)]}'
{
  "log": [
    {
      "commit": "3a33ccca7d382bbd2f517628c162168277479e87",
      "tree": "f3fa11fa37319b12eb92d68a8585bb782d5373ce",
      "parents": [
        "3a72e2b08e2590c28ce84c36c7b0b35d4da28bb5",
        "d46d33cf25a8f6ecabad27bf6c4cace330a1cd9d"
      ],
      "author": {
        "name": "Janis Danisevskis",
        "email": "jdanis@google.com",
        "time": "Fri Nov 09 13:28:56 2018 -0800"
      },
      "committer": {
        "name": "android-build-merger",
        "email": "android-build-merger@google.com",
        "time": "Fri Nov 09 13:28:56 2018 -0800"
      },
      "message": "Merge changes from topic \"async_keystore\" am: e8c144fe17 am: 07b06e1bdb\nam: d46d33cf25\n\nChange-Id: Id9fcb7d5bac0a24de8ca64e79d50131a5930b8ed\n"
    },
    {
      "commit": "3a72e2b08e2590c28ce84c36c7b0b35d4da28bb5",
      "tree": "fc2e67da775661c612a89c14195bc096616d0950",
      "parents": [
        "5efda82dada66d807133ae9303a1cf4bb415696e",
        "5c5fe83c4dd9a8c82e725ef1fa84165cca37d8ed"
      ],
      "author": {
        "name": "Janis Danisevskis",
        "email": "jdanis@google.com",
        "time": "Fri Nov 09 13:21:46 2018 -0800"
      },
      "committer": {
        "name": "android-build-merger",
        "email": "android-build-merger@google.com",
        "time": "Fri Nov 09 13:21:46 2018 -0800"
      },
      "message": "Remove legacy functions form IKeystoreService.aidl am: 1864c95616 am: 036229c8df\nam: 5c5fe83c4d\n\nChange-Id: Id2fa59fcbe111a968abef088b76fb97dbe2e369e\n"
    },
    {
      "commit": "d46d33cf25a8f6ecabad27bf6c4cace330a1cd9d",
      "tree": "58e5f50049f84764c1046ad88a28967406b99e5d",
      "parents": [
        "5c5fe83c4dd9a8c82e725ef1fa84165cca37d8ed",
        "07b06e1bdb74f517dd0f36804cd88bc2f049381a"
      ],
      "author": {
        "name": "Janis Danisevskis",
        "email": "jdanis@google.com",
        "time": "Thu Nov 08 15:38:43 2018 -0800"
      },
      "committer": {
        "name": "android-build-merger",
        "email": "android-build-merger@google.com",
        "time": "Thu Nov 08 15:38:43 2018 -0800"
      },
      "message": "Merge changes from topic \"async_keystore\" am: e8c144fe17\nam: 07b06e1bdb\n\nChange-Id: Ie2326ec19b82bf3977e490617fb9935b07dd818a\n"
    },
    {
      "commit": "5c5fe83c4dd9a8c82e725ef1fa84165cca37d8ed",
      "tree": "4b212c446812ad57d5153db9a7fa8477f82c634b",
      "parents": [
        "305869b27ec726aed77423b3f78b466290d6cfeb",
        "036229c8df47bbee7eae7b6503c7e6c80d6fa4a1"
      ],
      "author": {
        "name": "Janis Danisevskis",
        "email": "jdanis@google.com",
        "time": "Thu Nov 08 15:33:21 2018 -0800"
      },
      "committer": {
        "name": "android-build-merger",
        "email": "android-build-merger@google.com",
        "time": "Thu Nov 08 15:33:21 2018 -0800"
      },
      "message": "Remove legacy functions form IKeystoreService.aidl am: 1864c95616\nam: 036229c8df\n\nChange-Id: I7475f8bd936147efaf4344ba625e50875534b8b8\n"
    },
    {
      "commit": "1864c95616d515782d489f70a2009f87bbe528e6",
      "tree": "3c1fd994e73544366760289cb608bd86b92eae59",
      "parents": [
        "93bf21dad4279db75c321c141b07c6409d6bcade"
      ],
      "author": {
        "name": "Janis Danisevskis",
        "email": "jdanis@google.com",
        "time": "Thu Aug 09 11:14:49 2018 -0700"
      },
      "committer": {
        "name": "Janis Danisevskis",
        "email": "jdanis@google.com",
        "time": "Thu Nov 08 12:53:57 2018 -0800"
      },
      "message": "Remove legacy functions form IKeystoreService.aidl\n\nIn preparation for making the keystore service asynchronous we remove\nredundant legacy functionality from the protocol.\n\nThis patch removes the functions get_pubkey, sign, verify, generate,\nand import_key. Which have long been superseded by exportKey\n(get_pubkey), begin/update/finish (sign, verify), generateKey\n(generate), and importKey (import_key).\n\nThis patch also removes isOperationAuthorized.\n\nTest: KeyStore CTS tests\nBug: 111443219\nChange-Id: Ib3bd6f40b4e948e5ad6b2ef5278b18ff46201d71\n"
    },
    {
      "commit": "d257538507d65dae23e39e8cf94bda255d1e1c65",
      "tree": "8f0441916aa276eba8196f5ba4fdab2ef561de6f",
      "parents": [
        "1864c95616d515782d489f70a2009f87bbe528e6"
      ],
      "author": {
        "name": "Janis Danisevskis",
        "email": "jdanis@google.com",
        "time": "Mon Oct 08 07:56:58 2018 -0700"
      },
      "committer": {
        "name": "Janis Danisevskis",
        "email": "jdanis@google.com",
        "time": "Thu Nov 08 12:53:57 2018 -0800"
      },
      "message": "Add return code KEY_ALREADY exists\n\nIn preparation to the async keystore interface we change the semantics\nform unconditionally overwriting existing keys to reporting that the key\nexists. For compatibility we reimplement the same semantic in the\ncalling code.\n\nBug: 111443219\nTest: KeyStore CTS test\nChange-Id: I1fa5428fa7ada97d5068778cd4590593c992554d\n"
    },
    {
      "commit": "2780525ad934a5dd6d96a38e865f2e8fe4446082",
      "tree": "918b91b316a97cf57326febb8e6ef3055c4d5fe4",
      "parents": [
        "f011cd4d464c73cfead37cba0eb85103f8e0b307",
        "b8037c2c25bc0c237cd64209929c8543ecf32a46"
      ],
      "author": {
        "name": "Janis Danisevskis",
        "email": "jdanis@google.com",
        "time": "Thu Oct 11 14:07:01 2018 -0700"
      },
      "committer": {
        "name": "android-build-merger",
        "email": "android-build-merger@google.com",
        "time": "Thu Oct 11 14:07:01 2018 -0700"
      },
      "message": "Merge changes I7070326d,I8346e53c am: 546073a5b6 am: 11e9a86034\nam: b8037c2c25\n\nChange-Id: I9deb135fedf45c6a7e00a5bd07a73c9fecbdfb47\n"
    },
    {
      "commit": "b8037c2c25bc0c237cd64209929c8543ecf32a46",
      "tree": "affe1f649be09cf50259fde57922729c3cbee5e6",
      "parents": [
        "809d60067dd009af502336e2a80b236caa1588fa",
        "11e9a86034d43677f11d96108c9f4a323c4c40ed"
      ],
      "author": {
        "name": "Janis Danisevskis",
        "email": "jdanis@google.com",
        "time": "Thu Oct 11 13:51:49 2018 -0700"
      },
      "committer": {
        "name": "android-build-merger",
        "email": "android-build-merger@google.com",
        "time": "Thu Oct 11 13:51:49 2018 -0700"
      },
      "message": "Merge changes I7070326d,I8346e53c am: 546073a5b6\nam: 11e9a86034\n\nChange-Id: I51ea833a23e0f511291c261c8741792c3dbc911a\n"
    },
    {
      "commit": "11e9a86034d43677f11d96108c9f4a323c4c40ed",
      "tree": "1b89139afc4198f12086915ffd7186644dee86e4",
      "parents": [
        "2c0e41694e717f1891bb39f80ee0f0659e01c19d",
        "546073a5b67601a39987a650fa176905149bd5c4"
      ],
      "author": {
        "name": "Janis Danisevskis",
        "email": "jdanis@google.com",
        "time": "Thu Oct 11 13:36:49 2018 -0700"
      },
      "committer": {
        "name": "android-build-merger",
        "email": "android-build-merger@google.com",
        "time": "Thu Oct 11 13:36:49 2018 -0700"
      },
      "message": "Merge changes I7070326d,I8346e53c\nam: 546073a5b6\n\nChange-Id: I4ca0a1ebf9240d81dbbf966fd2ceae3c2bd39a2c\n"
    },
    {
      "commit": "569055dd608c21b2c763f896e73761007f125a50",
      "tree": "4f41d593c21d832e1daa7f1aba492972ec048ed9",
      "parents": [
        "01c3c2fbac33654187e440dd454f90a55de94d1d"
      ],
      "author": {
        "name": "Janis Danisevskis",
        "email": "jdanis@google.com",
        "time": "Thu Oct 11 09:19:41 2018 -0700"
      },
      "committer": {
        "name": "Janis Danisevskis",
        "email": "jdanis@google.com",
        "time": "Thu Oct 11 09:19:58 2018 -0700"
      },
