)]}' { "log": [ { "commit": "8f299037474ce5e754c18f29f76b4c7d623479c0", "tree": "86636852a4ed1e2d44099a180f36ce61f11216a6", "parents": [ "58519002a2c2239ab63ef95487921e256ce5bcf5", "e377a769bd12321b4d94a05fc1ffb6cb03cb42d9" ], "author": { "name": "Mathew Inwood", "email": "mathewi@google.com", "time": "Wed Aug 01 18:08:20 2018 -0700" }, "committer": { "name": "android-build-merger", "email": "android-build-merger@google.com", "time": "Wed Aug 01 18:08:20 2018 -0700" }, "message": "Merge \"Code reformatting for upcoming annotations.\" am: 60c8cfdd0f am: 02763a1c3e am: 842e882507\nam: e377a769bd\n\nChange-Id: I67465690c2addbbfbe53472e5b45783821990567\n" }, { "commit": "842e88250752f6492e02930f1a106a88e89fd165", "tree": "f9eab363b0c65502ead9e2293e35d08516025cb6", "parents": [ "9f0aff0d989d25ee8248296bc3f413b97bf57e0b", "02763a1c3ee13389598bfd00f895845b32cb3a93" ], "author": { "name": "Mathew Inwood", "email": "mathewi@google.com", "time": "Wed Aug 01 16:35:28 2018 -0700" }, "committer": { "name": "android-build-merger", "email": "android-build-merger@google.com", "time": "Wed Aug 01 16:35:28 2018 -0700" }, "message": "Merge \"Code reformatting for upcoming annotations.\" am: 60c8cfdd0f\nam: 02763a1c3e\n\nChange-Id: Icdbef4bd0e71876a3ddb296ca38a243209f2eaf9\n" }, { "commit": "02763a1c3ee13389598bfd00f895845b32cb3a93", "tree": "caa7dd0704a799664e9b09f53e1bd43e3a3ffde6", "parents": [ "582d18c02b706199324b38b449860e281249df4e", "60c8cfdd0ff09070ac8d121416a8df90e6c037d7" ], "author": { "name": "Mathew Inwood", "email": "mathewi@google.com", "time": "Wed Aug 01 16:01:52 2018 -0700" }, "committer": { "name": "android-build-merger", "email": "android-build-merger@google.com", "time": "Wed Aug 01 16:01:52 2018 -0700" }, "message": "Merge \"Code reformatting for upcoming annotations.\"\nam: 60c8cfdd0f\n\nChange-Id: I4fcf520f53dddd6e70edf0d59fd13ae218c336a5\n" }, { "commit": "efb481646ef5c786f4a92118ba4248a0ef3c515e", "tree": "e35381b97f7bfa1057d50410036578ef6c2cbf35", "parents": [ "b6b8516ba0f44f2d234b825cc4d568c304e9f719" ], "author": { "name": "Mathew Inwood", "email": "mathewi@google.com", "time": "Wed Aug 01 10:24:49 2018 +0100" }, "committer": { "name": "Mathew Inwood", "email": "mathewi@google.com", "time": "Wed Aug 01 10:24:49 2018 +0100" }, "message": "Code reformatting for upcoming annotations.\n\n@UnsupportedAppUsage annotations are added automatically, but this does\nnot work when there are multiple definitions on the same line.\n\nTest: m\nBug: 110868826\nChange-Id: I2c26c136cdfa557e45cf1ee0b39dab9c17abde56\n" }, { "commit": "607a995691dcda1475042ddcd4e4cba708c791be", "tree": "1d944e1c9c1b893e5bd8fd336114384075435d63", "parents": [ "309adbff03ea6e0dedd232375a9f0583a7a80049" ], "author": { "name": "Eran Messeri", "email": "eranm@google.com", "time": "Mon Jul 09 17:58:26 2018 +0100" }, "committer": { "name": "Eran Messeri", "email": "eranm@google.com", "time": "Tue Jul 17 12:58:13 2018 +0100" }, "message": "DPM: Propagate StrongBox-related exception\n\nWhen the caller attempts to generate a key via DevicePolicyManager\n(using DevicePolicyManager.generateKeyPair), and specifies that\nStrongBox should be used, throw the right exception indicating\nStrongBox unavailability - the same one that is thrown if the same\nparameters were passed to the KeyStore\u0027s key generation method.\n\nThis is achieved by catching the StrongBoxUnavailableException in\nKeyChain, returning an error code indicating this particular failure\nto the DevicePolicyManagerService, which then propagates it by\nthrowing a service-specific exception with a value indicating\nStrongBox unavailability.\nThe DevicePolicyManager then raises StrongBoxUnavailableException.\n\nPrior to this change the exception propagated from KeyChain would be\na generic failure so the caller would simply get a null result.\n\nBug: 110882855\nBug: 111183576\nBug: 111322478\nTest: atest CtsDevicePolicyManagerTestCases:com.android.cts.devicepolicy.MixedDeviceOwnerTest#testKeyManagement\nChange-Id: I9abe3f449b48eb5a960fafbc15c59b9b4ce7a966\n" }, { "commit": "84c8b0fe47608b2f2dd7cfbca82dd2ba447e0eb0", "tree": "86336bb98cd3f6cd7a65e7e56720788508b08b92", "parents": [ "6a7aac4afed3a09396943f3797e7dcf000ba3621", "e323fcbe98cdbd7a395177381f0bec6fe8dd99a2" ], "author": { "name": "Eran Messeri", "email": "eranm@google.com", "time": "Tue Jul 03 12:07:59 2018 -0700" }, "committer": { "name": "android-build-merger", "email": "android-build-merger@google.com", "time": "Tue Jul 03 12:07:59 2018 -0700" }, "message": "Merge \"Correctly preserve key generation parameters\" into pi-dev am: 6f7cfb0627\nam: e323fcbe98\n\nChange-Id: I8cdbb82cd6fee604775764519dc8bf835a9c3738\n" }, { "commit": "5a5c6e0e44fbccbf5608c1955debf1650890f5a6", "tree": "70d9eebea919172b9898bcdf0fe4e594d28d36ed", "parents": [ "143c65d520b197a271d6de282fc7759d8009ce44" ], "author": { "name": "Eran Messeri", "email": "eranm@google.com", "time": "Thu Jun 28 11:20:44 2018 +0100" }, "committer": { "name": "Eran Messeri", "email": "eranm@google.com", "time": "Thu Jun 28 17:20:01 2018 +0100" }, "message": "Correctly preserve key generation parameters\n\nDue to an oversight, some of the key generation parameters that are set\nin KeyGenParameterSpec were not preserved when parceling the object\n(they should have been added to ParcelableKeyGenParameterSpec but were\nnot).\n\nThis means these parameters will be ignored when generating keys using\nthe DevicePolicyManager.generateKeyPair method, leading to an\ninconsistent key generation behaviour between the DevicePolicyManager\nand KeyStore.\n\nIn particular, this would prevent callers from using StrongBox when\ngenerating keys for use in the KeyChain.\n\nFix the issue by simply persisting these parameters in\nParcelableKeyGenParameterSpec and making sure that the Builder copies\nthem too from the source KeyGenParameterSpec.\n\nLeft to do is put in place an automated measure to find out\ndiscrepancies between the two classes.\n\nBug: 110915980\nBug: 110882855\nBug: 109953656\nTest: atest KeystoreTests\nChange-Id: Ic64bd2921b6dfc97ea34ecba55f532312963ffcb\n" }, { "commit": "23164924a9beabe95caaf3539b29148822e42c30", "tree": "a68588d60813609e2c03df3342c4ec24fd6d22c4", "parents": [ "ac05a1b791ad0761db7721f654604830c9c29cdf", "bd3440cac92847119605f914678466b5de77f502" ], "author": { "name": "Shawn Willden", "email": "swillden@google.com", "time": "Wed Jun 27 22:43:43 2018 -0700" }, "committer": { "name": "android-build-merger", "email": "android-build-merger@google.com", "time": "Wed Jun 27 22:43:43 2018 -0700" }, "message": "Merge \"Correct the keystore alias used for secure imports\" into pi-dev am: 143c65d520\nam: bd3440cac9\n\nChange-Id: I84b68a7caa793c776140cdd2bd79b5b76c63ddd3\n" }, { "commit": "fe6d4769a86b1ab4cf9b5b20ea08f4e3ccd00ec6", "tree": "218fbe063b4984d9cdac0cb9c15ed1904f685d5f", "parents": [ "0eb2be3a679b146e068cf99e2dbf45b4181c0bfa" ], "author": { "name": "Shawn Willden", "email": "swillden@google.com", "time": "Sat Jun 23 15:38:02 2018 -0600" }, "committer": { "name": "Shawn Willden", "email": "swillden@google.com", "time": "Tue Jun 26 12:35:03 2018 +0000" }, "message": "Correct the keystore alias used for secure imports\n\nAn Android-O timeframe refactor removed all use of keystore \"skey\"\naliases. Creating one not only partially reverses that refactor, but\nit also results in a key alias which cannot be deleted in some cases,\ncausing AndroidKeyStoreTest failures during the second run of CTS.\n\nBug: 80228327\nTest: CTS tests ImportWrappedKeyTest and AndroidKeyStoreTest, in that order\nChange-Id: I348ba421f29cdf6c65fc98be3a25d19938d559c1\n" }, { "commit": "4a1cccc93809920adeb0f25eaf69c9de7ec7c7d6", "tree": "68194f37c71b19edbaa5fdfe1c7c767084d14817", "parents": [ "70b447a378d0233dfc76cf208e5959c6070f1ed0" ], "author": { "name": "Irina Dumitrescu", "email": "irinaid@google.com", "time": "Fri Jun 08 19:36:34 2018 +0100" }, "committer": { "name": "Irina Dumitrescu", "email": "irinaid@google.com", "time": "Tue Jun 12 14:32:29 2018 +0100" }, "message": "Add Keystore get option that supresses caught exceptions warnings.\n\nThis is useful when the caught exceptions are not informative and they\nact as a red herring in the adb logs.\n\nBug:109791294\nTest: call this method in the VpnSettings and manually navigate to\nadding a new VPN by searching for VPN in settings and then pressing \u0027+\u0027.\n\nChange-Id: I4bc86e3ea5b11027090fd3a27dc7455557cf66ab\n" }, { "commit": "d530579816f59705a6f110e2235d70f75495b764", "tree": "05efb0ed3a2a9884497398faf6c6a0e9f7b8b4d9", "parents": [ "a6acf6f0dcae282770e719ca4b37c9716396ef58", "6779fecdccf711b4d08f528825e3e5ae31db88c5" ], "author": { "name": "Eran Messeri", "email": "eranm@google.com", "time": "Tue Jun 05 06:46:20 2018 -0700" }, "committer": { "name": "android-build-merger", "email": "android-build-merger@google.com", "time": "Tue Jun 05 06:46:20 2018 -0700" }, "message": "Merge \"Improve KeyChain documentation\" into pi-dev am: 843a0cabbf\nam: 6779fecdcc\n\nChange-Id: I25447edd4c22c7df4375f88b904d1300555a3836\n" }, { "commit": "e701dc17994e17468d7e4370e455e7b179d50e00", "tree": "48a3bdc181225f25f29a44775fdfb8767756f070", "parents": [ "22e64ec6116c16b550c51ecafaea31510db97b55" ], "author": { "name": "Aurimas Liutikas", "email": "aurimas@google.com", "time": "Fri Jun 01 16:04:37 2018 -0700" }, "committer": { "name": "Aurimas Liutikas", "email": "aurimas@google.com", "time": "Mon Jun 04 10:15:22 2018 -0700" }, "message": "Fix broken links in @see tags in framework docs.\n\ndoclava was accidentally suppressing all these broken links\nin @see tags. This CL fixes issues so we can start enfocing\nchecks for broken @see links.\n\nTest: make docs\nChange-Id: If7830ece85f8d1f27c991eae282230814726e115\nExempt-From-Owner-Approval: Fixing @see javadoc link issues that are currently completely broken\n" }, { "commit": "0bc50f944204c33ef0839134bcdd76a9e4badbe9", "tree": "96aa407396768bdbf86aa1b6e1255066de6449b9", "parents": [ "f225af4f6c7143fcfac837d87c9991ea91e55a5a" ], "author": { "name": "Eran Messeri", "email": "eranm@google.com", "time": "Fri Jun 01 16:03:39 2018 +0100" }, "committer": { "name": "Eran Messeri", "email": "eranm@google.com", "time": "Mon Jun 04 17:12:41 2018 +0100" }, "message": "Improve KeyChain documentation\n\nImprove the choosePrivateKeyAlias documentation by:\n(1) removing reference to host+port when a URI is being passed in.\n(2) Clearing up the language about what a DPC can do.