Recovery controller will no longer be aware of accounts. It is up to
the recovery agent to decide where to upload keys, and if so what
accounts to use.
Bug: 73811828
Test: runtest frameworks-core -p android.security.keystore.recovery
Change-Id: I929076d948f4d36ba88b68cca08058a5cdde0107
CertPath will include a cert of the trusted hardware and necessary
intermediate certificates.
Bug: 73784851
Change-Id: Ic70616b8f119891a82402b91035456e404c5f6de
Test: adb shell am instrument -w -e package \
com.android.server.locksettings.recoverablekeystore \
com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner
Package name is implicit. Recovery agent can only act for the same uid.
Bug: 73757432
Test: runtest frameworks-services -p
com.android.server.locksettings.recoverablekeystore
Change-Id: I45abf4b956fa4e97d981614d9e61295e85d5669e
Add a keymaster parameter for keys that should be inaccessible when
the device screen is locked. "Locked" here is a state where the device
can be used or accessed without any further trust factor such as a
PIN, password, fingerprint, or trusted face or voice.
This parameter is added to the Java keystore interface for key
creation and import, as well as enums specified by and for the native
keystore process.
Test: CTS tests in I8a5affd1eaed176756175158e3057e44934fffed
Bug: 67752510
Change-Id: I314b848f6971d1849a7a6347d52e41d9604639ae
This commit moves "IConfirmationPromptCallback.aidl" and
"IKeystoreService.aidl" to "system/security/keystore/binder" so that
"libkeystore_aidl" can be built in PDK builds.
Test: Run `cts-tradefed run cts -m CtsKeystoreTestCases` on Pixel 2017
and the test results are idential with and without this CL.
Test: Build PDK with special manifest described in
http://b/69539820#comment18 and http://b/69539820#comment19.
Test: Build a target (described in http://b/72961456) with
`platform.zip` built from master FSK source tree.
Bug: 69539820
Bug: 72961456
Change-Id: I7350f0ca943b15a6f3e40023a6cc299bdf8aed0e
Missing parts:
1) Whitelist locksettingsservice to use grant API.
2) Probably have similar update for recovered keys - they will live in
system service and RecoveryAgent will use getKey() method to access
them.
3) ApplicationKeyStorageTest
Bug: 66499222
Test: adb shell am instrument -w -e package \
com.android.server.locksettings.recoverablekeystore \
com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner
Change-Id: I584b89e3f777bed679b2eb5173750f3f1dee3635
This CL adds new Framework APIs that can be used for the secure
confirmations. This includes support for configuring a key such that
it can only sign data returned by the confirmation APIs.
Bug: 63928580
Test: Manually tested.
Change-Id: I94c1fc532376bd555b3dc37fc4709469450cfde6
Add a keymaster parameter for keys that should be inaccessible when
the device screen is locked. "Locked" here is a state where the device
can be used or accessed without any further trust factor such as a
PIN, password, fingerprint, or trusted face or voice.
This parameter is added to the Java keystore interface for key
creation and import, as well as enums specified by and for the native
keystore process.
Test: go/asym-write-test-plan
Bug: 67752510
Change-Id: I8b88ff8fceeafe14e7613776c9cf5427752d9172
- set/get recovery status simplification
- adding account to WrappedKey
- moving recovery methods to the Session class.
There are small cosmetical changes to .aidl which don't affect
implementation logic.
Bug: 72299798
Test: adb shell am instrument -w -e package
com.android.server.locksettings.recoverablekeystore
com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner
Change-Id: I9efaa4cde42cf778bb97ed13f62750a65d8c6cb5
Leave old APIs in current location for backwards compatibility reasons.
Bug: 72298565
Test: Tried flow with current versions of GMSCore to ensure they work still
Change-Id: Iafc2b8ad8a574460dbb2482a67935debe71f1113
Import Wrapped Key:
Applications can import keys in a wrapped, encrypted format. Wrapped keys are
unwrapped inside of a Keymaster device.
Strongbox:
Applications can import and generate keys in secure hardware.
3DES:
Add KeyProperties and KeymasterDefs
Add AndroidKeyStore3DESCipherSpi and provider registrations
Bug: 63931634
Test: Keystore CTS tests in progress
Change-Id: I80b6db865b517fa108f14aced7402336212c441b
This fixes the linting error that happens when we attempt to make this a
@SystemApi.
Test: adb shell am instrument -w -e package
com.android.server.locksettings.recoverablekeystore
com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner
Change-Id: Ib9eea030874608d73ceeff21ee8d7e9d5a75bce8
Session IDs are an implementation detail that the framework can (and should)
abstract away. This was previously reverted due to breaking master.
Test: adb shell am instrument -w -e package
com.android.server.locksettings.recoverablekeystore
com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner
Change-Id: I4427c818348c054ada39d799b6da3b739f27eba9
Session IDs are an implementation detail that the framework can (and should)
abstract away.
Test: adb shell am instrument -w -e package
com.android.server.locksettings.recoverablekeystore
com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner
Change-Id: Ieba641a9b54ac9bba197a6e9749b621a07e40c67
Sets up a sensible exception hierarchy. Consolidates two error codes
that both represented some kind of internal error into a single code.
Fixed some cases where the wrong error codes were used to signal.
Test: adb shell am instrument -w -e package
com.android.server.locksettings.recoverablekeystore
com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner
Change-Id: I6b1f97715cdc28a4be79912abb6f48e6657b048b
I will also rename RecoveryManager to RecoveryController -- in a separate CL,
as this one is already becoming too large.
Test: adb shell am instrument -w -e package
com.android.server.locksettings.recoverablekeystore
com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner
Change-Id: I2fb4e1f55fb50d95f15c230783c3d289dd71f7f3
Remove the duplicate() method from KeyStore.
It is backed by dead code in the Keystore service, which (as far as I
can tell) is not doing the right thing.
Previous conversations with Keystore team members suggested this API
should not be used and it is marked for removal in the Keystore service.
Bug: 72037261
Test: That it compiles.
Change-Id: I7f8af95473c876340cbd5c73dd88c5d0282897b3
The change is based on API review.
1) package and class names update
2) Builders for Parcelables.
3) Use Constant for RECOVER_KEYSTORE permission defined in
android.Manifest.
Bug: 66499222
Test: adb shell am instrument -w -e package \
com.android.server.locksettings.recoverablekeystore \
com.android.frameworks.servicestests/android.support.test.runner.AndroidJUnitRunner
Change-Id: I49f80acbb6dc0eb6d049e18e8cb0d1aa326dadb2