      "message": "Add OWNERS file to AndroidKeystoreSPI implementation\n\nChange-Id: I7070326d680c6bff00839d847f8fadbbe2b16fa7\n"
    },
    {
      "commit": "9ccec4d2d4ea4a3ccb80bae8687782cd8fb99e77",
      "tree": "acd456e98341aba6f4639801eb95dada9713e275",
      "parents": [
        "bf57547efb4bda96f5af5d3dc9100599ecf779ff"
      ],
      "author": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Fri Aug 24 15:29:05 2018 +0100"
      },
      "committer": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Wed Sep 05 13:58:32 2018 +0100"
      },
      "message": "Handle issuer and key type restrictions.\n\nThe caller to KeyChain.choosePrivateKeyAlias can restrict the set of\naliases that are displayed to the user to select from by specifying the\nissuers that the associated certificates should be issued by or the key\ntypes that these certificates should contain.\n\nUntil now this functionality was not implemented. This was mostly\naffecting Chrome\n(https://bugs.chromium.org/p/chromium/issues/detail?id\u003d753756).\n\nSupport this functionality by passing the issuers and key types into the\nKeyChainActivity (from KeyChain) and, prior to displaying the aliases\nassociated with the certificates, check if each certificate adheres to\nthe criteria (key type, issues) specified.\n\nBug: 62910781\nTest: m -j RunKeyChainRoboTests\nChange-Id: I75e071545699891cfbd77d4f706fc5ef35b85516\n"
    },
    {
      "commit": "f1bbe75ede256ffccecbdf9929422dadfe246e60",
      "tree": "51476e948e4693abd60fb386eec3314efe7612e4",
      "parents": [
        "32f68e6b6b4a686268d75c868b9682fdd91a6e81"
      ],
      "author": {
        "name": "Eva Bertels",
        "email": "evabertels@google.com",
        "time": "Tue Aug 28 15:31:53 2018 +0100"
      },
      "committer": {
        "name": "Eva Bertels",
        "email": "evabertels@google.com",
        "time": "Tue Aug 28 17:19:51 2018 +0100"
      },
      "message": "Minor changes to check for misprovisioned Pixel 2 devices\n\nCheck for brand parameter specified in config file. Implementing suggestion that was added to the original CL (ag/4791307) after it was submitted.\n\nBug: 69471841\nTest: atest com.android.cts.devicepolicy.MixedDeviceOwnerTest#testKeyManagement\nChange-Id: I9b257f406d5b47265db4dbf022df75865f496cdd\n"
    },
    {
      "commit": "eeedc9e27683188d7663d6442e26af9f10b3ec79",
      "tree": "5385a6e69a2d15a7420522b555c32af88a256d2d",
      "parents": [
        "faefa61c222c2b722ef62e6b3027238580d9295f",
        "ec94be1526b7aede547077840a33291edb0a5593"
      ],
      "author": {
        "name": "Eva Bertels",
        "email": "evabertels@google.com",
        "time": "Fri Aug 24 11:21:06 2018 -0700"
      },
      "committer": {
        "name": "android-build-merger",
        "email": "android-build-merger@google.com",
        "time": "Fri Aug 24 11:21:06 2018 -0700"
      },
      "message": "Merge \"Added check for misprovisioned Pixel 2 device.\" into pi-dev\nam: ec94be1526\n\nChange-Id: I443bd4a96e616616e4608f1e9a8c5d8554647e56\n"
    },
    {
      "commit": "e238d589f1e212c81cd5f3b3453b361e99538fed",
      "tree": "4a953b8d892554e668eaab8222572c3e56b773af",
      "parents": [
        "0cf90160c6948df621b15dd07e007d69a7ad1a1b"
      ],
      "author": {
        "name": "Eva Bertels",
        "email": "evabertels@google.com",
        "time": "Thu Aug 16 12:46:12 2018 +0100"
      },
      "committer": {
        "name": "Eva Bertels",
        "email": "evabertels@google.com",
        "time": "Fri Aug 24 13:43:47 2018 +0100"
      },
      "message": "Added check for misprovisioned Pixel 2 device.\n\nSome Pixel devices had a wrong brand value provisioned into keymaster.\nDue to this misprovisioning those devices fail device ID attestation because it includes a check for the correct brand value.\nThis is now solved by re-trying Device ID attestation if we are running on a potentially misprovisioned device, allowing for the known incorrect brand value.\n\nBug: 69471841\nTest: atest com.android.cts.devicepolicy.MixedDeviceOwnerTest#testKeyManagement\nChange-Id: Ia0da5478d6092c1927d26600a6893ae8ce53da51\n"
    },
    {
      "commit": "3f821a8e17f97a6f0b3ae408b2e7f2bfde666df4",
      "tree": "cd98ab403b574e89d95e3208e7ab59b715ad7c88",
      "parents": [
        "5cd354c89cd3a48aa306e7f8fcaafb4417fa0a40"
      ],
      "author": {
        "name": "Eva Bertels",
        "email": "evabertels@google.com",
        "time": "Thu Aug 16 12:46:12 2018 +0100"
      },
      "committer": {
        "name": "Eva Bertels",
        "email": "evabertels@google.com",
        "time": "Fri Aug 24 11:39:20 2018 +0000"
      },
      "message": "Added check for misprovisioned Pixel 2 device.\n\nSome Pixel devices had a wrong brand value provisioned into keymaster.\nDue to this misprovisioning those devices fail device ID attestation because it includes a check for the correct brand value.\nThis is now solved by re-trying Device ID attestation if we are running on a potentially misprovisioned device, allowing for the known incorrect brand value.\n\nBug: 69471841\nTest: atest com.android.cts.devicepolicy.MixedDeviceOwnerTest#testKeyManagement\nChange-Id: If715ebdd4ab6d7fcfffab60b40fd2dc8fa1fda44\nMerged-In: Ia0da5478d6092c1927d26600a6893ae8ce53da51\n"
    },
    {
      "commit": "fcb597e1f562bd14c338c6da8f27d2fc17af5dd9",
      "tree": "b9be9fc98e1dd2dddc78e065964281fd71e2b914",
      "parents": [
        "d9381f5e56f5d9b7ce10c72c50795dcb1c38a8a2",
        "281b7cf7d9682d2602d571061659380cfccbb063"
      ],
      "author": {
        "name": "Treehugger Robot",
        "email": "treehugger-gerrit@google.com",
        "time": "Fri Aug 17 13:48:56 2018 +0000"
      },
      "committer": {
        "name": "Gerrit Code Review",
        "email": "noreply-gerritcodereview@google.com",
        "time": "Fri Aug 17 13:48:56 2018 +0000"
      },
      "message": "Merge \"Correct the keystore alias used for secure imports\""
    },
    {
      "commit": "281b7cf7d9682d2602d571061659380cfccbb063",
      "tree": "186f7ae2f260210d1fe229362f9d2b29ac8ee482",
      "parents": [
        "ce7e53a9438ee943607abd6b967c935098b221f5"
      ],
      "author": {
        "name": "Shawn Willden",
        "email": "swillden@google.com",
        "time": "Sat Jun 23 15:38:02 2018 -0600"
      },
      "committer": {
        "name": "Shawn Willden",
        "email": "swillden@google.com",
        "time": "Fri Aug 17 06:39:01 2018 -0600"
      },
      "message": "Correct the keystore alias used for secure imports\n\nAn Android-O timeframe refactor removed all use of keystore \"skey\"\naliases.  Creating one not only partially reverses that refactor, but\nit also results in a key alias which cannot be deleted in some cases,\ncausing AndroidKeyStoreTest failures during the second run of CTS.\n\nBug: 80228327\nTest: CTS tests ImportWrappedKeyTest and AndroidKeyStoreTest, in that order\nChange-Id: I348ba421f29cdf6c65fc98be3a25d19938d559c1\n"
    },
    {
      "commit": "29779732e63c894afc0ec0339af1d20cc761f9a4",
      "tree": "60e8e49fbde30c0fa98bd29addef93dc2e45ae8d",
      "parents": [
        "559898ef333563d929d36a503211c3cae3a37a1a",
        "e2a6ad99ae03deb36271f76dd506e42b5af780bf"
      ],
      "author": {
        "name": "Mathew Inwood",
        "email": "mathewi@google.com",
        "time": "Fri Aug 17 03:16:13 2018 -0700"
      },
      "committer": {
        "name": "android-build-merger",
        "email": "android-build-merger@google.com",
        "time": "Fri Aug 17 03:16:13 2018 -0700"
      },
      "message": "Merge \"Add @UnsupportedAppUsage annotations\" am: d9381f5e56\nam: e2a6ad99ae\n\nChange-Id: I3a0236e8388f7f5448a10873a3e0f0ca502fa625\n"