\n\nTest: N/A\nBug: 81522642\nChange-Id: I12fbf675536ea5d843dd2eec4f0379daad764bb6\n" }, { "commit": "4b9fee53319e4f679af51681c8a90777f302bdfc", "tree": "841407fd51d07227a40d0ed262fa8a8d5c41990f", "parents": [ "9e04425f9e4ba5e24ca9b2b53bf535baa80bc66d" ], "author": { "name": "Frank Salim", "email": "franksalim@google.com", "time": "Thu Apr 12 03:09:44 2018 -0700" }, "committer": { "name": "Frank Salim", "email": "franksalim@google.com", "time": "Fri May 18 18:25:33 2018 +0000" }, "message": "Make ImportWrappedKey work with real hardware:\n Get unwrapping params from WrappedKeyEntry\n\nAdd @hide API for StrongBox-backed imported keys (as opposed to wrapped or generated)\nEnable 3DES conditionally based on a system property.\n\nBug: b/79986479\nBug: b/79986680\nTest: CTS\nChange-Id: If6beedc203337027576ecd3555d11ed2874f9768\n" }, { "commit": "cd0eb716c52b20fbc051d1da79a8fe1b91c1f4c3", "tree": "7b6b3b9a071026b5cbac8f1c03f21e7ac96b5b1c", "parents": [ "8785209fd7e7172cb096350b4007d5d9f8ef3208" ], "author": { "name": "Mike Harris", "email": "mwharris@google.com", "time": "Thu Apr 26 15:20:10 2018 -0700" }, "committer": { "name": "Rubin Xu", "email": "rubinxu@google.com", "time": "Mon Apr 30 09:27:31 2018 +0000" }, "message": "Use the @Nullable annotations for choosePrivateKeyAlias.\n\nBoth the code and docstring support this, but the parameters weren\u0027t\nannotated.\n\nTest: it builds locally\n\nChange-Id: I16beddcd74a86047ce9aaf37007d96f3e8e0d4e0\nMerged-In: I16beddcd74a86047ce9aaf37007d96f3e8e0d4e0\nFix: 78868934\n(cherry picked from commit b7c5eddc53c3872b661222ae30270d95cfe63b4e)\n" }, { "commit": "ec6268c5146ab3257172552234bc0fe6534940a4", "tree": "b3c04a5fadb572b7020849883d25d4b070639a3a", "parents": [ "637422b2bf7ca08dde6fdfce1fba7daa4965ff2c", "52dcedca37a08bcd01f8d060e269d4eb3745831f" ], "author": { "name": "Eran Messeri", "email": "eranm@google.com", "time": "Fri Apr 13 10:07:36 2018 +0000" }, "committer": { "name": "Android (Google) Code Review", "email": "android-gerrit@google.com", "time": "Fri Apr 13 10:07:36 2018 +0000" }, "message": "Merge \"AttestationUtils: Request MEID explicitly\" into pi-dev" }, { "commit": "52dcedca37a08bcd01f8d060e269d4eb3745831f", "tree": "24e18558d2e884c6402fb618517bf9bbbad4f47f", "parents": [ "0b5dd8e56040e2cd3dc95abfebe7fdb71cc7f0bc" ], "author": { "name": "Eran Messeri", "email": "eranm@google.com", "time": "Thu Apr 12 14:06:59 2018 +0100" }, "committer": { "name": "Eran Messeri", "email": "eranm@google.com", "time": "Thu Apr 12 17:20:35 2018 +0100" }, "message": "AttestationUtils: Request MEID explicitly\n\nRather than rely on getDeviceId to provide the MEID, explicitly use\ngetMeid to get it.\n\nFor MEID attestation to work, the right identifier needs to be passed in\nfor attestation by Keymaster.\nAttestationUtils currently gets this identifier by calling getDeviceId.\nThis would only yield the MEID if the device does not have an IMEI\nprovisioned, which means it\u0027ll get the IMEI for devices that have both\n(like Pixel 2).\n\nAccording to bartfab@ that is the correct way (see b/77584730#13).\n\nBug: 77584730\nBug: 73284024\nTest: runtest --path cts/tests/tests/keystore/src/android/keystore/cts/KeyAttestationTest.java\nChange-Id: I98f6c2e2a9835bf2fd681cfb4ff74fc3984c3a8e\n" }, { "commit": "9b5853d304702f1c76025ed80483276ce377f98f", "tree": "aeea93761e0e9390470edfc130587de16e8be62f", "parents": [ "10fb6582eb9c0e84938af9a2be0017e35eb59c5e" ], "author": { "name": "Allen Webb", "email": "allenwebb@google.com", "time": "Tue Apr 10 10:33:42 2018 -0700" }, "committer": { "name": "Allen Webb", "email": "allenwebb@google.com", "time": "Wed Apr 11 19:23:30 2018 +0000" }, "message": "keystore: Add documentation for user presence required.\n\nTest: make -j50 docs\nBug: 77600728\nChange-Id: I6334bc0fc7a7d4faced6b03522c350ce74303443\nSigned-off-by: Allen Webb \u003callenwebb@google.com\u003e\n" }, { "commit": "13e230f5d6a757f1a7ecd53d6254ac3e2826163d", "tree": "a845c7dfaa5c4aebf14a08aed628781433497185", "parents": [ "1c5ee613be6ac28877468d89272ad76bf03440c9" ], "author": { "name": "Shawn Willden", "email": "swillden@google.com", "time": "Tue Apr 10 17:21:39 2018 -0600" }, "committer": { "name": "Shawn Willden", "email": "swillden@google.com", "time": "Tue Apr 10 18:15:22 2018 -0600" }, "message": "Mark CTS-tested APIs as @TestApi\n\nBug: 77596526\nTest: Keystore CTS\nChange-Id: Ic4280db3d9ff093138f0a361ac6a52ca69187cca\n" }, { "commit": "1c5ee613be6ac28877468d89272ad76bf03440c9", "tree": "257878e6ec396df4e95bd7b1770b39ec9fc3d579", "parents": [ "26f00b9d87dd49bbb69c3cfc87fe1a243c2d4c78" ], "author": { "name": "Brian C. Young", "email": "bcyoung@google.com", "time": "Tue Apr 10 08:43:53 2018 -0700" }, "committer": { "name": "Shawn Willden", "email": "swillden@google.com", "time": "Tue Apr 10 17:05:39 2018 -0600" }, "message": "Allow CTS tests to access more from KeyProtection\n\nAdd @TestApi to allow CTS tests to use that call.\nEncryption and decryption are reversed in some documentation.\n\nTest: CtsKeystoreTestCases\nBug: 77596526\nChange-Id: Ifaf8b3fa0e231eef256451a2514219fff1b16699\n" }, { "commit": "aa5c335a60f8316e2935bf2281c4f985b607d586", "tree": "65f0c67c0d763f533f7c6a1e3f4ce57d39249c19", "parents": [ "93a10eb1d2535f2ab9c3edfa10bb31e439a825e9", "be10891cab6ef8942cdeb6fd36920804199161a5" ], "author": { "name": "TreeHugger Robot", "email": "treehugger-gerrit@google.com", "time": "Thu Apr 05 00:58:18 2018 +0000" }, "committer": { "name": "Android (Google) Code Review", "email": "android-gerrit@google.com", "time": "Thu Apr 05 00:58:18 2018 +0000" }, "message": "Merge \"keystore: Change superclass of UserPresenceUnavailableException.\" into pi-dev" }, { "commit": "084f9aee9a54a86680feed7cafd56a06ba6f24f8", "tree": "9f094fc4b33c4e2132786a15025725915ab45ce0", "parents": [ "6d24a1c8bef4c70ac1e646ffb21299ad7fe4a22b", "6f8fa9ac83e8690728400ca78e7b969d01fceb62" ], "author": { "name": "TreeHugger Robot", "email": "treehugger-gerrit@google.com", "time": "Mon Apr 02 21:40:34 2018 +0000" }, "committer": { "name": "Android (Google) Code Review", "email": "android-gerrit@google.com", "time": "Mon Apr 02 21:40:34 2018 +0000" }, "message": "Merge \"\"Unlocked device required\" javadoc clarification\" into pi-dev" }, { "commit": "840c29eb0be73a875c883863cf1421ca789f7041", "tree": "0746509d6debe27d2d3704105e47d58599dc8fbb", "parents": [ "540f74786135b5c99170a518ef246ecfd0588739", "3c1830bd7f85f35fe216b8bc5bc7f515b8f6d777" ], "author": { "name": "TreeHugger Robot", "email": "treehugger-gerrit@google.com", "time": "Mon Apr 02 20:36:34 2018 +0000" }, "committer": { "name": "Android (Google) Code Review", "email": "android-gerrit@google.com", "time": "Mon Apr 02 20:36:34 2018 +0000" }, "message": "Merge \"Rename trustedUserPresenceRequired.\" into pi-dev" }, { "commit": "6f8fa9ac83e8690728400ca78e7b969d01fceb62", "tree": "c3a6cc2ff0b058f42e78bcba518b54e880b83c12", "parents": [ "50228a647183c9315312f8f36ba849f8b1e6d3d0" ], "author": { "name": "Brian C. Young", "email": "bcyoung@google.com", "time": "Mon Apr 02 12:40:58 2018 -0700" }, "committer": { "name": "Brian C. Young", "email": "bcyoung@google.com", "time": "Mon Apr 02 12:40:58 2018 -0700" }, "message": "\"Unlocked device required\" javadoc clarification\n\nWording changes on the public API functions for these keys.\n\nTest: CTS\nBug: 67752510\nChange-Id: Iaf620e8c0e06d436d09f50d308268653bec196ce\n" }, { "commit": "3c1830bd7f85f35fe216b8bc5bc7f515b8f6d777", "tree": "ec912d970d6eabc3731e190e15c5fccfc321d869", "parents": [ "78e805684b427d3ba903a3ee5d12d3ea47be68b9" ], "author": { "name": "Shawn Willden", "email": "swillden@google.com", "time": "Tue Mar 27 16:10:37 2018 -0600" }, "committer": { "name": "Shawn Willden", "email": "swillden@google.com", "time": "Mon Apr 02 13:03:14 2018 -0600" }, "message": "Rename trustedUserPresenceRequired.\n\nThe existing name is misleading, because it can be read as requiring\nthat a trusted user be present, rather than the intended meaning of\nrequiring trusted proof of user presence. Since this is all about\nTEE/SE-based keys, the \"trusted\" part is implied, so the simple\n\"userPresenceRequired\" name makes more sense.\n\nBug: 77151288\nTest: Keystore CTS tests\nChange-Id: If8b533b9f34a1875eaf35cdd1bb8f3709da9761b\n" }, { "commit": "50228a647183c9315312f8f36ba849f8b1e6d3d0", "tree": "a8d176ad21064b96cf4ba6f00abc38faded35b05", "parents": [ "ea31cbea935a20d9d290453c2ba2f8b8670e45ca", "b631503200c8de47bbd83a71f17c798f5c2f1582" ], "author": { "name": "TreeHugger Robot", "email": "treehugger-gerrit@google.com", "time": "Mon Apr 02 18:45:35 2018 +0000" }, "committer": { "name": "Android (Google) Code Review", "email": "android-gerrit@google.com", "time": "Mon Apr 02 18:45:35 2018 +0000" }, "message": "Merge \"Revise secure key import API after review\" into pi-dev" }, { "commit": "f5f6bb2d888ada9b4bb3a92b106f4b1416968ea7", "tree": "85a711efe72b59f1b429702d0a63451cd4774476", "parents": [ "77fcc0da3b95b5a191fa65751aa86bc696260df7" ], "author": { "name": "Brian C. Young", "email": "bcyoung@google.com", "time": "Fri Mar 30 14:03:15 2018 -0700" }, "committer": { "name": "Brian Young", "email": "bcyoung@google.com", "time": "Fri Mar 30 21:37:48 2018 +0000" }, "message": "Remove getCurrentUser call to find an alternative\n\nThe call the framework uses to get the current user ID requires the\nINTERACT_ACROSS_USERS permission, which not a lot of apps will have.\nFind a better way to do that.\n\nBug: 76430246\n\nTest: CtsKeystoreTestCases\nChange-Id: I8a0637d351fff9cfbf40e02946325f90466b68c5\n" }, { "commit": "1e0a9b0b1b706e4ef31522cdbc7d3d5232e6c382", "tree": "f52a975589283f52c50799e4ea3d61edfe8c6245", "parents": [ "4ced90cb12c915db0cac0bbea25a1b8a43d93164", "9e8749058039b92fbed6ecf5a78eb9bf0c45c0e8" ], "author": { "name": "TreeHugger Robot", "email": "treehugger-gerrit@google.com", "time": "Fri Mar 30 18:54:39 2018 +0000" }, "committer": { "name": "Android (Google) Code Review", "email": "android-gerrit@google.com", "time": "Fri Mar 30 18:54:39 2018 +0000" }, "message": "Merge \"Enable \"Unlocked device required\" API\" into pi-dev" }, { "commit": "b631503200c8de47bbd83a71f17c798f5c2f1582", "tree": "1999d958dd37941c66ed99972244e64afb1142bc", "parents": [ "3d8fa52f59dcfae93e8ecc7a669fd3757e87c63f" ], "author": { "name": "Frank Salim", "email": "franksalim@google.com", "time": "Thu Mar 15 17:33:16 2018 -0700" }, "committer": { "name": "Frank Salim", "email": "franksalim@google.com", "time": "Fri Mar 30 10:25:22 2018 -0700" }, "message": "Revise secure key import API after review\n\n• WrappedKeyEntry: add doc (based on IKeymasterDevice.hal comments)\n• StrongBoxUnavailableException: add public ctors, match superclass\n• SecureKeyImportUnavailableException: new first class exception\n• ORIGIN_SECURELY_IMPORTED: elaborated on properties\n\nTest: make doc \u0026 review output\nBug: b/74218267\nChange-Id: Ice9adc60ede618870e57bb58ca66fd0218cd2bf7\n" }, { "commit": "be10891cab6ef8942cdeb6fd36920804199161a5", "tree": "edcf91ceffed8bffc6ee06886d5f85872d2682b7", "parents": [ "912853be102cc854f77d25f0946f4e6435b100b9" ], "author": { "name": "Allen Webb", "email": "allenwebb@google.com", "time": "Thu Mar 29 09:50:45 2018 -0700" }, "committer": { "name": "Allen Webb", "email": "allenwebb@google.com", "time": "Fri Mar 30 10:02:46 2018 -0700" }, "message": "keystore: Change superclass of UserPresenceUnavailableException.