KeyStoreRob Barnes2018-11-141-0/+26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | listUidsForAuthBoundKeys was added to IKeyStoreService. This CL exposes this method in KeyStore for system apps. This method will be hidden for non system apps. Bug: b/112321280 Test: listUidsForAuthBoundKeys in IKeyStoreService has its own tests Test: This method cannot be tested directly from CTS Change-Id: Iac9e863079a1367ddb3a599bc3825baea96a1c31
* | | | Merge "Multi-threaded keystore" am: 9f248989bf am: cbd890315eJanis Danisevskis2018-11-151-16/+303
|\| | | | | | | | | | | | | | | | | | | | | | | am: 444162a57c Change-Id: I2c09961a74c7de92d85f3d2045dd065c94bc6fac
| * | | Multi-threaded keystoreJanis Danisevskis2018-11-141-16/+303
| |/ / | | | | | | | | | | | | | | | | | | | | | This patch makes the framework use the asynchronous keystore api model. Bug: 111443219 Test: Ran full keystore cts test suite Change-Id: I8d1fdc70cb9eb501d3f22a97d1221904c2ef8f9a
* | | Merge changes from topic "async_keystore" am: e8c144fe17 am: 07b06e1bdbJanis Danisevskis2018-11-091-4/+27
|\| | | | | | | | | | | | | | | | | am: d46d33cf25 Change-Id: Id9fcb7d5bac0a24de8ca64e79d50131a5930b8ed
| * | Add return code KEY_ALREADY existsJanis Danisevskis2018-11-081-4/+27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In preparation to the async keystore interface we change the semantics form unconditionally overwriting existing keys to reporting that the key exists. For compatibility we reimplement the same semantic in the calling code. Bug: 111443219 Test: KeyStore CTS test Change-Id: I1fa5428fa7ada97d5068778cd4590593c992554d
* | | Remove legacy functions form IKeystoreService.aidl am: 1864c95616 am: 036229c8dfJanis Danisevskis2018-11-091-63/+68
|\| | | |/ |/| | | | | | | am: 5c5fe83c4d Change-Id: Id2fa59fcbe111a968abef088b76fb97dbe2e369e
| * Remove legacy functions form IKeystoreService.aidlJanis Danisevskis2018-11-081-63/+68
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In preparation for making the keystore service asynchronous we remove redundant legacy functionality from the protocol. This patch removes the functions get_pubkey, sign, verify, generate, and import_key. Which have long been superseded by exportKey (get_pubkey), begin/update/finish (sign, verify), generateKey (generate), and importKey (import_key). This patch also removes isOperationAuthorized. Test: KeyStore CTS tests Bug: 111443219 Change-Id: Ib3bd6f40b4e948e5ad6b2ef5278b18ff46201d71
| * Add @UnsupportedAppUsage annotationsMathew Inwood2018-08-161-0/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | For packages: android.security.net.config android.security.keystore android.security.keymaster android.security This is an automatically generated CL. See go/UnsupportedAppUsage for more details. Exempted-From-Owner-Approval: Mechanical changes to the codebase which have been approved by Android API council and announced on android-eng@ Bug: 110868826 Test: m Change-Id: Ifed4da56531195f64fd53d84f14b4e8298843b2c Merged-In: I7762dd647bede8abc9be2c538af3a3a99a25a73e
* | Add @UnsupportedAppUsage annotationsMathew Inwood2018-08-161-0/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | For packages: android.security.net.config android.security.keystore android.security.keymaster android.security This is an automatically generated CL. See go/UnsupportedAppUsage for more details. Exempted-From-Owner-Approval: Mechanical changes to the codebase which have been approved by Android API council and announced on android-eng@ Bug: 110868826 Test: m Change-Id: I7762dd647bede8abc9be2c538af3a3a99a25a73e
* | Merge "Code reformatting for upcoming annotations." am: 60c8cfdd0f am: ↵Mathew Inwood2018-08-011-1/+5
|\| | | | | | | | | | | | | | | 02763a1c3e am: 842e882507 am: e377a769bd Change-Id: I67465690c2addbbfbe53472e5b45783821990567
generated by cgit v1.2.3 (git 2.25.1) at 2026-01-13 00:25:40 +0000