    },
    {
      "commit": "e2a6ad99ae03deb36271f76dd506e42b5af780bf",
      "tree": "4b188212428c5dc261851fe48db305eab88dea59",
      "parents": [
        "7aa98ce2b05cda26b0843531ca77991a7ba0ae88",
        "d9381f5e56f5d9b7ce10c72c50795dcb1c38a8a2"
      ],
      "author": {
        "name": "Mathew Inwood",
        "email": "mathewi@google.com",
        "time": "Fri Aug 17 02:13:11 2018 -0700"
      },
      "committer": {
        "name": "android-build-merger",
        "email": "android-build-merger@google.com",
        "time": "Fri Aug 17 02:13:11 2018 -0700"
      },
      "message": "Merge \"Add @UnsupportedAppUsage annotations\"\nam: d9381f5e56\n\nChange-Id: I3940d669bb1f4fedc8a7fbbcdb8de2ef954674a8\n"
    },
    {
      "commit": "4dbdcf43ad0dfa91371ac06517317e0ea0b45b56",
      "tree": "bf224c82a42e0228aae034faba6fae5f947394a7",
      "parents": [
        "43f3f60ec01a1d658cbff9386a7fbf8a839894b9"
      ],
      "author": {
        "name": "Mathew Inwood",
        "email": "mathewi@google.com",
        "time": "Thu Aug 16 18:49:37 2018 +0100"
      },
      "committer": {
        "name": "Mathew Inwood",
        "email": "mathewi@google.com",
        "time": "Thu Aug 16 18:49:37 2018 +0100"
      },
      "message": "Add @UnsupportedAppUsage annotations\n\nFor packages:\n  android.security.net.config\n  android.security.keystore\n  android.security.keymaster\n  android.security\n\nThis is an automatically generated CL. See go/UnsupportedAppUsage\nfor more details.\n\nExempted-From-Owner-Approval: Mechanical changes to the codebase\nwhich have been approved by Android API council and announced on\nandroid-eng@\n\nBug: 110868826\nTest: m\nChange-Id: Ifed4da56531195f64fd53d84f14b4e8298843b2c\nMerged-In: I7762dd647bede8abc9be2c538af3a3a99a25a73e\n"
    },
    {
      "commit": "e420f8b5fb9451412767a4920bd02219e5423f43",
      "tree": "18428ef8a42208fb9b8911e9c84e829bad906f59",
      "parents": [
        "1e14f9f92a35e61c24ec53410740e588e4ba8b39"
      ],
      "author": {
        "name": "Mathew Inwood",
        "email": "mathewi@google.com",
        "time": "Thu Aug 16 18:40:47 2018 +0100"
      },
      "committer": {
        "name": "Mathew Inwood",
        "email": "mathewi@google.com",
        "time": "Thu Aug 16 18:40:47 2018 +0100"
      },
      "message": "Add @UnsupportedAppUsage annotations\n\nFor packages:\n  android.security.net.config\n  android.security.keystore\n  android.security.keymaster\n  android.security\n\nThis is an automatically generated CL. See go/UnsupportedAppUsage\nfor more details.\n\nExempted-From-Owner-Approval: Mechanical changes to the codebase\nwhich have been approved by Android API council and announced on\nandroid-eng@\n\nBug: 110868826\nTest: m\nChange-Id: I7762dd647bede8abc9be2c538af3a3a99a25a73e\n"
    },
    {
      "commit": "dbb6114d96bef853beef1109bda1af623513bdec",
      "tree": "56894aba2b888ddfefe8667120e2d57b92760a91",
      "parents": [
        "eaa77a20e861c89d3930c4803280eed474edd618",
        "0e43e2ef9675cdcc7126869725ac17148a4bd30b"
      ],
      "author": {
        "name": "Janis Danisevskis",
        "email": "jdanis@google.com",
        "time": "Wed Aug 15 12:10:17 2018 -0700"
      },
      "committer": {
        "name": "android-build-merger",
        "email": "android-build-merger@google.com",
        "time": "Wed Aug 15 12:10:17 2018 -0700"
      },
      "message": "Merge \"Fix symmetric key generation in strongbox\" into pi-dev\nam: 0e43e2ef96\n\nChange-Id: I154ab21e8f0d804225f993d187e2aad66a5cdeac\n"
    },
    {
      "commit": "0e43e2ef9675cdcc7126869725ac17148a4bd30b",
      "tree": "71c5d319c6c42af90c11f032781fb339f30a71fb",
      "parents": [
        "2e2dcda172a4523be095c21b07be78b6b211143c",
        "6064a17fa40fc73888a445958c660d942c557d8e"
      ],
      "author": {
        "name": "TreeHugger Robot",
        "email": "treehugger-gerrit@google.com",
        "time": "Wed Aug 15 18:53:16 2018 +0000"
      },
      "committer": {
        "name": "Android (Google) Code Review",
        "email": "android-gerrit@google.com",
        "time": "Wed Aug 15 18:53:16 2018 +0000"
      },
      "message": "Merge \"Fix symmetric key generation in strongbox\" into pi-dev"
    },
    {
      "commit": "cb71d0b2fceda8f7db3a7860d500adfd50d3e50d",
      "tree": "13c71c92ff47b4b56520a6f779a1d31aebf9ca94",
      "parents": [
        "48f928720f68e17576f4491fcb0688fea8bc6cab",
        "7aa04ef24d6f3be7ebc7a45fb7107de2e15c68e5"
      ],
      "author": {
        "name": "TreeHugger Robot",
        "email": "treehugger-gerrit@google.com",
        "time": "Wed Aug 15 16:10:30 2018 +0000"
      },
      "committer": {
        "name": "Android (Google) Code Review",
        "email": "android-gerrit@google.com",
        "time": "Wed Aug 15 16:10:30 2018 +0000"
      },
      "message": "Merge \"Fix symmetric key generation in strongbox\""
    },
    {
      "commit": "8f299037474ce5e754c18f29f76b4c7d623479c0",
      "tree": "86636852a4ed1e2d44099a180f36ce61f11216a6",
      "parents": [
        "58519002a2c2239ab63ef95487921e256ce5bcf5",
        "e377a769bd12321b4d94a05fc1ffb6cb03cb42d9"
      ],
      "author": {
        "name": "Mathew Inwood",
        "email": "mathewi@google.com",
        "time": "Wed Aug 01 18:08:20 2018 -0700"
      },
      "committer": {
        "name": "android-build-merger",
        "email": "android-build-merger@google.com",
        "time": "Wed Aug 01 18:08:20 2018 -0700"
      },
      "message": "Merge \"Code reformatting for upcoming annotations.\" am: 60c8cfdd0f am: 02763a1c3e am: 842e882507\nam: e377a769bd\n\nChange-Id: I67465690c2addbbfbe53472e5b45783821990567\n"
    },
    {
      "commit": "842e88250752f6492e02930f1a106a88e89fd165",
      "tree": "f9eab363b0c65502ead9e2293e35d08516025cb6",
      "parents": [
        "9f0aff0d989d25ee8248296bc3f413b97bf57e0b",
        "02763a1c3ee13389598bfd00f895845b32cb3a93"
      ],
      "author": {
        "name": "Mathew Inwood",
        "email": "mathewi@google.com",
        "time": "Wed Aug 01 16:35:28 2018 -0700"
      },
      "committer": {
        "name": "android-build-merger",
        "email": "android-build-merger@google.com",
        "time": "Wed Aug 01 16:35:28 2018 -0700"
      },
      "message": "Merge \"Code reformatting for upcoming annotations.\" am: 60c8cfdd0f\nam: 02763a1c3e\n\nChange-Id: Icdbef4bd0e71876a3ddb296ca38a243209f2eaf9\n"
    },
    {
      "commit": "02763a1c3ee13389598bfd00f895845b32cb3a93",
      "tree": "caa7dd0704a799664e9b09f53e1bd43e3a3ffde6",
      "parents": [
        "582d18c02b706199324b38b449860e281249df4e",
        "60c8cfdd0ff09070ac8d121416a8df90e6c037d7"
      ],
      "author": {
        "name": "Mathew Inwood",
        "email": "mathewi@google.com",
        "time": "Wed Aug 01 16:01:52 2018 -0700"
      },
      "committer": {
        "name": "android-build-merger",
        "email": "android-build-merger@google.com",
        "time": "Wed Aug 01 16:01:52 2018 -0700"
      },
      "message": "Merge \"Code reformatting for upcoming annotations.\"\nam: 60c8cfdd0f\n\nChange-Id: I4fcf520f53dddd6e70edf0d59fd13ae218c336a5\n"
    },
    {
      "commit": "efb481646ef5c786f4a92118ba4248a0ef3c515e",
      "tree": "e35381b97f7bfa1057d50410036578ef6c2cbf35",
      "parents": [
        "b6b8516ba0f44f2d234b825cc4d568c304e9f719"
      ],
      "author": {
        "name": "Mathew Inwood",
        "email": "mathewi@google.com",
        "time": "Wed Aug 01 10:24:49 2018 +0100"
      },
      "committer": {
        "name": "Mathew Inwood",
        "email": "mathewi@google.com",
        "time": "Wed Aug 01 10:24:49 2018 +0100"
      },