\n\nAlso add additional comments to isTrustedUserPresenceRequired().\n\nTest: m -j KeystoreTests \u0026\u0026 adb install -r\nout/target/product/${TARGET_PRODUCT}/data/app/KeystoreTests/KeystoreTests.apk\n adb shell am instrument\n\nBug: 73392697\nBug: 76462141\nChange-Id: Iabcc331adda53e2a5cad5ead6002dfbc29188da2\nSigned-off-by: Allen Webb \u003callenwebb@google.com\u003e\n" }, { "commit": "0186b42f2ae7e2c7b3e88043c2d1cb255f09514e", "tree": "500b6e1233f875e8f93f98759f3130234d637832", "parents": [ "69196f6fadf2445c2b9c06c17162d0cd3dfaeb5a", "9272dab49efa9c70ab92879c3e79a76fc8364d34" ], "author": { "name": "Brian Young", "email": "bcyoung@google.com", "time": "Fri Mar 30 14:21:19 2018 +0000" }, "committer": { "name": "Android (Google) Code Review", "email": "android-gerrit@google.com", "time": "Fri Mar 30 14:21:19 2018 +0000" }, "message": "Merge changes from topics \"niap-asym-write-pi-dev\", \"niap-asym-write-api-pi-dev\" into pi-dev\n\n* changes:\n Restore \"Add \"Unlocked device required\" parameter to keys\"\n Add \"Unlocked device required\" key API\n" }, { "commit": "9e8749058039b92fbed6ecf5a78eb9bf0c45c0e8", "tree": "3359c0d9694c908007e45d67ca5648df657d973e", "parents": [ "9272dab49efa9c70ab92879c3e79a76fc8364d34" ], "author": { "name": "Brian C. Young", "email": "bcyoung@google.com", "time": "Mon Mar 26 11:40:13 2018 -0700" }, "committer": { "name": "Brian C. Young", "email": "bcyoung@google.com", "time": "Thu Mar 29 10:25:33 2018 -0700" }, "message": "Enable \"Unlocked device required\" API\n\nRemove the @hide annotations so the SDP asymmetric-write functionality\nis included in the public API.\n\nTest: CtsKeystoreTestCases\n\nBug: 63928827\nChange-Id: I8f462b0ebe4d9a7b96b48fa1672dd2ab9140c505\n" }, { "commit": "9272dab49efa9c70ab92879c3e79a76fc8364d34", "tree": "9155709e2901fd9e5fe2a9ff2608765d87ce9b02", "parents": [ "36716eb4709503f2ef370c6f67273440cd91d18c" ], "author": { "name": "Brian Young", "email": "bcyoung@google.com", "time": "Fri Feb 23 18:04:20 2018 +0000" }, "committer": { "name": "Brian C. Young", "email": "bcyoung@google.com", "time": "Thu Mar 29 10:24:18 2018 -0700" }, "message": "Restore \"Add \"Unlocked device required\" parameter to keys\"\n\nAdd a keymaster parameter for keys that should be inaccessible when\nthe device screen is locked. \"Locked\" here is a state where the device\ncan be used or accessed without any further trust factor such as a\nPIN, password, fingerprint, or trusted face or voice.\n\nThis parameter is added to the Java keystore interface for key\ncreation and import, as well as enums specified by and for the native\nkeystore process.\n\nThis reverts commit da82e2cb7193032867f86b996467bcd117545616.\n\nTest: CTS tests in I8a5affd1eaed176756175158e3057e44934fffed\n\nBug: 67752510\n\nMerged-In: Ia162f1db81d050f64995d0360f714e79033ea8a5\nChange-Id: Ia162f1db81d050f64995d0360f714e79033ea8a5\n(cherry picked from d7c961ee914192e09ec10727da6d31a6b597bf51)\n" }, { "commit": "6169239b942fc2f6e8721b219f84b506c106fbe1", "tree": "9826db736692e5d9d870117d4b4be68e770c6fce", "parents": [ "3a5dabbb10861a5cea627936c56693550345b9a8" ], "author": { "name": "Eran Messeri", "email": "eranm@google.com", "time": "Mon Mar 26 16:43:14 2018 +0100" }, "committer": { "name": "Eran Messeri", "email": "eranm@google.com", "time": "Thu Mar 29 10:58:20 2018 +0100" }, "message": "Utilize verbose KeyChain errors\n\nAs KeyChain reports detailed error codes about failure to generate keys\nor attestation records for them, log these detailed errors and throw an\nexception if the hardware does not support Device ID attestation.\n\nBug: 72642093\nBug: 73448533\nTest: cts-tradefed run commandAndExit cts-dev -s 127.0.0.1:50487 -a x86_64 -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.DeviceOwnerTest#testKeyManagement -l DEBUG\nChange-Id: Ib12efcf48c158373e1fc28cc51d67e70282d029e\n" }, { "commit": "36716eb4709503f2ef370c6f67273440cd91d18c", "tree": "26dd3eedac52c5fdcb27fda06bb8180eeacf4232", "parents": [ "ff23ffa8ff352b9c7178d19779783d7c231fabda" ], "author": { "name": "Brian Young", "email": "bcyoung@google.com", "time": "Fri Feb 23 18:04:20 2018 +0000" }, "committer": { "name": "Brian C. Young", "email": "bcyoung@google.com", "time": "Wed Mar 28 08:38:56 2018 -0700" }, "message": "Add \"Unlocked device required\" key API\n\nThis adds the API methods and values for keyguard-bound keys, but\ncontains none of the actual functionality.\n\nTest: CTS tests in CtsKeystoreTestCases\n\nBug: 67752510\n\nMerged-In: Iccd7dafd77258d903d11353e02ba3ab956050c40\nChange-Id: Iccd7dafd77258d903d11353e02ba3ab956050c40\n(cherry picked from commit fd75c7232aebc8690f004de3486b3b9a44f3e0b0)\n" }, { "commit": "56e9c026b33da783088c10a3d1162076a8e25cb6", "tree": "36bd56d58d0890d16be28c3877d59b40f78357b8", "parents": [ "cdaba41a6f36262ae37b3425b8da981d2266345b", "5437b81696e19e40be3f6f9cc95b8ef14fa93ae3" ], "author": { "name": "TreeHugger Robot", "email": "treehugger-gerrit@google.com", "time": "Tue Mar 27 22:13:37 2018 +0000" }, "committer": { "name": "Android (Google) Code Review", "email": "android-gerrit@google.com", "time": "Tue Mar 27 22:13:37 2018 +0000" }, "message": "Merge \"Refactor AddUserAuthArgs for extensibility\" into pi-dev" }, { "commit": "4b4a0539b662695570d7d1ddbf96db93fc987e8d", "tree": "597ff21c0806a55348875361c42ec2bdc4614734", "parents": [ "9cd3e43d86ea00fb93ef7561bb309e3a53f1a582" ], "author": { "name": "Dmitry Dementyev", "email": "dementyev@google.com", "time": "Fri Mar 23 17:46:52 2018 -0700" }, "committer": { "name": "Dmitry Dementyev", "email": "dementyev@google.com", "time": "Fri Mar 23 17:46:52 2018 -0700" }, "message": "Add missing @NonNull annotation to AndroidKeyStoreProvider method.\n\nBug: 73959762\nTest: none\nChange-Id: I2298c8fe0893032f374629a5af128474ba0f679c\n" }, { "commit": "5437b81696e19e40be3f6f9cc95b8ef14fa93ae3", "tree": "c3aa310e3b0f093d25b3260d15c456f207d35d58", "parents": [ "6b71daa0c2d9e01fdf3aa8ce09dbd96c4d2ab8ea" ], "author": { "name": "Brian Young", "email": "bcyoung@google.com", "time": "Fri Feb 23 18:04:20 2018 +0000" }, "committer": { "name": "Brian C. Young", "email": "bcyoung@google.com", "time": "Thu Mar 22 16:10:40 2018 -0700" }, "message": "Refactor AddUserAuthArgs for extensibility\n\nCreate an interface that encapsulates the common arguments to\nAddUserAuthArgs, add that interface to KeyProtection and\nKeyGenParameterSpec, and refactor AddUserAuthArgs to accept an\ninstance of that interface.\n\nTest: CTS Module CtsKeystoreTestCases\n\nBug: 74017618\n\nMerged-In: I591e34e5d08421ea1c022bbb6e955ee3c01eb435\nChange-Id: I591e34e5d08421ea1c022bbb6e955ee3c01eb435\n(cherry picked from commit df16c56fbf05908e03f3a95a8a3d981bbc2fdb91)\n" }, { "commit": "bbb7f65a23937eeeabcc4caac5a3ea53ad836749", "tree": "fefa23fa352d64bcfd70e1dc1e69cbadbb6e7bfb", "parents": [ "c5f5ad103fb9416cb63ec9f7c2397bb343cb2f44" ], "author": { "name": "David Zeuthen", "email": "zeuthen@google.com", "time": "Mon Feb 26 11:04:18 2018 -0500" }, "committer": { "name": "David Zeuthen", "email": "zeuthen@google.com", "time": "Mon Feb 26 11:08:00 2018 -0500" }, "message": "ConfirmationDialog: Pass accessibility options and implement isSupported().\n\nBug: 63928580\nTest: Manually tested.\nChange-Id: I6a06d10a4cb924c3e57c8e212ba4626cad00f4a1\n" }, { "commit": "da82e2cb7193032867f86b996467bcd117545616", "tree": "7585d5778078b208575e2a535454946794490cb9", "parents": [ "efc3f16be7870c84227b79f73f0ad7cab72a260f" ], "author": { "name": "Brian Young", "email": "bcyoung@google.com", "time": "Thu Feb 22 23:36:34 2018 +0000" }, "committer": { "name": "Brian Young", "email": "bcyoung@google.com", "time": "Fri Feb 23 01:31:49 2018 +0000" }, "message": "Revert \"Add \"Unlocked device required\" parameter to keys\"\n\nThis reverts commit efc3f16be7870c84227b79f73f0ad7cab72a260f.\n\nReason for revert: Regression in creating auth-bound keys\n\nBug: 73773914\n\nBug: 67752510\n\nChange-Id: Ic3886ceb3c3c0c4274682ed9f5f2bfbf8fdd71b9\n" }, { "commit": "efc3f16be7870c84227b79f73f0ad7cab72a260f", "tree": "9bc781e0e7caf005e6037866954262fbb6f3152d", "parents": [ "5f76688c5a8eefd16bc51569263667e7f403f242" ], "author": { "name": "Brian C. Young", "email": "bcyoung@google.com", "time": "Thu Nov 16 15:36:43 2017 -0800" }, "committer": { "name": "Brian C. Young", "email": "bcyoung@google.com", "time": "Wed Feb 14 12:19:13 2018 -0800" }, "message": "Add \"Unlocked device required\" parameter to keys\n\nAdd a keymaster parameter for keys that should be inaccessible when\nthe device screen is locked. \"Locked\" here is a state where the device\ncan be used or accessed without any further trust factor such as a\nPIN, password, fingerprint, or trusted face or voice.\n\nThis parameter is added to the Java keystore interface for key\ncreation and import, as well as enums specified by and for the native\nkeystore process.\n\nTest: CTS tests in I8a5affd1eaed176756175158e3057e44934fffed\n\nBug: 67752510\n\nChange-Id: I314b848f6971d1849a7a6347d52e41d9604639ae\n" }, { "commit": "a8e8b659d0a872c9221e70b94c094cb6bff0508a", "tree": "82e4bab84a85a3cb6153fe3512b185b2f4b603be", "parents": [ "f100eea32f6ca4cfb858a53820a0b93f91b24942" ], "author": { "name": "David Zeuthen", "email": "zeuthen@google.com", "time": "Wed Oct 25 14:25:55 2017 -0400" }, "committer": { "name": "David Zeuthen", "email": "zeuthen@google.com", "time": "Tue Jan 30 17:33:21 2018 -0500" }, "message": "Add Confirmation API.\n\nThis CL adds new Framework APIs that can be used for the secure\nconfirmations. This includes support for configuring a key such that\nit can only sign data returned by the confirmation APIs.