      "message": "Code reformatting for upcoming annotations.\n\n@UnsupportedAppUsage annotations are added automatically, but this does\nnot work when there are multiple definitions on the same line.\n\nTest: m\nBug: 110868826\nChange-Id: I2c26c136cdfa557e45cf1ee0b39dab9c17abde56\n"
    },
    {
      "commit": "6064a17fa40fc73888a445958c660d942c557d8e",
      "tree": "f57504f32d0fa4daed51d15cb5d755e392ad4fd0",
      "parents": [
        "999d9e1bf026e92699b1c20da1286498d2424f2d"
      ],
      "author": {
        "name": "Janis Danisevskis",
        "email": "jdanis@google.com",
        "time": "Tue Jun 05 18:47:23 2018 -0700"
      },
      "committer": {
        "name": "Janis Danisevskis",
        "email": "jdanis@google.com",
        "time": "Tue Jul 31 18:19:03 2018 +0000"
      },
      "message": "Fix symmetric key generation in strongbox\n\nThe strongbox flag was not passed to keystore by\nAndroidKeyStoreKeyGeneratorSpi. As a result keys, that were supposed to\nbe generated in strongbox would silently be generated in TEE.\n\nTest: There is no reliable way to test this other than instrumenting or\n      debugging the strongbox implementation. This was done by the\n      author of this patch.\nBug: 109769728\nChange-Id: I8a08838440030fab7b774762c3d6af0d3b6a4ad8\nMerged-In: I8a08838440030fab7b774762c3d6af0d3b6a4ad8\n"
    },
    {
      "commit": "7aa04ef24d6f3be7ebc7a45fb7107de2e15c68e5",
      "tree": "0234d0a82df4359543a5a94e7eec1a0c063d73a5",
      "parents": [
        "bd49376225b0db80f6a49aa18e9c147695742784"
      ],
      "author": {
        "name": "Janis Danisevskis",
        "email": "jdanis@google.com",
        "time": "Tue Jun 05 18:47:23 2018 -0700"
      },
      "committer": {
        "name": "Janis Danisevskis",
        "email": "jdanis@google.com",
        "time": "Tue Jul 31 15:48:17 2018 +0000"
      },
      "message": "Fix symmetric key generation in strongbox\n\nThe strongbox flag was not passed to keystore by\nAndroidKeyStoreKeyGeneratorSpi. As a result keys, that were supposed to\nbe generated in strongbox would silently be generated in TEE.\n\nTest: There is no reliable way to test this other than instrumenting or\n      debugging the strongbox implementation. This was done by the\n      author of this patch.\nBug: 109769728\nChange-Id: I8a08838440030fab7b774762c3d6af0d3b6a4ad8\n"
    },
    {
      "commit": "607a995691dcda1475042ddcd4e4cba708c791be",
      "tree": "1d944e1c9c1b893e5bd8fd336114384075435d63",
      "parents": [
        "309adbff03ea6e0dedd232375a9f0583a7a80049"
      ],
      "author": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Mon Jul 09 17:58:26 2018 +0100"
      },
      "committer": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Tue Jul 17 12:58:13 2018 +0100"
      },
      "message": "DPM: Propagate StrongBox-related exception\n\nWhen the caller attempts to generate a key via DevicePolicyManager\n(using DevicePolicyManager.generateKeyPair), and specifies that\nStrongBox should be used, throw the right exception indicating\nStrongBox unavailability - the same one that is thrown if the same\nparameters were passed to the KeyStore\u0027s key generation method.\n\nThis is achieved by catching the StrongBoxUnavailableException in\nKeyChain, returning an error code indicating this particular failure\nto the DevicePolicyManagerService, which then propagates it by\nthrowing a service-specific exception with a value indicating\nStrongBox unavailability.\nThe DevicePolicyManager then raises StrongBoxUnavailableException.\n\nPrior to this change the exception propagated from KeyChain would be\na generic failure so the caller would simply get a null result.\n\nBug: 110882855\nBug: 111183576\nBug: 111322478\nTest: atest CtsDevicePolicyManagerTestCases:com.android.cts.devicepolicy.MixedDeviceOwnerTest#testKeyManagement\nChange-Id: I9abe3f449b48eb5a960fafbc15c59b9b4ce7a966\n"
    },
    {
      "commit": "84c8b0fe47608b2f2dd7cfbca82dd2ba447e0eb0",
      "tree": "86336bb98cd3f6cd7a65e7e56720788508b08b92",
      "parents": [
        "6a7aac4afed3a09396943f3797e7dcf000ba3621",
        "e323fcbe98cdbd7a395177381f0bec6fe8dd99a2"
      ],
      "author": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Tue Jul 03 12:07:59 2018 -0700"
      },
      "committer": {
        "name": "android-build-merger",
        "email": "android-build-merger@google.com",
        "time": "Tue Jul 03 12:07:59 2018 -0700"
      },
      "message": "Merge \"Correctly preserve key generation parameters\" into pi-dev am: 6f7cfb0627\nam: e323fcbe98\n\nChange-Id: I8cdbb82cd6fee604775764519dc8bf835a9c3738\n"
    },
    {
      "commit": "5a5c6e0e44fbccbf5608c1955debf1650890f5a6",
      "tree": "70d9eebea919172b9898bcdf0fe4e594d28d36ed",
      "parents": [
        "143c65d520b197a271d6de282fc7759d8009ce44"
      ],
      "author": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Thu Jun 28 11:20:44 2018 +0100"
      },
      "committer": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Thu Jun 28 17:20:01 2018 +0100"
      },
      "message": "Correctly preserve key generation parameters\n\nDue to an oversight, some of the key generation parameters that are set\nin KeyGenParameterSpec were not preserved when parceling the object\n(they should have been added to ParcelableKeyGenParameterSpec but were\nnot).\n\nThis means these parameters will be ignored when generating keys using\nthe DevicePolicyManager.generateKeyPair method, leading to an\ninconsistent key generation behaviour between the DevicePolicyManager\nand KeyStore.\n\nIn particular, this would prevent callers from using StrongBox when\ngenerating keys for use in the KeyChain.\n\nFix the issue by simply persisting these parameters in\nParcelableKeyGenParameterSpec and making sure that the Builder copies\nthem too from the source KeyGenParameterSpec.\n\nLeft to do is put in place an automated measure to find out\ndiscrepancies between the two classes.\n\nBug: 110915980\nBug: 110882855\nBug: 109953656\nTest: atest KeystoreTests\nChange-Id: Ic64bd2921b6dfc97ea34ecba55f532312963ffcb\n"
    },
    {
      "commit": "23164924a9beabe95caaf3539b29148822e42c30",
      "tree": "a68588d60813609e2c03df3342c4ec24fd6d22c4",
      "parents": [
        "ac05a1b791ad0761db7721f654604830c9c29cdf",
        "bd3440cac92847119605f914678466b5de77f502"
      ],
      "author": {
        "name": "Shawn Willden",
        "email": "swillden@google.com",
        "time": "Wed Jun 27 22:43:43 2018 -0700"
      },
      "committer": {
        "name": "android-build-merger",
        "email": "android-build-merger@google.com",
        "time": "Wed Jun 27 22:43:43 2018 -0700"
      },
      "message": "Merge \"Correct the keystore alias used for secure imports\" into pi-dev am: 143c65d520\nam: bd3440cac9\n\nChange-Id: I84b68a7caa793c776140cdd2bd79b5b76c63ddd3\n"
    },
    {
      "commit": "fe6d4769a86b1ab4cf9b5b20ea08f4e3ccd00ec6",
      "tree": "218fbe063b4984d9cdac0cb9c15ed1904f685d5f",
      "parents": [
        "0eb2be3a679b146e068cf99e2dbf45b4181c0bfa"
      ],
      "author": {
        "name": "Shawn Willden",
        "email": "swillden@google.com",
        "time": "Sat Jun 23 15:38:02 2018 -0600"
      },
      "committer": {
        "name": "Shawn Willden",
        "email": "swillden@google.com",
        "time": "Tue Jun 26 12:35:03 2018 +0000"
      },
      "message": "Correct the keystore alias used for secure imports\n\nAn Android-O timeframe refactor removed all use of keystore \"skey\"\naliases.  Creating one not only partially reverses that refactor, but\nit also results in a key alias which cannot be deleted in some cases,\ncausing AndroidKeyStoreTest failures during the second run of CTS.\n\nBug: 80228327\nTest: CTS tests ImportWrappedKeyTest and AndroidKeyStoreTest, in that order\nChange-Id: I348ba421f29cdf6c65fc98be3a25d19938d559c1\n"