\n\nBug: 63928580\nTest: Manually tested.\nChange-Id: I94c1fc532376bd555b3dc37fc4709469450cfde6\n" }, { "commit": "3a28570b285d9248206fc0ab8b30e3b2a51ae5b3", "tree": "9d63c735395cb8389297c8f41bcc400d92be7fc8", "parents": [ "55fff3a89d96d0d0f8b8cb161bb0dda170c21ccb" ], "author": { "name": "Brian Young", "email": "bcyoung@google.com", "time": "Mon Jan 29 23:56:59 2018 +0000" }, "committer": { "name": "Ian Pedowitz", "email": "ijpedowitz@google.com", "time": "Tue Jan 30 15:31:42 2018 +0000" }, "message": "Revert \"Add \"Unlocked device required\" parameter to keys\"\n\nThis reverts commit 55fff3a89d96d0d0f8b8cb161bb0dda170c21ccb.\n\nReason for revert: Build breakages on elfin, gce_x86_phone.\n\nBug: 67752510\n\nBug: 72679761\nChange-Id: Ia495e9cb158b64fcf015e37b170554a7ed6810a7\n" }, { "commit": "55fff3a89d96d0d0f8b8cb161bb0dda170c21ccb", "tree": "dbe7cbcb2d2af17be47e8f4dd69a07a672b456c1", "parents": [ "e2975162dca148be4be46b5bfbacdce7c74513ee" ], "author": { "name": "Brian C. Young", "email": "bcyoung@google.com", "time": "Thu Nov 16 15:36:43 2017 -0800" }, "committer": { "name": "Brian C. Young", "email": "bcyoung@google.com", "time": "Mon Jan 29 10:16:02 2018 -0800" }, "message": "Add \"Unlocked device required\" parameter to keys\n\nAdd a keymaster parameter for keys that should be inaccessible when\nthe device screen is locked. \"Locked\" here is a state where the device\ncan be used or accessed without any further trust factor such as a\nPIN, password, fingerprint, or trusted face or voice.\n\nThis parameter is added to the Java keystore interface for key\ncreation and import, as well as enums specified by and for the native\nkeystore process.\n\nTest: go/asym-write-test-plan\n\nBug: 67752510\n\nChange-Id: I8b88ff8fceeafe14e7613776c9cf5427752d9172\n" }, { "commit": "4dadff8be0d8aebe41822eb2daeaaacd72631865", "tree": "96007a29171585eb80e70ae0da43c88c91f1b721", "parents": [ "7f1e49f2ff6b97a85dca041a72398d4a56149787", "7dacad8dc88c820cc750495017c11e322ac7309f" ], "author": { "name": "TreeHugger Robot", "email": "treehugger-gerrit@google.com", "time": "Thu Jan 25 17:31:38 2018 +0000" }, "committer": { "name": "Android (Google) Code Review", "email": "android-gerrit@google.com", "time": "Thu Jan 25 17:31:38 2018 +0000" }, "message": "Merge \"Add confirmation UI protocol to Keystore AIDL definition\"" }, { "commit": "7f1e49f2ff6b97a85dca041a72398d4a56149787", "tree": "fda5bc4917b7555423ecebaa493bc83c76eeaccb", "parents": [ "0ad372a7e40cb18115b881175430ce7c3cdc65d0", "ea5e038bc11f234553043c24b10134406444f601" ], "author": { "name": "TreeHugger Robot", "email": "treehugger-gerrit@google.com", "time": "Thu Jan 25 17:24:17 2018 +0000" }, "committer": { "name": "Android (Google) Code Review", "email": "android-gerrit@google.com", "time": "Thu Jan 25 17:24:17 2018 +0000" }, "message": "Merge \"Generating StrongBox backed keys\"" }, { "commit": "fcd05a94ef0642857abcd0e7746c40d601a787e7", "tree": "da7f18190651f370d8277a8d44672b13052fc775", "parents": [ "5e24057999b51f13d868dbe46f74701cb403697e" ], "author": { "name": "Allen Webb", "email": "allenwebb@google.com", "time": "Thu Jan 18 08:34:45 2018 -0800" }, "committer": { "name": "nagendra modadugu", "email": "ngm@google.com", "time": "Wed Jan 24 23:06:35 2018 -0800" }, "message": "keystore: Add Trusted User Presence (TUP) APIs.\n\nTest: m -j KeystoreTests \u0026\u0026 adb install -r\nout/target/product/crosshatch/data/app/KeystoreTests/KeystoreTests.apk\n adb shell am instrument\n \u0027android.security.tests/android.support.test.runner.AndroidJUnitRunner\u0027\nBug: 72476834\n\nChange-Id: I61ee4326a5e31f1cefacd47470b53634fa94c2ef\n" }, { "commit": "ea5e038bc11f234553043c24b10134406444f601", "tree": "e9d39663dacbcc531cea1b3bd2ff5aebf049ed9f", "parents": [ "f88fdc995fbd23ecc3e9b6b8a94186cd96969085" ], "author": { "name": "Frank Salim", "email": "franksalim@google.com", "time": "Tue Jan 23 22:42:29 2018 -0800" }, "committer": { "name": "Frank Salim", "email": "franksalim@google.com", "time": "Wed Jan 24 23:45:54 2018 +0000" }, "message": "Generating StrongBox backed keys\n\n•Add FLAG_STRONGBOX when the generator spec requires it.\n•Throw StrongBoxUnavailableException when the request\nfails due to HARDWARE_UNAVAILABLE.\n•Add PackageManager.FEATURE_STRONGBOX_KEYSTORE\n\nTest: KeyStore CTS tests under development on an emulator\nBug: 63931634\nChange-Id: I42d32b22981e43e504d30e5657d21ac555c71ebe\n" }, { "commit": "7dacad8dc88c820cc750495017c11e322ac7309f", "tree": "95e5a4a87059b23d8032eb226081b54955af3355", "parents": [ "f88fdc995fbd23ecc3e9b6b8a94186cd96969085" ], "author": { "name": "Janis Danisevskis", "email": "jdanis@google.com", "time": "Wed Jan 24 15:12:11 2018 -0800" }, "committer": { "name": "Janis Danisevskis", "email": "jdanis@google.com", "time": "Wed Jan 24 15:45:08 2018 -0800" }, "message": "Add confirmation UI protocol to Keystore AIDL definition\n\nTest: Manually tested\nBug: 63928580\nChange-Id: Ief1cdb9a64737d5aac08aa1c48ff60c34218d5ba\n" }, { "commit": "21d9c1d44a4a5e788d2a84e65b8509cb04c6d432", "tree": "4fb6b51bc7475147c63b5d6a41a3f6ae193e7a7e", "parents": [ "504039b1d36075f03f2923a457b03694380c529f" ], "author": { "name": "Frank Salim", "email": "franksalim@google.com", "time": "Tue Dec 19 22:38:09 2017 -0800" }, "committer": { "name": "Frank Salim", "email": "franksalim@google.com", "time": "Tue Jan 23 00:29:11 2018 -0800" }, "message": "Keystore APIs for Import Wrapped Key, Strongbox, 3DES\n\nImport Wrapped Key:\nApplications can import keys in a wrapped, encrypted format. Wrapped keys are\nunwrapped inside of a Keymaster device.\n\nStrongbox:\nApplications can import and generate keys in secure hardware.\n\n3DES:\nAdd KeyProperties and KeymasterDefs\nAdd AndroidKeyStore3DESCipherSpi and provider registrations\n\nBug: 63931634\nTest: Keystore CTS tests in progress\n\nChange-Id: I80b6db865b517fa108f14aced7402336212c441b\n" }, { "commit": "eab62566ef5caff37098f034db46b39f0e06317a", "tree": "428368182f2359cfa84afc774f5624de8cdad141", "parents": [ "2bb444136a10731f73fe7e7052a0fcbec0472262" ], "author": { "name": "Eran Messeri", "email": "eranm@google.com", "time": "Tue Jan 16 16:33:22 2018 +0000" }, "committer": { "name": "Eran Messeri", "email": "eranm@google.com", "time": "Tue Jan 16 16:33:22 2018 +0000" }, "message": "KeyStore: Remove duplicate method\n\nRemove the duplicate() method from KeyStore.\nIt is backed by dead code in the Keystore service, which (as far as I\ncan tell) is not doing the right thing.\n\nPrevious conversations with Keystore team members suggested this API\nshould not be used and it is marked for removal in the Keystore service.\n\nBug: 72037261\nTest: That it compiles.\nChange-Id: I7f8af95473c876340cbd5c73dd88c5d0282897b3\n" }, { "commit": "94d56761249a8e8c073867c17bba59b4a898f113", "tree": "a5d48db4ef71a6e105810d282ea3c8af32e42697", "parents": [ "ea713a3882d11675ca067ad63ab01a664d012f3b" ], "author": { "name": "Eran Messeri", "email": "eranm@google.com", "time": "Thu Dec 21 20:50:54 2017 +0000" }, "committer": { "name": "Eran Messeri", "email": "eranm@google.com", "time": "Tue Jan 02 23:36:15 2018 +0000" }, "message": "DPM: Implement Device ID attestation\n\nEnable requesting inclusion of device identifiers in the attestation\nrecord issued for keys generated by generateKeyPair.\nThis is done by passing an array of flags with values indicating which\nidentifiers should be included.\nSince the attestation record will include sensitive identifiers, it can\nonly be requested by the DPC in Device Owner mode or by the Delegated\nCert Installer in Device Owner mode.\n\nDesign note:\nDevicePolicyManager defines its own set of constants for the different\nidentifier types (ID_TYPE_*) and prior to calling\nDevicePolicyManagerService it translates them to the values defined by\nAttestationUtils (which is not a public class).\nThe reason is to allow re-use of code in AttestationUtils for preparing\nthe attestation arguments.\nIn theory, these constants could be moved from AttestationUtils to\nDevicePolicyManager, however that would create a dependency on DPM from\nKeystore, which logically does not make sense as Keystore is independent\nof the DPM (and in a lower level of the system, conceptually).\n\nBug: 63388672\nTest: cts-tradefed run commandAndExit cts-dev -a armeabi-v7a -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.DeviceOwnerTest#testKeyManagement; runtest frameworks-services -c com.android.server.devicepolicy.DevicePolicyManagerTest#testTranslationOfIdAttestationFlag\nChange-Id: Ifb42e8e813fa812a08203b4a81d15b1f91152354\n" }, { "commit": "7b27036950574a51edd6ade7b3c8d82b950b857a", "tree": "4f54b9dab58679d803a9f575be246183efb3ae36", "parents": [ "43fce46bcd2f77cbcf53fcb8d64d16b3eb92da2a", "03dd82792e41ed76602ca5f2ea32446da741c737" ], "author": { "name": "TreeHugger Robot", "email": "treehugger-gerrit@google.com", "time": "Thu Dec 28 02:16:55 2017 +0000" }, "committer": { "name": "Android (Google) Code Review", "email": "android-gerrit@google.com", "time": "Thu Dec 28 02:16:55 2017 +0000" }, "message": "Merge changes from topics \"wrapped_key_import\", \"keystore_seclevels\"\n\n* changes:\n Add importWrappedKey to IKeystoreService.aidl\n Keystore: Use security levels\n" }, { "commit": "0aadf935cbaa0a0f3b1570e162790fd04cbef530", "tree": "a59e946d1a27852741295fd14961e204377840f3", "parents": [ "39b4499d943d2a078b7c7ca2936908d7aac719d1" ], "author": { "name": "Janis Danisevskis", "email": "jdanis@google.com", "time": "Mon Dec 18 17:28:52 2017 -0800" }, "committer": { "name": "Janis Danisevskis", "email": "jdanis@google.com", "time": "Fri Dec 22 00:02:39 2017 +0000" }, "message": "Keystore: Use security levels\n\nIn anticipation of the availability of Keymaster implementations with\nmultiple security levels this patch adds the additional\nkeystore flags FLAG_SOFTWARE and FLAG_STROGBOX.\n\nAlso, the IKeystore method addRngEntropy got a new flags parameter\nfor the caller to express which implementation shall be awarded the\nprecious entropy.\n\nTest: Keystore CTS tests\nBug: 63931634\nChange-Id: I4a4eafbdbe1290f0c7bd2bfa2ce3e5fbb06c2dd8\n" }, { "commit": "ecf0f22e5831832afb48c86abfaa81234c8db619", "tree": "06616aa20a0ffe77805d314c2b24bae9a3866534", "parents": [ "171fec8c356ffa8cd4837092fce3b5cd5e2712fe" ], "author": { "name": "Eran Messeri", "email": "eranm@google.com", "time": "Mon Dec 11 12:32:13 2017 +0000" }, "committer": { "name": "Eran Messeri", "email": "eranm@google.com", "time": "Mon Dec 18 13:26:01 2017 +0000" }, "message": "DPM: Implement installing certificates for generated keys\n\nAdd a new method in the DevicePolicyManager to associate certificates (and\nset the user-visibility) with a given key alias.