    },
    {
      "commit": "4a1cccc93809920adeb0f25eaf69c9de7ec7c7d6",
      "tree": "68194f37c71b19edbaa5fdfe1c7c767084d14817",
      "parents": [
        "70b447a378d0233dfc76cf208e5959c6070f1ed0"
      ],
      "author": {
        "name": "Irina Dumitrescu",
        "email": "irinaid@google.com",
        "time": "Fri Jun 08 19:36:34 2018 +0100"
      },
      "committer": {
        "name": "Irina Dumitrescu",
        "email": "irinaid@google.com",
        "time": "Tue Jun 12 14:32:29 2018 +0100"
      },
      "message": "Add Keystore get option that supresses caught exceptions warnings.\n\nThis is useful when the caught exceptions are not informative and they\nact as a red herring in the adb logs.\n\nBug:109791294\nTest: call this method in the VpnSettings and manually navigate to\nadding a new VPN by searching for VPN in settings and then pressing \u0027+\u0027.\n\nChange-Id: I4bc86e3ea5b11027090fd3a27dc7455557cf66ab\n"
    },
    {
      "commit": "d530579816f59705a6f110e2235d70f75495b764",
      "tree": "05efb0ed3a2a9884497398faf6c6a0e9f7b8b4d9",
      "parents": [
        "a6acf6f0dcae282770e719ca4b37c9716396ef58",
        "6779fecdccf711b4d08f528825e3e5ae31db88c5"
      ],
      "author": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Tue Jun 05 06:46:20 2018 -0700"
      },
      "committer": {
        "name": "android-build-merger",
        "email": "android-build-merger@google.com",
        "time": "Tue Jun 05 06:46:20 2018 -0700"
      },
      "message": "Merge \"Improve KeyChain documentation\" into pi-dev am: 843a0cabbf\nam: 6779fecdcc\n\nChange-Id: I25447edd4c22c7df4375f88b904d1300555a3836\n"
    },
    {
      "commit": "e701dc17994e17468d7e4370e455e7b179d50e00",
      "tree": "48a3bdc181225f25f29a44775fdfb8767756f070",
      "parents": [
        "22e64ec6116c16b550c51ecafaea31510db97b55"
      ],
      "author": {
        "name": "Aurimas Liutikas",
        "email": "aurimas@google.com",
        "time": "Fri Jun 01 16:04:37 2018 -0700"
      },
      "committer": {
        "name": "Aurimas Liutikas",
        "email": "aurimas@google.com",
        "time": "Mon Jun 04 10:15:22 2018 -0700"
      },
      "message": "Fix broken links in @see tags in framework docs.\n\ndoclava was accidentally suppressing all these broken links\nin @see tags. This CL fixes issues so we can start enfocing\nchecks for broken @see links.\n\nTest: make docs\nChange-Id: If7830ece85f8d1f27c991eae282230814726e115\nExempt-From-Owner-Approval: Fixing @see javadoc link issues that are currently completely broken\n"
    },
    {
      "commit": "0bc50f944204c33ef0839134bcdd76a9e4badbe9",
      "tree": "96aa407396768bdbf86aa1b6e1255066de6449b9",
      "parents": [
        "f225af4f6c7143fcfac837d87c9991ea91e55a5a"
      ],
      "author": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Fri Jun 01 16:03:39 2018 +0100"
      },
      "committer": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Mon Jun 04 17:12:41 2018 +0100"
      },
      "message": "Improve KeyChain documentation\n\nImprove the choosePrivateKeyAlias documentation by:\n(1) removing reference to host+port when a URI is being passed in.\n(2) Clearing up the language about what a DPC can do.\n\nTest: N/A\nBug: 81522642\nChange-Id: I12fbf675536ea5d843dd2eec4f0379daad764bb6\n"
    },
    {
      "commit": "4b9fee53319e4f679af51681c8a90777f302bdfc",
      "tree": "841407fd51d07227a40d0ed262fa8a8d5c41990f",
      "parents": [
        "9e04425f9e4ba5e24ca9b2b53bf535baa80bc66d"
      ],
      "author": {
        "name": "Frank Salim",
        "email": "franksalim@google.com",
        "time": "Thu Apr 12 03:09:44 2018 -0700"
      },
      "committer": {
        "name": "Frank Salim",
        "email": "franksalim@google.com",
        "time": "Fri May 18 18:25:33 2018 +0000"
      },
      "message": "Make ImportWrappedKey work with real hardware:\n  Get unwrapping params from WrappedKeyEntry\n\nAdd @hide API for StrongBox-backed imported keys (as opposed to wrapped or generated)\nEnable 3DES conditionally based on a system property.\n\nBug: b/79986479\nBug: b/79986680\nTest: CTS\nChange-Id: If6beedc203337027576ecd3555d11ed2874f9768\n"
    },
    {
      "commit": "cd0eb716c52b20fbc051d1da79a8fe1b91c1f4c3",
      "tree": "7b6b3b9a071026b5cbac8f1c03f21e7ac96b5b1c",
      "parents": [
        "8785209fd7e7172cb096350b4007d5d9f8ef3208"
      ],
      "author": {
        "name": "Mike Harris",
        "email": "mwharris@google.com",
        "time": "Thu Apr 26 15:20:10 2018 -0700"
      },
      "committer": {
        "name": "Rubin Xu",
        "email": "rubinxu@google.com",
        "time": "Mon Apr 30 09:27:31 2018 +0000"
      },
      "message": "Use the @Nullable annotations for choosePrivateKeyAlias.\n\nBoth the code and docstring support this, but the parameters weren\u0027t\nannotated.\n\nTest: it builds locally\n\nChange-Id: I16beddcd74a86047ce9aaf37007d96f3e8e0d4e0\nMerged-In: I16beddcd74a86047ce9aaf37007d96f3e8e0d4e0\nFix: 78868934\n(cherry picked from commit b7c5eddc53c3872b661222ae30270d95cfe63b4e)\n"
    },
    {
      "commit": "ec6268c5146ab3257172552234bc0fe6534940a4",
      "tree": "b3c04a5fadb572b7020849883d25d4b070639a3a",
      "parents": [
        "637422b2bf7ca08dde6fdfce1fba7daa4965ff2c",
        "52dcedca37a08bcd01f8d060e269d4eb3745831f"
      ],
      "author": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Fri Apr 13 10:07:36 2018 +0000"
      },
      "committer": {
        "name": "Android (Google) Code Review",
        "email": "android-gerrit@google.com",
        "time": "Fri Apr 13 10:07:36 2018 +0000"
      },
      "message": "Merge \"AttestationUtils: Request MEID explicitly\" into pi-dev"
    },
    {
      "commit": "52dcedca37a08bcd01f8d060e269d4eb3745831f",
      "tree": "24e18558d2e884c6402fb618517bf9bbbad4f47f",
      "parents": [
        "0b5dd8e56040e2cd3dc95abfebe7fdb71cc7f0bc"
      ],
      "author": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Thu Apr 12 14:06:59 2018 +0100"
      },
      "committer": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Thu Apr 12 17:20:35 2018 +0100"
      },
      "message": "AttestationUtils: Request MEID explicitly\n\nRather than rely on getDeviceId to provide the MEID, explicitly use\ngetMeid to get it.\n\nFor MEID attestation to work, the right identifier needs to be passed in\nfor attestation by Keymaster.\nAttestationUtils currently gets this identifier by calling getDeviceId.\nThis would only yield the MEID if the device does not have an IMEI\nprovisioned, which means it\u0027ll get the IMEI for devices that have both\n(like Pixel 2).\n\nAccording to bartfab@ that is the correct way (see b/77584730#13).\n\nBug: 77584730\nBug: 73284024\nTest: runtest --path cts/tests/tests/keystore/src/android/keystore/cts/KeyAttestationTest.java\nChange-Id: I98f6c2e2a9835bf2fd681cfb4ff74fc3984c3a8e\n"
    },
    {
      "commit": "9b5853d304702f1c76025ed80483276ce377f98f",
      "tree": "aeea93761e0e9390470edfc130587de16e8be62f",
      "parents": [
        "10fb6582eb9c0e84938af9a2be0017e35eb59c5e"
      ],
      "author": {
        "name": "Allen Webb",
        "email": "allenwebb@google.com",
        "time": "Tue Apr 10 10:33:42 2018 -0700"
      },
      "committer": {
        "name": "Allen Webb",
        "email": "allenwebb@google.com",
        "time": "Wed Apr 11 19:23:30 2018 +0000"
      },
      "message": "keystore: Add documentation for user presence required.\n\nTest: make -j50 docs\nBug: 77600728\nChange-Id: I6334bc0fc7a7d4faced6b03522c350ce74303443\nSigned-off-by: Allen Webb \u003callenwebb@google.com\u003e\n"