\nConceptually, the new method, setKeyPairCertificate is very similar to\ninstallKeyPair, except it does not install a key, only certificates.\n\n(The new setKeyPairCertificate, together with generateKeyPair is\nfunctionally equivalent to installKeyPair, except the keys are generated\nin hardware rather than supplied externally).\n\nBug: 63388672\nTest: cts-tradefed run commandAndExit cts-dev -a armeabi-v7a -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.DeviceOwnerTest#testKeyManagement -l DEBUG\nChange-Id: Idbfe151f6e5311766decbc1a010bff78dc60249f\n" }, { "commit": "39b4499d943d2a078b7c7ca2936908d7aac719d1", "tree": "d6740506d01771f9d169666d48aba5359129d1cd", "parents": [ "cc1b3e0e89c738503f99a4fe23de1712425c67e4", "64338c0e4d0ec64c55abc34c0559d94ee352723c" ], "author": { "name": "Janis Danisevskis", "email": "jdanis@google.com", "time": "Fri Dec 15 23:48:55 2017 +0000" }, "committer": { "name": "Android (Google) Code Review", "email": "android-gerrit@google.com", "time": "Fri Dec 15 23:48:55 2017 +0000" }, "message": "Merge \"Consolidate Keystore alias prefixes.\"" }, { "commit": "64338c0e4d0ec64c55abc34c0559d94ee352723c", "tree": "ca55c1153ac4e02df80af05dcf7fc2581f193e88", "parents": [ "bb91f5fe94188de451726dd83cdaffd5944f5108" ], "author": { "name": "Janis Danisevskis", "email": "jdanis@google.com", "time": "Wed Apr 19 09:17:17 2017 -0700" }, "committer": { "name": "Janis Danisevskis", "email": "jdanis@google.com", "time": "Fri Dec 15 00:14:40 2017 +0000" }, "message": "Consolidate Keystore alias prefixes.\n\nCurrently, the keystore SPI assigns different prefixes to user key\nentries depending on the algorithm. Symmetric keys (secret keys) get\nthe prefix USERSKEY_ and asymmetric keys (private keys) get the\nprefix USERPKEY_. This distinction is superfluous, as the information\ncan always be retrieved from the key characteristics. Also moving\nforward it is desirable to be able to import keys the nature\nof which is not known a priori. In these cases the prefix cannot be\nchosen meaningfully.\n\nThis patch deprecates one of the prefixes (i.e. USERSKEY_) and uses\nthe other for both types of keys. Legacy keys with the old prefix\ncan still be used, but all new keys will have the prefix USERPKEY_.\n\nBug: 63931634\nTest: CTS test and Manual upgrade test with KeyStoreTool app\n Also performed upgrade test with device PIN set\nChange-Id: I5b4bb0b0d2b82c276659d55b862150326bb68d5d\n" }, { "commit": "a173064047d304837d907b9b39ece5c14adf2b25", "tree": "6b8716f7f503e84cb257b3154bf5cdded48e43f9", "parents": [ "7d6688f35e37a96579db8ae2342eda3239a92c3c" ], "author": { "name": "Eran Messeri", "email": "eranm@google.com", "time": "Mon Dec 11 17:48:47 2017 +0000" }, "committer": { "name": "Eran Messeri", "email": "eranm@google.com", "time": "Thu Dec 14 18:09:05 2017 +0000" }, "message": "DevicePolicyManager: Support attestation for generated keys.\n\nIf the KeyGenParameterSpec passed into\nDevicePolicyManager.generateKeyPair contains an attestation challenge,\nrequest an attestation record for the newly-generated key with the\nchallenge provided.\n\nThis particular implementation was chosen, rather than letting the\nattestation record be generated at the same time as key generation, to\navoid having the attestation chain stored in Keystore and associated\nwith the generated alias.\n\nThe rationale is that this is a key that is potentially accessible by\nmultiple applications and the attestation chain may end up being sent\nas a TLS client certificate chain, for example.\n\nAs the attestation challenge should be unique per device, to avoid\nthe potential of sending / sharing unique device information, by\nexplicitly requesting an attestation record after key generation, the\nattestation record is only returned to the generateKeyPair client and\nnot persistend in Keystore.\n\nBug: 63388672\nTest: New CTS test to be run with: \u0027cts-tradefed run commandAndExit cts-dev -a armeabi-v7a -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.DeviceOwnerTest#testKeyManagement -l DEBUG\u0027\nChange-Id: I95a9aef179173b571b533301ac438c675e8fe702\n" }, { "commit": "27674aedc0c2fe6f013ea0d6722bdb0d17fc7c57", "tree": "746a77641c8f5a615b8415b3e55f87d897b557a7", "parents": [ "e5634eeba63e975f8d69f7673596a5dc59908438", "5db9a911354271abdc13a2a645d0de7d2619010e" ], "author": { "name": "Jeff Sharkey", "email": "jsharkey@google.com", "time": "Mon Dec 11 16:47:13 2017 +0000" }, "committer": { "name": "Android (Google) Code Review", "email": "android-gerrit@google.com", "time": "Mon Dec 11 16:47:13 2017 +0000" }, "message": "Merge \"Add auto-doc support for @StringDef.\"" }, { "commit": "47670548e07140f3308c2aa4741b1bbf4f25d7bc", "tree": "eff6958afdadc70e5a27b06f6a0f8f9593f06bc2", "parents": [ "b8f2728a787db8dc551345b464705f049d970502" ], "author": { "name": "Eran Messeri", "email": "eranm@google.com", "time": "Sat Dec 09 21:25:04 2017 +0000" }, "committer": { "name": "Eran Messeri", "email": "eranm@google.com", "time": "Mon Dec 11 12:28:13 2017 +0000" }, "message": "Keystore: Fix KeyGenParameterSpec parceling\n\nFix the way KeyGenParameterSpec is parceled, by correctly handling\ndefault and null values for some of the fields.\n\nA recent CL added the ability to parcel/unparcel KeyGenParameterSpec (by\na separate class).\nDue to refactoring late in the CL review cycle, the parceling code did\nnot take into account a few edge cases.\n\nUnit tests:\nm -j KeystoreTests \u0026\u0026 adb install -r out/target/product/marlin/data/app/KeystoreTests/KeystoreTests.apk\nadb shell am instrument \u0027android.security.tests/android.support.test.runner.AndroidJUnitRunner\u0027\n\nCTS tests:\ncts-tradefed run commandAndExit cts-dev -a armeabi-v7a -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.DeviceOwnerTest#testKeyManagement -l DEBUG\n\nBug: 69337278\nTest: Keystore unit tets (see instructions above) and cts Key Management test.\nChange-Id: Ie08f42b07fb55b6fa1d8fb73c89d69687c97e214\n" }, { "commit": "5db9a911354271abdc13a2a645d0de7d2619010e", "tree": "cca7ffd53bc9355afa36e96124912a7af62fd90e", "parents": [ "6e15c2a89ae9733d2552d9d0a20504a4bdf69c29" ], "author": { "name": "Jeff Sharkey", "email": "jsharkey@android.com", "time": "Fri Dec 08 17:32:32 2017 -0700" }, "committer": { "name": "Jeff Sharkey", "email": "jsharkey@android.com", "time": "Fri Dec 08 17:33:40 2017 -0700" }, "message": "Add auto-doc support for @StringDef.\n\nBehaves pretty much the same as @IntDef, but now supports \"suffix\"\nin addition to \"prefix\" when matching constants.\n\nTest: manual docs output looks sane\nBug: 70406696\nChange-Id: I35064b0f9f36f1f13ccdb40302d818a004014f15\n" }, { "commit": "b2795710f33ce03f4106b4bbd3b41faec0c31bad", "tree": "020ae2fc5a5d7770f6868df4947dbd9036bffc72", "parents": [ "f20ed0321032d70d715eb1ccdde338689a30c7f1", "852c8f121f2e502e1e8503bfc230dccb81b681d4" ], "author": { "name": "TreeHugger Robot", "email": "treehugger-gerrit@google.com", "time": "Thu Dec 07 18:20:45 2017 +0000" }, "committer": { "name": "Android (Google) Code Review", "email": "android-gerrit@google.com", "time": "Thu Dec 07 18:20:45 2017 +0000" }, "message": "Merge \"DevicePolicyManager: Add key generation functionality.\"" }, { "commit": "852c8f121f2e502e1e8503bfc230dccb81b681d4", "tree": "27c90a754791b77990afbcb369cac3fad401a3bf", "parents": [ "d52efa56adaca0bc70fb72082c7c663adcb669cc" ], "author": { "name": "Eran Messeri", "email": "eranm@google.com", "time": "Wed Nov 15 05:55:52 2017 +0000" }, "committer": { "name": "Eran Messeri", "email": "eranm@google.com", "time": "Thu Dec 07 15:12:30 2017 +0000" }, "message": "DevicePolicyManager: Add key generation functionality.\n\nThis is the crux of the Verified Access feature implementation:\nAdding the ability to generate KeyChain keys directly by the\nsecure hardware, rather than installing software-generated keys\ninto KeyChain.\n\nAdd generateKeyPair to the DevicePolicyManager, which delegates key\ngeneration (via the DevicePolicyManagerService) to the KeyChainService.\n\nDesign highlights:\n* The key generation is delegated via the DevicePolicyManagerService to\n check that only authorized callers request key generation in KeyChain.\n* KeyChainService performs the actual key generation so it owns the key\n in Keystore outright.\n* DevicePolicyManagerService then grants the calling app access to the\n Keystore key, so it can actually be used.\n* Loading the public/private key pair, as well as attestation\n certificate chain, is done in the client code (DevicePolicyManager)\n to save parceling / unparceling those objects across process\n boundaries twice (for no good reason).\n\nNOTE: The key attestation functionality (that includes Device ID) is\nmissing/untested. Will be added in a follow-up CL as this one is quite\nbig already.\n\nHIGHLIGHT FOR REVIEWERS:\n* API: New API in DevicePolicyManager.\n\nBug: 63388672\nTest: cts-tradefed run commandAndExit cts-dev -a armeabi-v7a -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.DeviceOwnerTest#testKeyManagement -l DEBUG; adb shell am instrument \u0027android.security.tests/android.support.test.runner.AndroidJUnitRunner\u0027 (After building the KeystoreTests target and installing the apk)\nChange-Id: I73762c9123f32a94d454ba4f8b533883b55c44cc\n" }, { "commit": "dcb520b4ed5889281124d3520a1675d0a7418a0a", "tree": "550daa9592c6c688bbc2916876f597b8fbb7cf10", "parents": [ "231d50e799108b709d576400419a292908988e37", "9271333842c402d8486acfd781a87fac9d3eced9" ], "author": { "name": "Kevin Hufnagle", "email": "khufnagle@google.com", "time": "Thu Dec 07 05:47:03 2017 +0000" }, "committer": { "name": "android-build-merger", "email": "android-build-merger@google.com", "time": "Thu Dec 07 05:47:03 2017 +0000" }, "message": "Merge \"docs: Fixed key generator initialize method call.\" into oc-mr1-dev am: a1150e90e0\nam: 9271333842\n\nChange-Id: If099ce9dc3a35a1617de54c0187f718a0b391dcc\n" }, { "commit": "8cc88984c8e62aba0d79c1b4b0e1c8c506b40df5", "tree": "0812746e83d84693f73e5dbdd045947de3d6375b", "parents": [ "b94e697dcff23569f2b2bcc77173bed329a38242" ], "author": { "name": "Kevin Hufnagle", "email": "khufnagle@google.com", "time": "Wed Nov 29 12:06:52 2017 -0800" }, "committer": { "name": "Kevin Hufnagle", "email": "khufnagle@google.com", "time": "Wed Nov 29 12:06:52 2017 -0800" }, "message": "docs: Fixed key generator initialize method call.\n\nThe guide within the KeyGenParameterSpec class now uses the correct\nmethod (init() instead of initialize()) to initialize the key\ngenerator in the examples that show how to create AES and HMAC keys.\n\nTest: make ds-docs -j8\n\nBug: 69093664\nChange-Id: I6a9cbe6decd895c2505538f6ad4be91cd9133714\n" }, { "commit": "23c438d711c15541312dbb5a83548967874f9ccb", "tree": "83b5160da7a62def6f3d014964fc53042926d83d", "parents": [ "78252a23d6d38e4b1c938fef3d7b1dc6b7dfbe05" ], "author": { "name": "Eran Messeri", "email": "eranm@google.com", "time": "Thu Nov 23 17:20:52 2017 +0000" }, "committer": { "name": "Eran Messeri", "email": "eranm@google.com", "time": "Thu Nov 23 17:59:36 2017 +0000" }, "message": "KeyChain: Provide public \u0026 private keys\n\nIn order for the DevicePolicyManager to provide key generation\nfunctionality, it has to return both the private and public keys\nin form of a KeyPair.\n\nSince the KeyChainService will perform the key generation on behalf\nof the DevicePolicyManager (so that KeyChain will be the owner of\nthe generated keys outright), the DevicePolicyManager needs a way\nto get both the private and public key representations from KeyChain.\n\nA getKeyPair method is added that gets the private and public\nkey pair associated with a given alias from Keystore.\nThe getPrivateKey now delegates to the getKeyPair method and returns\nonly the private key.\n\nTested using existing CTS tests.\n\nBug: 63388672\nTest: cts-tradefed run commandAndExit cts-dev -a armeabi-v7a -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.DeviceOwnerTest#testKeyManagement\nChange-Id: I06b8511acd2049a0053ec8893de6de7429f7c92e\n" }, { "commit": "5c0a517dffc67aac4c8b6df1b3324f1ff0311704", "tree": "308257396bbcb792a63aae1ecc18a1ab462a9ac0", "parents": [ "a9a65af6ac4414b2df2a17bb2d3d5fb9254450c3", "7039f416c3db02bafc43dda0fc6db87b6ace2745" ], "author": { "name": "Eran Messeri", "email": "eranm@google.com", "time": "Tue Nov 14 13:43:03 2017 +0000" }, "committer": { "name": "Android (Google) Code Review", "email": "android-gerrit@google.com", "time": "Tue Nov 14 13:43:03 2017 +0000" }, "message": "Merge \"KeyChain: Adding methods for user-visibility.\"" }, { "commit": "7039f416c3db02bafc43dda0fc6db87b6ace2745", "tree": "e32cadf31e53155c2a3451eaa4c6e549d4681d1e", "parents": [ "2b267dfbe967661879b54c638e1f72ab85c5b2f5" ], "author": { "name": "Eran Messeri", "email": "eranm@google.com", "time": "Wed Nov 08 01:03:30 2017 +0000" }, "committer": { "name": "Eran Messeri", "email": "eranm@google.com", "time": "Thu Nov 09 20:51:35 2017 +0000" }, "message": "KeyChain: Adding methods for user-visibility.\n\nAdd to the KeyChain aidl two methods for getting and setting whether\na key can be selectable by the user or not.\n\nSee\nhttps://googleplex-android-review.git.corp.google.com/#/c/platform/packages/apps/KeyChain/+/3199414/\n\nTest: To be determined.\nBug: 65624467\nChange-Id: Ib31a11ca432a5d29fdb8ed5349598dbff4bcb516\n" }, { "commit": "efc4311a3fb84cacc98f0afe669c69f9d5196bd3", "tree": "7084786efb494627bfb7446704e49072a62d8b13", "parents": [ "843f07e2d31e64b57357bbfc106b5c3a28315332" ], "author": { "name": "Dmitry Dementyev", "email": "dementyev@google.com", "time": "Fri Oct 27 23:10:28 2017 -0700" }, "committer": { "name": "Dmitry Dementyev", "email": "dementyev@google.com", "time": "Tue Nov 07 10:21:08 2017 -0800" }, "message": "Get rid of manually created IKeystoreService.\n\nJava/aidl side changes necessary to generate IKeystoreService.cpp\nGenerated C++ service currently doesn\u0027t support null parameters, so lots\nof parameters were updated to pass default value instead of null.\n\nTest: cts-tradefed run cts -m CtsKeystoreTestCases\nBug: 68389643\n\nChange-Id: Ifaf2ab48b2bcd7b081e4b336aa279fa8ba4fbbbf\n" }, { "commit": "5596642a1035bcc120071d715336b965a51040fa", "tree": "9c16ea5cf15093e46ba18884173de6b5fc664302", "parents": [ "ce7416809a6953ad2d421977de2aae81cc0549f8" ], "author": { "name": "Kevin Chyn", "email": "kchyn@google.com", "time": "Mon Oct 23 16:08:47 2017 -0700" }, "committer": { "name": "Kevin Chyn", "email": "kchyn@google.com", "time": "Tue Oct 24 02:29:15 2017 +0000" }, "message": "Check FEATURE_FINGERPRINT before trying to getSystemService\n\nFixes: 65838275\n\nTest: Tested on Ryu/Walleye, the stack trace is not seen anymore\nChange-Id: I7b12fdca81d5f2523dea5a981fcf1daa69254eb4\n" }, { "commit": "da5dae23f9cd5a2776b7f70a58e234dd8a9fcdf7", "tree": "788854828cf3a1b6b9e2c6345c3b882c3589add3", "parents": [ "ec02583438effc8b3559ccdfa6c78a8fe1da6fc4" ], "author": { "name": "Janis Danisevskis", "email": "jdanis@google.com", "time": "Fri Sep 01 14:45:16 2017 -0700" }, "committer": { "name": "Shawn Willden", "email": "swillden@google.com", "time": "Tue Sep 12 04:13:11 2017 +0000" }, "message": "Fix use of auth-bound keys after screen lock removal\n\nWhen an auth-bound key is used after the screen lock has been removed by\nthe user, KeyStore.begin retruns UNINITIALIZED.\n\nThis patch adds handling for this error code, indicating that the key\nthat was to be used was permanently invalidated.\n\nBug: 65200397\nTest: CtsVerifier ScreenLockBoundKeysTest:\n 1. Run test\n 2. with CtsVerifier in the background remove the screen lock\n through the settings dialog\n 3. Select VtsVerifier in \u0027recents\u0027\n 4. Run test again\n\nChange-Id: If68ba0eb2f9c04655fe8c9eea28c4491eae8e92f\n(cherry picked from commit d07d3384279c0c07c5c6747ea8d0c5684264c9d0)\n" }, { "commit": "d07d3384279c0c07c5c6747ea8d0c5684264c9d0", "tree": "a0cac335651521d9d60d6381087fd05c93715b85", "parents": [ "9f5e99159056da901aefc4ac4ff26aa382a23765" ], "author": { "name": "Janis Danisevskis", "email": "jdanis@google.com", "time": "Fri Sep 01 14:45:16 2017 -0700" }, "committer": { "name": "Janis Danisevskis", "email": "jdanis@google.com", "time": "Fri Sep 01 14:45:16 2017 -0700" }, "message": "Fix use of auth-bound keys after screen lock removal\n\nWhen an auth-bound key is used after the screen lock has been removed by\nthe user, KeyStore.begin retruns UNINITIALIZED.\n\nThis patch adds handling for this error code, indicating that the key\nthat was to be used was permanently invalidated.\n\nBug: 65200397\nTest: CtsVerifier ScreenLockBoundKeysTest:\n 1. Run test\n 2. with CtsVerifier in the background remove the screen lock\n through the settings dialog\n 3. Select VtsVerifier in \u0027recents\u0027\n 4. Run test again\n\nChange-Id: If68ba0eb2f9c04655fe8c9eea28c4491eae8e92f\n" }, { "commit": "735aa14f4ea01f0fc9d38f5cad2f17ddfc6285b3", "tree": "321b6f3162008b6df00e4e3228859bbd4ad20508", "parents": [ "7745a7975f23577db755cb03f50df038f21d00a3", "1ed1ee3c7040259ca13a8017c7bdb4d42d092f94" ], "author": { "name": "Cindy Kuang", "email": "ckuang@google.com", "time": "Wed Aug 16 17:24:05 2017 +0000" }, "committer": { "name": "android-build-merger", "email": "android-build-merger@google.com", "time": "Wed Aug 16 17:24:05 2017 +0000" }, "message": "Merge \"docs: corrected code example mistakes\" into oc-dev am: 5714da6e93\nam: 1ed1ee3c70\n\nChange-Id: I979b54f30b9a09c2160b3d2087c619ba979a868e\n" }, { "commit": "3311ba316adaf6837e2d8623e2df3ae86ff93d4a", "tree": "ac3d9fcc85945ed1feae5ad843f02fc4d16c6ce7", "parents": [ "44cab75cb0ec40368597180e06d6d037a76ef41a", "5714da6e93271324b020be990b8274463b441b4b" ], "author": { "name": "Cindy Kuang", "email": "ckuang@google.com", "time": "Wed Aug 16 17:12:08 2017 +0000" }, "committer": { "name": "android-build-merger", "email": "android-build-merger@google.com", "time": "Wed Aug 16 17:12:08 2017 +0000" }, "message": "Merge \"docs: corrected code example mistakes\" into oc-dev\nam: 5714da6e93\n\nChange-Id: I75b35bd6ff92b345c3fd9d27fdf03e5db2927be9\n" }, { "commit": "2b1a5b8fd9efc41451f933fff27f615961f2d6d1", "tree": "85d278260f6a51cf75972355922f00148071d03c", "parents": [ "744976e2985a07f602c02721db8969a638d51c82" ], "author": { "name": "Cindy Kuang", "email": "ckuang@google.com", "time": "Wed Aug 09 14:18:02 2017 -0700" }, "committer": { "name": "Cindy Kuang", "email": "ckuang@google.com", "time": "Fri Aug 11 10:49:04 2017 -0700" }, "message": "docs: corrected code example mistakes\n\nTest: make ds-docs\n\nBug: 10808505\nChange-Id: I9ee4efab9f0cbac00213179d06a6f0919cb82756\n" }, { "commit": "e06f53372649b766cefe0cc408381f497426a2b8", "tree": "0c47f0012d0bd55948411ccc5005fabab6d0888c", "parents": [ "5898d52184c436c473c577d7c7f6ce5d16769046" ], "author": { "name": "Janis Danisevskis", "email": "jdanis@google.com", "time": "Thu Jun 08 17:53:34 2017 -0700" }, "committer": { "name": "Janis Danisevskis", "email": "jdanis@google.com", "time": "Mon Jul 24 10:58:33 2017 -0700" }, "message": "Refurbish granting mechanism\n\nKeystore stores key blobs in with filenames that include the symbolic\nname and the uid of the owner. This behaviour should have been\ncompletely opaque to the user keystore. However, the granting mechanism,\nby which an app can allow another app to use one of its keys, leaked the\ninternal structure in that the grantee had to specify the key name with\nthe granter\u0027s uid prefix in order to use the granted key. This in turn\ncollided with prefix handling in other parts of the framework.\n\nThis patch refurbishes the granting mechanism such that keystore can\nchoose a name for the grant. It uses the original symbolic key name as\nprefix and appends _KEYSTOREGRANT_\u003cgrant_no\u003e where the grant_no is\nchosen as first free slot starting from 0. Each uid has its own grant_no\nspace.\n\nThis changes the grant call such that it now returns a string, which is\nthe alias name of the newly created grant. The string is empty if the\ngrant operation failed.\n\nAs before apps can still mask granted keys by importing a key with the\nexact same name including the added suffix. But everybody deserves the\nright to shoot themselves in the foot if they really want to.