    },
    {
      "commit": "13e230f5d6a757f1a7ecd53d6254ac3e2826163d",
      "tree": "a845c7dfaa5c4aebf14a08aed628781433497185",
      "parents": [
        "1c5ee613be6ac28877468d89272ad76bf03440c9"
      ],
      "author": {
        "name": "Shawn Willden",
        "email": "swillden@google.com",
        "time": "Tue Apr 10 17:21:39 2018 -0600"
      },
      "committer": {
        "name": "Shawn Willden",
        "email": "swillden@google.com",
        "time": "Tue Apr 10 18:15:22 2018 -0600"
      },
      "message": "Mark CTS-tested APIs as @TestApi\n\nBug: 77596526\nTest: Keystore CTS\nChange-Id: Ic4280db3d9ff093138f0a361ac6a52ca69187cca\n"
    },
    {
      "commit": "1c5ee613be6ac28877468d89272ad76bf03440c9",
      "tree": "257878e6ec396df4e95bd7b1770b39ec9fc3d579",
      "parents": [
        "26f00b9d87dd49bbb69c3cfc87fe1a243c2d4c78"
      ],
      "author": {
        "name": "Brian C. Young",
        "email": "bcyoung@google.com",
        "time": "Tue Apr 10 08:43:53 2018 -0700"
      },
      "committer": {
        "name": "Shawn Willden",
        "email": "swillden@google.com",
        "time": "Tue Apr 10 17:05:39 2018 -0600"
      },
      "message": "Allow CTS tests to access more from KeyProtection\n\nAdd @TestApi to allow CTS tests to use that call.\nEncryption and decryption are reversed in some documentation.\n\nTest: CtsKeystoreTestCases\nBug: 77596526\nChange-Id: Ifaf8b3fa0e231eef256451a2514219fff1b16699\n"
    },
    {
      "commit": "aa5c335a60f8316e2935bf2281c4f985b607d586",
      "tree": "65f0c67c0d763f533f7c6a1e3f4ce57d39249c19",
      "parents": [
        "93a10eb1d2535f2ab9c3edfa10bb31e439a825e9",
        "be10891cab6ef8942cdeb6fd36920804199161a5"
      ],
      "author": {
        "name": "TreeHugger Robot",
        "email": "treehugger-gerrit@google.com",
        "time": "Thu Apr 05 00:58:18 2018 +0000"
      },
      "committer": {
        "name": "Android (Google) Code Review",
        "email": "android-gerrit@google.com",
        "time": "Thu Apr 05 00:58:18 2018 +0000"
      },
      "message": "Merge \"keystore: Change superclass of UserPresenceUnavailableException.\" into pi-dev"
    },
    {
      "commit": "084f9aee9a54a86680feed7cafd56a06ba6f24f8",
      "tree": "9f094fc4b33c4e2132786a15025725915ab45ce0",
      "parents": [
        "6d24a1c8bef4c70ac1e646ffb21299ad7fe4a22b",
        "6f8fa9ac83e8690728400ca78e7b969d01fceb62"
      ],
      "author": {
        "name": "TreeHugger Robot",
        "email": "treehugger-gerrit@google.com",
        "time": "Mon Apr 02 21:40:34 2018 +0000"
      },
      "committer": {
        "name": "Android (Google) Code Review",
        "email": "android-gerrit@google.com",
        "time": "Mon Apr 02 21:40:34 2018 +0000"
      },
      "message": "Merge \"\"Unlocked device required\" javadoc clarification\" into pi-dev"
    },
    {
      "commit": "840c29eb0be73a875c883863cf1421ca789f7041",
      "tree": "0746509d6debe27d2d3704105e47d58599dc8fbb",
      "parents": [
        "540f74786135b5c99170a518ef246ecfd0588739",
        "3c1830bd7f85f35fe216b8bc5bc7f515b8f6d777"
      ],
      "author": {
        "name": "TreeHugger Robot",
        "email": "treehugger-gerrit@google.com",
        "time": "Mon Apr 02 20:36:34 2018 +0000"
      },
      "committer": {
        "name": "Android (Google) Code Review",
        "email": "android-gerrit@google.com",
        "time": "Mon Apr 02 20:36:34 2018 +0000"
      },
      "message": "Merge \"Rename trustedUserPresenceRequired.\" into pi-dev"
    },
    {
      "commit": "6f8fa9ac83e8690728400ca78e7b969d01fceb62",
      "tree": "c3a6cc2ff0b058f42e78bcba518b54e880b83c12",
      "parents": [
        "50228a647183c9315312f8f36ba849f8b1e6d3d0"
      ],
      "author": {
        "name": "Brian C. Young",
        "email": "bcyoung@google.com",
        "time": "Mon Apr 02 12:40:58 2018 -0700"
      },
      "committer": {
        "name": "Brian C. Young",
        "email": "bcyoung@google.com",
        "time": "Mon Apr 02 12:40:58 2018 -0700"
      },
      "message": "\"Unlocked device required\" javadoc clarification\n\nWording changes on the public API functions for these keys.\n\nTest: CTS\nBug: 67752510\nChange-Id: Iaf620e8c0e06d436d09f50d308268653bec196ce\n"
    },
    {
      "commit": "3c1830bd7f85f35fe216b8bc5bc7f515b8f6d777",
      "tree": "ec912d970d6eabc3731e190e15c5fccfc321d869",
      "parents": [
        "78e805684b427d3ba903a3ee5d12d3ea47be68b9"
      ],
      "author": {
        "name": "Shawn Willden",
        "email": "swillden@google.com",
        "time": "Tue Mar 27 16:10:37 2018 -0600"
      },
      "committer": {
        "name": "Shawn Willden",
        "email": "swillden@google.com",
        "time": "Mon Apr 02 13:03:14 2018 -0600"
      },
      "message": "Rename trustedUserPresenceRequired.\n\nThe existing name is misleading, because it can be read as requiring\nthat a trusted user be present, rather than the intended meaning of\nrequiring trusted proof of user presence.  Since this is all about\nTEE/SE-based keys, the \"trusted\" part is implied, so the simple\n\"userPresenceRequired\" name makes more sense.\n\nBug: 77151288\nTest: Keystore CTS tests\nChange-Id: If8b533b9f34a1875eaf35cdd1bb8f3709da9761b\n"
    },
    {
      "commit": "50228a647183c9315312f8f36ba849f8b1e6d3d0",
      "tree": "a8d176ad21064b96cf4ba6f00abc38faded35b05",
      "parents": [
        "ea31cbea935a20d9d290453c2ba2f8b8670e45ca",
        "b631503200c8de47bbd83a71f17c798f5c2f1582"
      ],
      "author": {
        "name": "TreeHugger Robot",
        "email": "treehugger-gerrit@google.com",
        "time": "Mon Apr 02 18:45:35 2018 +0000"
      },
      "committer": {
        "name": "Android (Google) Code Review",
        "email": "android-gerrit@google.com",
        "time": "Mon Apr 02 18:45:35 2018 +0000"
      },
      "message": "Merge \"Revise secure key import API after review\" into pi-dev"
    },
    {
      "commit": "f5f6bb2d888ada9b4bb3a92b106f4b1416968ea7",
      "tree": "85a711efe72b59f1b429702d0a63451cd4774476",
      "parents": [
        "77fcc0da3b95b5a191fa65751aa86bc696260df7"
      ],
      "author": {
        "name": "Brian C. Young",
        "email": "bcyoung@google.com",
        "time": "Fri Mar 30 14:03:15 2018 -0700"
      },
      "committer": {
        "name": "Brian Young",
        "email": "bcyoung@google.com",
        "time": "Fri Mar 30 21:37:48 2018 +0000"
      },
      "message": "Remove getCurrentUser call to find an alternative\n\nThe call the framework uses to get the current user ID requires the\nINTERACT_ACROSS_USERS permission, which not a lot of apps will have.\nFind a better way to do that.\n\nBug: 76430246\n\nTest: CtsKeystoreTestCases\nChange-Id: I8a0637d351fff9cfbf40e02946325f90466b68c5\n"
    },
    {
      "commit": "1e0a9b0b1b706e4ef31522cdbc7d3d5232e6c382",
      "tree": "f52a975589283f52c50799e4ea3d61edfe8c6245",
      "parents": [
        "4ced90cb12c915db0cac0bbea25a1b8a43d93164",
        "9e8749058039b92fbed6ecf5a78eb9bf0c45c0e8"
      ],
      "author": {
        "name": "TreeHugger Robot",
        "email": "treehugger-gerrit@google.com",
        "time": "Fri Mar 30 18:54:39 2018 +0000"
      },
      "committer": {
        "name": "Android (Google) Code Review",
        "email": "android-gerrit@google.com",
        "time": "Fri Mar 30 18:54:39 2018 +0000"
      },
      "message": "Merge \"Enable \"Unlocked device required\" API\" into pi-dev"
    },
    {
      "commit": "b631503200c8de47bbd83a71f17c798f5c2f1582",
      "tree": "1999d958dd37941c66ed99972244e64afb1142bc",
      "parents": [
        "3d8fa52f59dcfae93e8ecc7a669fd3757e87c63f"
      ],
      "author": {
        "name": "Frank Salim",
        "email": "franksalim@google.com",
        "time": "Thu Mar 15 17:33:16 2018 -0700"
      },
      "committer": {
        "name": "Frank Salim",
        "email": "franksalim@google.com",
        "time": "Fri Mar 30 10:25:22 2018 -0700"
      },
      "message": "Revise secure key import API after review\n\n• WrappedKeyEntry: add doc (based on IKeymasterDevice.hal comments)\n• StrongBoxUnavailableException: add public ctors, match superclass\n• SecureKeyImportUnavailableException: new first class exception\n• ORIGIN_SECURELY_IMPORTED: elaborated on properties\n\nTest: make doc \u0026 review output\nBug: b/74218267\nChange-Id: Ice9adc60ede618870e57bb58ca66fd0218cd2bf7\n"
    },
    {
      "commit": "be10891cab6ef8942cdeb6fd36920804199161a5",
      "tree": "edcf91ceffed8bffc6ee06886d5f85872d2682b7",
      "parents": [
        "912853be102cc854f77d25f0946f4e6435b100b9"
      ],
      "author": {
        "name": "Allen Webb",
        "email": "allenwebb@google.com",
        "time": "Thu Mar 29 09:50:45 2018 -0700"
      },
      "committer": {
        "name": "Allen Webb",
        "email": "allenwebb@google.com",
        "time": "Fri Mar 30 10:02:46 2018 -0700"
      },
      "message": "keystore: Change superclass of UserPresenceUnavailableException.\n\nAlso add additional comments to isTrustedUserPresenceRequired().\n\nTest: m -j KeystoreTests \u0026\u0026 adb install -r\nout/target/product/${TARGET_PRODUCT}/data/app/KeystoreTests/KeystoreTests.apk\n    adb shell am instrument\n\nBug: 73392697\nBug: 76462141\nChange-Id: Iabcc331adda53e2a5cad5ead6002dfbc29188da2\nSigned-off-by: Allen Webb \u003callenwebb@google.com\u003e\n"
    },
    {
      "commit": "0186b42f2ae7e2c7b3e88043c2d1cb255f09514e",
      "tree": "500b6e1233f875e8f93f98759f3130234d637832",
      "parents": [
        "69196f6fadf2445c2b9c06c17162d0cd3dfaeb5a",
        "9272dab49efa9c70ab92879c3e79a76fc8364d34"
      ],
      "author": {
        "name": "Brian Young",
        "email": "bcyoung@google.com",
        "time": "Fri Mar 30 14:21:19 2018 +0000"
      },
      "committer": {
        "name": "Android (Google) Code Review",
        "email": "android-gerrit@google.com",
        "time": "Fri Mar 30 14:21:19 2018 +0000"
      },
      "message": "Merge changes from topics \"niap-asym-write-pi-dev\", \"niap-asym-write-api-pi-dev\" into pi-dev\n\n* changes:\n  Restore \"Add \"Unlocked device required\" parameter to keys\"\n  Add \"Unlocked device required\" key API\n"
    },
    {
      "commit": "9e8749058039b92fbed6ecf5a78eb9bf0c45c0e8",
      "tree": "3359c0d9694c908007e45d67ca5648df657d973e",
      "parents": [
        "9272dab49efa9c70ab92879c3e79a76fc8364d34"
      ],
      "author": {
        "name": "Brian C. Young",
        "email": "bcyoung@google.com",
        "time": "Mon Mar 26 11:40:13 2018 -0700"
      },
      "committer": {
        "name": "Brian C. Young",
        "email": "bcyoung@google.com",
        "time": "Thu Mar 29 10:25:33 2018 -0700"
      },
      "message": "Enable \"Unlocked device required\" API\n\nRemove the @hide annotations so the SDP asymmetric-write functionality\nis included in the public API.\n\nTest: CtsKeystoreTestCases\n\nBug: 63928827\nChange-Id: I8f462b0ebe4d9a7b96b48fa1672dd2ab9140c505\n"
    },
    {
      "commit": "9272dab49efa9c70ab92879c3e79a76fc8364d34",
      "tree": "9155709e2901fd9e5fe2a9ff2608765d87ce9b02",
      "parents": [
        "36716eb4709503f2ef370c6f67273440cd91d18c"
      ],
      "author": {
        "name": "Brian Young",
        "email": "bcyoung@google.com",
        "time": "Fri Feb 23 18:04:20 2018 +0000"
      },
      "committer": {
        "name": "Brian C. Young",
        "email": "bcyoung@google.com",
        "time": "Thu Mar 29 10:24:18 2018 -0700"
      },
      "message": "Restore \"Add \"Unlocked device required\" parameter to keys\"\n\nAdd a keymaster parameter for keys that should be inaccessible when\nthe device screen is locked. \"Locked\" here is a state where the device\ncan be used or accessed without any further trust factor such as a\nPIN, password, fingerprint, or trusted face or voice.\n\nThis parameter is added to the Java keystore interface for key\ncreation and import, as well as enums specified by and for the native\nkeystore process.\n\nThis reverts commit da82e2cb7193032867f86b996467bcd117545616.\n\nTest: CTS tests in I8a5affd1eaed176756175158e3057e44934fffed\n\nBug: 67752510\n\nMerged-In: Ia162f1db81d050f64995d0360f714e79033ea8a5\nChange-Id: Ia162f1db81d050f64995d0360f714e79033ea8a5\n(cherry picked from d7c961ee914192e09ec10727da6d31a6b597bf51)\n"
    },
    {
      "commit": "6169239b942fc2f6e8721b219f84b506c106fbe1",
      "tree": "9826db736692e5d9d870117d4b4be68e770c6fce",
      "parents": [
        "3a5dabbb10861a5cea627936c56693550345b9a8"
      ],
      "author": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Mon Mar 26 16:43:14 2018 +0100"
      },
      "committer": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Thu Mar 29 10:58:20 2018 +0100"
      },
      "message": "Utilize verbose KeyChain errors\n\nAs KeyChain reports detailed error codes about failure to generate keys\nor attestation records for them, log these detailed errors and throw an\nexception if the hardware does not support Device ID attestation.\n\nBug: 72642093\nBug: 73448533\nTest: cts-tradefed run commandAndExit  cts-dev -s 127.0.0.1:50487 -a x86_64 -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.DeviceOwnerTest#testKeyManagement -l DEBUG\nChange-Id: Ib12efcf48c158373e1fc28cc51d67e70282d029e\n"
    },
    {
      "commit": "36716eb4709503f2ef370c6f67273440cd91d18c",
      "tree": "26dd3eedac52c5fdcb27fda06bb8180eeacf4232",
      "parents": [
        "ff23ffa8ff352b9c7178d19779783d7c231fabda"
      ],
      "author": {
        "name": "Brian Young",
        "email": "bcyoung@google.com",
        "time": "Fri Feb 23 18:04:20 2018 +0000"
      },
      "committer": {
        "name": "Brian C. Young",
        "email": "bcyoung@google.com",
        "time": "Wed Mar 28 08:38:56 2018 -0700"
      },
      "message": "Add \"Unlocked device required\" key API\n\nThis adds the API methods and values for keyguard-bound keys, but\ncontains none of the actual functionality.\n\nTest: CTS tests in CtsKeystoreTestCases\n\nBug: 67752510\n\nMerged-In: Iccd7dafd77258d903d11353e02ba3ab956050c40\nChange-Id: Iccd7dafd77258d903d11353e02ba3ab956050c40\n(cherry picked from commit fd75c7232aebc8690f004de3486b3b9a44f3e0b0)\n"
    },
    {
      "commit": "56e9c026b33da783088c10a3d1162076a8e25cb6",
      "tree": "36bd56d58d0890d16be28c3877d59b40f78357b8",
      "parents": [
        "cdaba41a6f36262ae37b3425b8da981d2266345b",
        "5437b81696e19e40be3f6f9cc95b8ef14fa93ae3"
      ],
      "author": {
        "name": "TreeHugger Robot",
        "email": "treehugger-gerrit@google.com",
        "time": "Tue Mar 27 22:13:37 2018 +0000"
      },
      "committer": {
        "name": "Android (Google) Code Review",
        "email": "android-gerrit@google.com",
        "time": "Tue Mar 27 22:13:37 2018 +0000"
      },
      "message": "Merge \"Refactor AddUserAuthArgs for extensibility\" into pi-dev"
    },
    {
      "commit": "4b4a0539b662695570d7d1ddbf96db93fc987e8d",
      "tree": "597ff21c0806a55348875361c42ec2bdc4614734",
      "parents": [
        "9cd3e43d86ea00fb93ef7561bb309e3a53f1a582"
      ],
      "author": {
        "name": "Dmitry Dementyev",
        "email": "dementyev@google.com",
        "time": "Fri Mar 23 17:46:52 2018 -0700"
      },
      "committer": {
        "name": "Dmitry Dementyev",
        "email": "dementyev@google.com",