\n\nBug: 37264540\nBug: 62237038\nTest: run cts-dev --module CtsDevicePolicyManagerTestCases --test\n com.android.cts.devicepolicy.DeviceOwnerTest#testKeyManagement\n\t because it grants a key\nMerged-In: I047512ba345c25e6e691e78f7a37fc3f97b95d32\nChange-Id: I047512ba345c25e6e691e78f7a37fc3f97b95d32\n" }, { "commit": "6396ccb82e368a5f4ca06c5e47f287930608cc3e", "tree": "a0e2e50638e1e34e74569cd6b45b7706250df074", "parents": [ "001956c626c8c2c8c02c6065ea0964dd505e5406" ], "author": { "name": "Janis Danisevskis", "email": "jdanis@google.com", "time": "Thu Jun 08 17:53:34 2017 -0700" }, "committer": { "name": "Janis Danisevskis", "email": "jdanis@google.com", "time": "Sun Jul 23 09:39:04 2017 -0700" }, "message": "Refurbish granting mechanism\n\nKeystore stores key blobs in with filenames that include the symbolic\nname and the uid of the owner. This behaviour should have been\ncompletely opaque to the user keystore. However, the granting mechanism,\nby which an app can allow another app to use one of its keys, leaked the\ninternal structure in that the grantee had to specify the key name with\nthe granter\u0027s uid prefix in order to use the granted key. This in turn\ncollided with prefix handling in other parts of the framework.\n\nThis patch refurbishes the granting mechanism such that keystore can\nchoose a name for the grant. It uses the original symbolic key name as\nprefix and appends _KEYSTOREGRANT_\u003cgrant_no\u003e where the grant_no is\nchosen as first free slot starting from 0. Each uid has its own grant_no\nspace.\n\nThis changes the grant call such that it now returns a string, which is\nthe alias name of the newly created grant. The string is empty if the\ngrant operation failed.\n\nAs before apps can still mask granted keys by importing a key with the\nexact same name including the added suffix. But everybody deserves the\nright to shoot themselves in the foot if they really want to.\n\nBug: 37264540\nBug: 62237038\nTest: run cts-dev --module CtsDevicePolicyManagerTestCases --test\n com.android.cts.devicepolicy.DeviceOwnerTest#testKeyManagement\n\t because it grants a key\nMerged-In: I047512ba345c25e6e691e78f7a37fc3f97b95d32\nChange-Id: I047512ba345c25e6e691e78f7a37fc3f97b95d32\n" }, { "commit": "7eeab2cdd99f84ecef12ebbb92e0731b26508da1", "tree": "07400ff228dba5e9cb51c6d9cf0bcb66bcd91f85", "parents": [ "7cf5f74f3fda19901d8c572f8c47981eda96e091" ], "author": { "name": "phweiss", "email": "phweiss@google.com", "time": "Wed Apr 19 20:15:06 2017 +0200" }, "committer": { "name": "phweiss", "email": "phweiss@google.com", "time": "Tue May 09 15:35:30 2017 +0200" }, "message": "Implement CACert queries in SecurityController\n\nCherry-pick note:\ntestCACertLoader() was flaky, so this cherry-pick contains\ntwo attempted fixes and a CL that disables the test. The original commit\nmessages of the squashed CLs are below.\nMerged-In: I3b9cc3d85c9f49d0a892613b63d1fba184ab647e\n\nImplement CACert queries in SecurityController\n\nQueries are run (on a AsyncTask) when user is switched and when\nACTION_TRUST_STORE_CHANGED is broadcasted. Otherwise, the result is cached\nin the SecurityController.\n\nBug: 37535489\nTest: runtest --path frameworks/base/packages/SystemUI/tests/src/com/android/systemui/statusbar/policy/SecurityControllerTest.java\nChange-Id: I3b9cc3d85c9f49d0a892613b63d1fba184ab647e\n\nIncrease timeout for flaky testCACertLoader()\n\nBug: 37535489\nBug: 38045871\nTest: runtest --path frameworks/base/packages/SystemUI/tests/src/com/android/systemui/statusbar/policy/SecurityControllerTest.java\nChange-Id: I5778082973af7c6d4d719b83e334fec552b0a89e\n\nFix flaky SecurityControllerTest.testCaCertLoader\n\nFixes: 38108698\nTest: runtest -c .statusbar.policy.SecurityControllerTest systemui\nChange-Id: I6029a09984b72599622f0df57187a20aba4dab30\n\nDisable flaky test\n\nTest: treehugger\nBug: 38118260\nChange-Id: I05c6504acee6a787e1cc5071bed0118388963212\n\n(cherry picked from commit e375fc441cc889890d1cff5bc771039bb65f08ef)\n" }, { "commit": "e375fc441cc889890d1cff5bc771039bb65f08ef", "tree": "3723d89aebe8f973f72a57717c6ed25772d16ea9", "parents": [ "83abc4f26d470ed032d91c65c66eff71a2499f53" ], "author": { "name": "phweiss", "email": "phweiss@google.com", "time": "Wed Apr 19 20:15:06 2017 +0200" }, "committer": { "name": "phweiss", "email": "phweiss@google.com", "time": "Fri May 05 19:03:29 2017 +0200" }, "message": "Implement CACert queries in SecurityController\n\nQueries are run (on a AsyncTask) when user is switched and when\nACTION_TRUST_STORE_CHANGED is broadcasted. Otherwise, the result is cached\nin the SecurityController.\n\nBug: 37535489\nTest: runtest --path frameworks/base/packages/SystemUI/tests/src/com/android/systemui/statusbar/policy/SecurityControllerTest.java\n\nChange-Id: I3b9cc3d85c9f49d0a892613b63d1fba184ab647e\n" }, { "commit": "237f4b369bfd8021882007d103b9921fca789263", "tree": "ae8c83b2076af2a15ad7dc51ce37aabde19734e8", "parents": [ "c4a169cfb452ac4e8c7fb4ac153f66892ee0b16e" ], "author": { "name": "Bartosz Fabianowski", "email": "bartfab@google.com", "time": "Mon Apr 24 13:57:46 2017 +0200" }, "committer": { "name": "Bartosz Fabianowski", "email": "bartfab@google.com", "time": "Wed Apr 26 17:40:44 2017 +0200" }, "message": "Add device ID attestation method to keymaster\n\nDevice ID attestation consists of three steps:\n* Generate a temporary key\n* Attest the key and desired device IDs\n* Delete the temporary key\n\nRather than being spread over three keymaster APIs, these operations\nshould happen automatically in a single keymaster method.\n\nBug: 34734938\nTest: GTS com.google.android.gts.security.DeviceIdAttestationHostTest\n\nChange-Id: Ifabb5163b9e4d12cb309a6b0ca8e5f2f92d212f4\n" }, { "commit": "a00c7c0a9983e30e4dcbc4f7ae847a26d9ea614f", "tree": "147c433a2c9ee6dc9caaa01198700c805ca6dedd", "parents": [ "5313eee98a2e7bcac48105888bdfb25d61dce2ce", "0f3f60b576aedc78524d50da3dadada2201e63c2" ], "author": { "name": "Jeff Sharkey", "email": "jsharkey@google.com", "time": "Tue Apr 25 22:10:56 2017 +0000" }, "committer": { "name": "Android (Google) Code Review", "email": "android-gerrit@google.com", "time": "Tue Apr 25 22:11:01 2017 +0000" }, "message": "Merge \"Fix some issues found by new doclava linter.\" into oc-dev" }, { "commit": "0f3f60b576aedc78524d50da3dadada2201e63c2", "tree": "10687f8ec2be4c125de12c100effc0c796a4b529", "parents": [ "30e06bb668f2e4b024c4ebc2a131de91c96de5eb" ], "author": { "name": "Jeff Sharkey", "email": "jsharkey@android.com", "time": "Mon Apr 24 18:06:20 2017 -0600" }, "committer": { "name": "Jeff Sharkey", "email": "jsharkey@android.com", "time": "Tue Apr 25 13:12:45 2017 -0600" }, "message": "Fix some issues found by new doclava linter.\n\nAdd missing API annotations for permissions and SdkConstants, and\ninvoke doclava with new \"-android\" flag.\n\nTest: make -j32 offline-sdk-docs\nBug: 37526420\nChange-Id: I970bb2655eb568fd25004636f134c794663a6c33\n" }, { "commit": "12b644d275b121dd952a4a564fa65b9c18c9b22c", "tree": "70b21b6b53191591312ca0ade265e0d59aeed6da", "parents": [ "274442e33433b74f4c6abca936cf3a1b3e0705bd" ], "author": { "name": "Rubin Xu", "email": "rubinxu@google.com", "time": "Fri Apr 21 19:21:42 2017 +0100" }, "committer": { "name": "Rubin Xu", "email": "rubinxu@google.com", "time": "Mon Apr 24 20:04:50 2017 +0100" }, "message": "Introduce KEYSTORE_FLAG_CRITICAL_TO_DEVICE_ENCRYPTION\n\nThis flag is used by system server to mark keys used during the\nsynthetic password auth flow. keys marked with this flag will not\nbe super encrypted because super encryption requires knowledge of\nthe synthetic password, causing a chicken-and-egg problem.\n\nBug: 35849499\nBug: 34600579\nTest: cts-tradefed run cts-dev -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.MixedProfileOwnerTest#testResetPasswordWithToken\n\nChange-Id: I474822f2e026f24ce6f6de1aa58b5012922f7b13\n" }, { "commit": "910e081216ac530432ac9d0aab10d5e5e4c73ab8", "tree": "d3c1c65d39a11fc3b446bf1534773ae8c46c6263", "parents": [ "faf37babb0bc0962c01750b222fc03bd197b0b62" ], "author": { "name": "Jeff Sharkey", "email": "jsharkey@android.com", "time": "Fri Apr 21 16:29:27 2017 -0600" }, "committer": { "name": "Jeff Sharkey", "email": "jsharkey@android.com", "time": "Fri Apr 21 16:35:08 2017 -0600" }, "message": "More auto-doc work.\n\nAdd support for AnyThread, CallSuper, and UiThread.\n\nAnother related CL started documenting @RequiresPermission, so remove\nduplicated information in existing APIs.\n\nSuppress auto-doc on a handful of classes that are already\nwell-documented.\n\nTest: make -j32 offline-sdk-docs\nBug: 37526420\nChange-Id: I791437dccec0f11d5349a23b982ba098cb551af8\n" }, { "commit": "8b651bf7d54f23549c8a7baa27dbed38a35465e4", "tree": "0a8bc7769b65d7505baff93dded2de577b965622", "parents": [ "b261269bcf2178a22ce3b4275cd3d89f8ac4a240" ], "author": { "name": "Chad Brubaker", "email": "cbrubaker@google.com", "time": "Thu Mar 23 09:26:09 2017 -0700" }, "committer": { "name": "Chad Brubaker", "email": "cbrubaker@google.com", "time": "Thu Mar 23 09:26:09 2017 -0700" }, "message": "Fix ACTION_STORAGE_CHANGED doc\n\nThe deprecation note was not quite correct.\n\nChange-Id: I15231881bbf1ee1ee4d342bff74280d7e9807ac0\nFixes: 36493384\nTest: builds\n" }, { "commit": "ad60c0615facbcccb1a2b4e87584e8e3980c4f4e", "tree": "20ad9f32f97a96d667e361eb5c34f12d2d9240ad", "parents": [ "6099e75df2c12f5b4b9e73cf3f8acdbaea4b3146" ], "author": { "name": "Bartosz Fabianowski", "email": "bartfab@google.com", "time": "Mon Mar 20 13:59:51 2017 +0100" }, "committer": { "name": "Bartosz Fabianowski", "email": "bartfab@google.com", "time": "Mon Mar 20 14:00:25 2017 +0100" }, "message": "Add manufacturer and model to device ID attestation\n\nDiscussions have shown that in addition to brand, device and product,\nwe should also allow devices to attest their manufacturer and model.\n\nBug: 36433192\nTest: GTS com.google.android.gts.security.DeviceIdAttestationHostTest\n\nChange-Id: Idd48929d6a0c9fe6656c6d2656e2c3f6f370a21e\n" }, { "commit": "05dc9f764c9d399add8b7495e680f66d098c55eb", "tree": "9ef2b8247c040c633438baffc7dd38e9f819339d", "parents": [ "f063264d3a1393608501f9c07180a1f3cfbb8b7f" ], "author": { "name": "Bartosz Fabianowski", "email": "bartfab@google.com", "time": "Wed Feb 22 23:41:14 2017 +0100" }, "committer": { "name": "Bartosz Fabianowski", "email": "bartfab@google.com", "time": "Fri Mar 03 19:42:51 2017 +0100" }, "message": "Add API for checking which CA certs were installed by the DO/PO\n\nWith this API, the system can determine whether a CA cert was\ninstalled by the user or the user\u0027s DO/PO.\n\nBug: 32692748\nTest: unit tests (see DevicePolicyManagerTest.java for invocation)\nTest: cts-tradefed run cts-dev --module CtsDevicePolicyManagerTestCases\n\nChange-Id: I3bcae5ac18ec2b110154184fc515df804fd73da6\n" }, { "commit": "66925ecc64e909a1ec2b650d10a4e8647f9c5f14", "tree": "198e0da88f56fcbe0760b9ec931ac446dffdf852", "parents": [ "77f53170030c8a5c6af00d215967a6f455511649" ], "author": { "name": "Frank Salim", "email": "franksalim@google.com", "time": "Wed Jan 25 22:22:41 2017 +0000" }, "committer": { "name": "Shawn Willden", "email": "swillden@google.com", "time": "Thu Mar 02 11:16:09 2017 -0700" }, "message": "Revert \"Add new key purpose Wrap Key to KeyProperties.java and\"\n\nThis reverts commit eb30e64f3fac192404a6ae3c162a0770201a7dc2.\n\nReason for revert: Remove partial support for wrapped key import\n\nTest: CTS tested\nChange-Id: I8008494860534257fa983e1a5169d0ed034621f7\n" }, { "commit": "a7aaae881cb3168641e3117a0de6db15b63b5a44", "tree": "22d8ca0bc254cc0096665a953831f790e68e51c1", "parents": [ "d92eee2344cbe4eba957a2f6d227dd3361d804d5", "abaa0695c5361b36a7a2cdbe87c77bf60be20af7" ], "author": { "name": "TreeHugger Robot", "email": "treehugger-gerrit@google.com", "time": "Tue Feb 28 22:09:02 2017 +0000" }, "committer": { "name": "Android (Google) Code Review", "email": "android-gerrit@google.com", "time": "Tue Feb 28 22:09:06 2017 +0000" }, "message": "Merge \"Delete ParcelableString, add StringParceledListSlice\"" }, { "commit": "abaa0695c5361b36a7a2cdbe87c77bf60be20af7", "tree": "d4df278a80bfdd1b25373072946426981bbfe884", "parents": [ "c98c16ded8738054242b2576a74e145f834b6efa" ], "author": { "name": "Robin Lee", "email": "rgl@google.com", "time": "Mon Feb 20 20:54:22 2017 +0000" }, "committer": { "name": "Robin Lee", "email": "rgl@google.com", "time": "Tue Feb 28 18:07:08 2017 +0000" }, "message": "Delete ParcelableString, add StringParceledListSlice\n\nBoth inherit from package private BaseParceledListSlice.\n\nThis is still bad, but it\u0027s not as bad. The existing code that uses\nthis can just do Foo.bar().getList() now instead of having to marshal\nto and from an oddball type at either end as well.\n\nIn the longer term ParceledListSlice\u003c\u003e should be eliminated, but it\u0027s\nnot clear how far into the future that is going to happen.\n\nTest: runtest -x services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java\nTest: runtest -x core/tests/coretests/src/android/content/pm/ParceledListSliceTest.java\nChange-Id: Ie69b96b5215d6e04990f6d31345772cdfee21d78\n" }, { "commit": "3e7cf168a547982676f18d3308b83381abc95f06", "tree": "fe117bb7181058d1350a72b2a1079819b7f7aea0", "parents": [ "c98c16ded8738054242b2576a74e145f834b6efa" ], "author": { "name": "Robin Lee", "email": "rgl@google.com", "time": "Sat Feb 25 01:28:25 2017 +0000" }, "committer": { "name": "Robin Lee", "email": "rgl@google.com", "time": "Sat Feb 25 01:32:54 2017 +0000" }, "message": "Make IKeyChainAliasCallback oneway\n\nSo it can be sent from devicepolicymanager (system_server) to keychain\n(a system_app) without waiting on the response and having to do\neverything in a background thread.\n\nSide-effect: the regular keychain \u003d\u003e app callback is slightly more\nefficient now too. in case anyone particularly needs blazing fast\nprivate key user selections.\n\nFix: 35675253\nTest: cts-tradefed run cts --abi\u003darm64-v8a --skip-device-info --module CtsDevicePolicyManagerTestCases --test \u0027com.android.cts.devicepolicy.DeviceOwnerTest#testKeyManagement\u0027 \u003c/dev/null 2\u003e\u00261\nChange-Id: I6e9d96ca3c42e6489d879d8cfb0507eb94838bf1\n" }, { "commit": "2c92e9daa4c787e8678c25d4a2d3f3ae2362dd4d", "tree": "e2c105b49fe8c00066c5ad3ff8f1820b537c93c6", "parents": [ "02761acc674ae9b13d5bbda493ac794ecc4c1c6e", "7c3b65e9b184c975b77b2c202e0d675a6770bd2d" ], "author": { "name": "TreeHugger Robot", "email": "treehugger-gerrit@google.com", "time": "Tue Feb 14 15:58:28 2017 +0000" }, "committer": { "name": "Android (Google) Code Review", "email": "android-gerrit@google.com", "time": "Tue Feb 14 15:58:31 2017 +0000" }, "message": "Merge \"Reject HMAC keys smaller than 64 bits.\"" }, { "commit": "7f5c91c6bce6a8ff2414549219a321a98a98ab31", "tree": "ad73588c43eed6d0f29b368b8e3faa3f00562258", "parents": [ "f9a55d42d2e2adbf5895d04e4790debb145508ed" ], "author": { "name": "Robin Lee", "email": "rgl@google.com", "time": "Wed Feb 08 21:27:02 2017 +0000" }, "committer": { "name": "Robin Lee", "email": "rgl@google.com", "time": "Tue Feb 14 13:29:31 2017 +0000" }, "message": "MonitoringCertTask no longer relies on software.device_admin\n\nAdded a test to validate that it still works the way it should before\nand after the change.\n\nBug: 33258404\nBug: 35196414\nFix: 35129745\nTest: runtest -x services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java\nTest: also manual, instructions:\nTest: (1) Disable software.device_admin from tablet_core_hardware, rebuild.\nTest: (2) Install CA cert. Notification should appear.\nTest: (3) Reboot. Notification should still be there.\nChange-Id: Id992725c1844a2fffbde4d8acaba531e99f853ad\n" }, { "commit": "59ced28f0f722d2517afc65d755ebb388902f76b", "tree": "dd9fd9a52c6558c73222620d96d8021cb429b843", "parents": [ "451911ea3a324a153a30daa42e30987071fc16ed" ], "author": { "name": "Rubin Xu", "email": "rubinxu@google.com", "time": "Mon Jan 30 23:39:12 2017 +0000" }, "committer": { "name": "Rubin Xu", "email": "rubinxu@google.com", "time": "Thu Feb 02 17:53:32 2017 +0000" }, "message": "Add hidden KeyProtection API to specify SID\n\nAllows the caller to specify which SID the given key\nshould be bound to, overriding the default rule of\nbinding to the current root/fingerprint SID.\n\nThis is a prerequsite for introducing synthetic password\nbased authentication flow.\n\nTest: cts-tradefed run cts -m CtsKeystoreTestCases\nBug: 33126414\nChange-Id: Ide03c0f4fd33ecca7a169ea763c3d4d0b173d1dd\n" }, { "commit": "92e8cfd21dbe4800b2ed6f18316b07136af1791f", "tree": "fbd65a82c97973365f9f6cd81e48555895f5af48", "parents": [ "9d3d90a22f0f64af71fb970e9a5ce75ac799fe3e" ], "author": { "name": "Bartosz Fabianowski", "email": "bartfab@google.com", "time": "Mon Jan 23 17:40:47 2017 +0100" }, "committer": { "name": "Bartosz Fabianowski", "email": "bartfab@google.com", "time": "Wed Jan 25 04:47:15 2017 +0100" }, "message": "Add device id attestation\n\nThis adds a new public API for attesting the device\u0027s hardware ids\n(e.g. serial number and IMEI).\n\nBug: 34597337\nTest: CTS CtsKeystoreTestCases and GTS DeviceIdAttestationHostTest\n\nChange-Id: I2e9c1b4f8eb24afa4a09c71c137ce33a6b87eb27\n" }, { "commit": "eb30e64f3fac192404a6ae3c162a0770201a7dc2", "tree": "4c788e9a0f0307eaeeec2e1ab1f8c610de97f5a5", "parents": [ "a9da39cb645243e334505cd072488593521ea42c" ], "author": { "name": "Crystal Qin", "email": "crystalyq@google.com", "time": "Tue Jan 03 15:45:23 2017 -0800" }, "committer": { "name": "Crystal Qin", "email": "crystalyq@google.com", "time": "Thu Jan 19 21:02:10 2017 -0800" }, "message": "Add new key purpose Wrap Key to KeyProperties.java and\nKeymasterDefs.java.\n\nTest: There will be a CTS test CL submitted together.\nChange-Id: Ic60c3efc451cd7cbb04689b3d7bf9d607fae6c1f\n" }, { "commit": "7c3b65e9b184c975b77b2c202e0d675a6770bd2d", "tree": "dc6f29eae3147e7361862f106264a83784add22b", "parents": [ "38b17ad26b2e69081637d6a2836ed2f149462c6b" ], "author": { "name": "Shawn Willden", "email": "swillden@google.com", "time": "Tue Nov 22 06:53:02 2016 -0700" }, "committer": { "name": "Shawn Willden", "email": "swillden@google.com", "time": "Tue Jan 17 05:05:56 2017 -0700" }, "message": "Reject HMAC keys smaller than 64 bits.\n\nTest: CTS test has been updated to verify this.\nChange-Id: I6389d9fa2ff75d08a2223c789e5437190c4b82c6\n" }, { "commit": "dea66146038a28e9c7da2ad04a6119cfd83de2f8", "tree": "e3b8f683d3f5e5722a11b94a96a5a160d945d1c5", "parents": [ "ebd8b62cfe53192c967dc4a9822d5668d3bec8a0" ], "author": { "name": "Shawn Willden", "email": "swillden@google.com", "time": "Wed Nov 16 06:01:06 2016 -0700" }, "committer": { "name": "Shawn Willden", "email": "swillden@google.com", "time": "Wed Nov 16 06:06:36 2016 -0700" }, "message": "Test for null context in getPrivateKey\n\nIn N, passing a null context to getPrivateKey provoked a\nNullPointerException, which is validated by a CTS test. In commit\n28d68b1 this behavior was changed (inadvertently, I believe) causing\ngetPrivateKey to wrap the NPE in a KeyChainException. This CL restores\nthe previous behavior, fixing the test and avoiding breaking any apps\nthat were catching the NPE.\n\nTest: Fixing broken test\nChange-Id: Icb0c75b03efc478b7310998cf3e7108a2c419107\n" }, { "commit": "0a17db1cc5942ea000ca87bb72853de57a15ec64", "tree": "7a0b51064dc654901bd69857c2f3a14fe8d5871a", "parents": [ "9d710882602a8a0ad661cf10ce2cb421f3255ee2" ], "author": { "name": "Jeff Sharkey", "email": "jsharkey@android.com", "time": "Fri Nov 04 11:23:46 2016 -0600" }, "committer": { "name": "Jeff Sharkey", "email": "jsharkey@android.com", "time": "Mon Nov 07 17:03:37 2016 -0700" }, "message": "Detect non-oneway calls leaving system_server.\n\nTo protect system stability, any Binder calls leaving the\nsystem_server must carefully be performed using FLAG_ONEWAY (or\nthe \u0027oneway\u0027 verb in AIDL) which prevents the call from blocking\nindefinitely on the remote process.\n\nIn this CL, the system_server uses the new Binder.setWarnOnBlocking()\nmethod to enable detection by default for all remote Binder\ninterfaces. It can also use Binder.allowBlocking() to allow\nblocking calls on certain remote interfaces that have been\ndetermined to be safe.\n\nThis CL adds the \u0027oneway\u0027 verb to several interfaces and methods\nwhere it should have been added, and marks a handful of system\nContentProviders as being safe to call into. Also, we assume that\nany services obtained from ServiceManager are part of the core\nOS, and are okay to make blocking calls to.\n\nTest: builds, boots, runs with minimal logs triggered\nBug: 32715088\nChange-Id: Ide476e120cb40436a94b7faf7615c943d691f4c0\n" }, { "commit": "7f99db4e634619144c09f309ed11519e6336b075", "tree": "23d54b88a435880c6992c06c46575ef787e45f46", "parents": [ "1a1c99bdf19056cd05999e13cfb2d520cb3dcb15", "8f75adc624c70dfd597b7fc3aab993a7d5815f4c" ], "author": { "name": "Tucker Sylvestro", "email": "tuckeris@google.com", "time": "Thu Oct 06 16:20:19 2016 +0000" }, "committer": { "name": "android-build-merger", "email": "android-build-merger@google.com", "time": "Thu Oct 06 16:20:19 2016 +0000" }, "message": "Add the onDeviceOffBody API method to KeyStore am: b32aae2a46\nam: 8f75adc624\n\nChange-Id: Ib8d7bc19a167999894b90b45e7eb1cadb2a85d24\n" } ], "next": "8f75adc624c70dfd597b7fc3aab993a7d5815f4c" }