        "time": "Fri Mar 23 17:46:52 2018 -0700"
      },
      "message": "Add missing @NonNull annotation to AndroidKeyStoreProvider method.\n\nBug: 73959762\nTest: none\nChange-Id: I2298c8fe0893032f374629a5af128474ba0f679c\n"
    },
    {
      "commit": "5437b81696e19e40be3f6f9cc95b8ef14fa93ae3",
      "tree": "c3aa310e3b0f093d25b3260d15c456f207d35d58",
      "parents": [
        "6b71daa0c2d9e01fdf3aa8ce09dbd96c4d2ab8ea"
      ],
      "author": {
        "name": "Brian Young",
        "email": "bcyoung@google.com",
        "time": "Fri Feb 23 18:04:20 2018 +0000"
      },
      "committer": {
        "name": "Brian C. Young",
        "email": "bcyoung@google.com",
        "time": "Thu Mar 22 16:10:40 2018 -0700"
      },
      "message": "Refactor AddUserAuthArgs for extensibility\n\nCreate an interface that encapsulates the common arguments to\nAddUserAuthArgs, add that interface to KeyProtection and\nKeyGenParameterSpec, and refactor AddUserAuthArgs to accept an\ninstance of that interface.\n\nTest: CTS Module CtsKeystoreTestCases\n\nBug: 74017618\n\nMerged-In: I591e34e5d08421ea1c022bbb6e955ee3c01eb435\nChange-Id: I591e34e5d08421ea1c022bbb6e955ee3c01eb435\n(cherry picked from commit df16c56fbf05908e03f3a95a8a3d981bbc2fdb91)\n"
    },
    {
      "commit": "ab6ec61251786bf6b4d0407db3bc28aeefcb55db",
      "tree": "fbdb5c5bd38879440eac702018dd53c0ed639541",
      "parents": [
        "58c83fa7c8609059f3d66a5860abb302284c2981"
      ],
      "author": {
        "name": "Anton Hansson",
        "email": "hansson@google.com",
        "time": "Fri Feb 23 12:57:51 2018 +0000"
      },
      "committer": {
        "name": "Anton Hansson",
        "email": "hansson@google.com",
        "time": "Wed Feb 28 15:13:23 2018 +0000"
      },
      "message": "frameworks/base: Set LOCAL_SDK_VERSION where possible.\n\nThis change sets LOCAL_SDK_VERSION for all packages where\nthis is possible without breaking the build, and\nLOCAL_PRIVATE_PLATFORM_APIS :\u003d true otherwise.\n\nSetting one of these two will be made required soon, and this\nis a change in preparation for that. Not setting LOCAL_SDK_VERSION\nmakes the app implicitly depend on the bootclasspath, which is\noften not required. This change effectively makes depending on\nprivate apis opt-in rather than opt-out.\n\nTest: make relevant packages\nBug: 73535841\nChange-Id: I4233b9091d9066c4fa69f3d24aaf367ea500f760\n"
    },
    {
      "commit": "bbb7f65a23937eeeabcc4caac5a3ea53ad836749",
      "tree": "fefa23fa352d64bcfd70e1dc1e69cbadbb6e7bfb",
      "parents": [
        "c5f5ad103fb9416cb63ec9f7c2397bb343cb2f44"
      ],
      "author": {
        "name": "David Zeuthen",
        "email": "zeuthen@google.com",
        "time": "Mon Feb 26 11:04:18 2018 -0500"
      },
      "committer": {
        "name": "David Zeuthen",
        "email": "zeuthen@google.com",
        "time": "Mon Feb 26 11:08:00 2018 -0500"
      },
      "message": "ConfirmationDialog: Pass accessibility options and implement isSupported().\n\nBug: 63928580\nTest: Manually tested.\nChange-Id: I6a06d10a4cb924c3e57c8e212ba4626cad00f4a1\n"
    },
    {
      "commit": "da82e2cb7193032867f86b996467bcd117545616",
      "tree": "7585d5778078b208575e2a535454946794490cb9",
      "parents": [
        "efc3f16be7870c84227b79f73f0ad7cab72a260f"
      ],
      "author": {
        "name": "Brian Young",
        "email": "bcyoung@google.com",
        "time": "Thu Feb 22 23:36:34 2018 +0000"
      },
      "committer": {
        "name": "Brian Young",
        "email": "bcyoung@google.com",
        "time": "Fri Feb 23 01:31:49 2018 +0000"
      },
      "message": "Revert \"Add \"Unlocked device required\" parameter to keys\"\n\nThis reverts commit efc3f16be7870c84227b79f73f0ad7cab72a260f.\n\nReason for revert: Regression in creating auth-bound keys\n\nBug: 73773914\n\nBug: 67752510\n\nChange-Id: Ic3886ceb3c3c0c4274682ed9f5f2bfbf8fdd71b9\n"
    },
    {
      "commit": "efc3f16be7870c84227b79f73f0ad7cab72a260f",
      "tree": "9bc781e0e7caf005e6037866954262fbb6f3152d",
      "parents": [
        "5f76688c5a8eefd16bc51569263667e7f403f242"
      ],
      "author": {
        "name": "Brian C. Young",
        "email": "bcyoung@google.com",
        "time": "Thu Nov 16 15:36:43 2017 -0800"
      },
      "committer": {
        "name": "Brian C. Young",
        "email": "bcyoung@google.com",
        "time": "Wed Feb 14 12:19:13 2018 -0800"
      },
      "message": "Add \"Unlocked device required\" parameter to keys\n\nAdd a keymaster parameter for keys that should be inaccessible when\nthe device screen is locked. \"Locked\" here is a state where the device\ncan be used or accessed without any further trust factor such as a\nPIN, password, fingerprint, or trusted face or voice.\n\nThis parameter is added to the Java keystore interface for key\ncreation and import, as well as enums specified by and for the native\nkeystore process.\n\nTest: CTS tests in I8a5affd1eaed176756175158e3057e44934fffed\n\nBug: 67752510\n\nChange-Id: I314b848f6971d1849a7a6347d52e41d9604639ae\n"
    },
    {
      "commit": "a8e8b659d0a872c9221e70b94c094cb6bff0508a",
      "tree": "82e4bab84a85a3cb6153fe3512b185b2f4b603be",
      "parents": [
        "f100eea32f6ca4cfb858a53820a0b93f91b24942"
      ],
      "author": {
        "name": "David Zeuthen",
        "email": "zeuthen@google.com",
        "time": "Wed Oct 25 14:25:55 2017 -0400"
      },
      "committer": {
        "name": "David Zeuthen",
        "email": "zeuthen@google.com",
        "time": "Tue Jan 30 17:33:21 2018 -0500"
      },
      "message": "Add Confirmation API.\n\nThis CL adds new Framework APIs that can be used for the secure\nconfirmations. This includes support for configuring a key such that\nit can only sign data returned by the confirmation APIs.\n\nBug: 63928580\nTest: Manually tested.\nChange-Id: I94c1fc532376bd555b3dc37fc4709469450cfde6\n"
    },
    {
      "commit": "3a28570b285d9248206fc0ab8b30e3b2a51ae5b3",
      "tree": "9d63c735395cb8389297c8f41bcc400d92be7fc8",
      "parents": [
        "55fff3a89d96d0d0f8b8cb161bb0dda170c21ccb"
      ],
      "author": {
        "name": "Brian Young",
        "email": "bcyoung@google.com",
        "time": "Mon Jan 29 23:56:59 2018 +0000"
      },
      "committer": {
        "name": "Ian Pedowitz",
        "email": "ijpedowitz@google.com",
        "time": "Tue Jan 30 15:31:42 2018 +0000"
      },
      "message": "Revert \"Add \"Unlocked device required\" parameter to keys\"\n\nThis reverts commit 55fff3a89d96d0d0f8b8cb161bb0dda170c21ccb.\n\nReason for revert: Build breakages on elfin, gce_x86_phone.\n\nBug: 67752510\n\nBug: 72679761\nChange-Id: Ia495e9cb158b64fcf015e37b170554a7ed6810a7\n"
    },
    {
      "commit": "55fff3a89d96d0d0f8b8cb161bb0dda170c21ccb",
      "tree": "dbe7cbcb2d2af17be47e8f4dd69a07a672b456c1",
      "parents": [
        "e2975162dca148be4be46b5bfbacdce7c74513ee"
      ],
      "author": {
        "name": "Brian C. Young",
        "email": "bcyoung@google.com",
        "time": "Thu Nov 16 15:36:43 2017 -0800"
      },
      "committer": {
        "name": "Brian C. Young",
        "email": "bcyoung@google.com",
        "time": "Mon Jan 29 10:16:02 2018 -0800"
      },
      "message": "Add \"Unlocked device required\" parameter to keys\n\nAdd a keymaster parameter for keys that should be inaccessible when\nthe device screen is locked. \"Locked\" here is a state where the device\ncan be used or accessed without any further trust factor such as a\nPIN, password, fingerprint, or trusted face or voice.\n\nThis parameter is added to the Java keystore interface for key\ncreation and import, as well as enums specified by and for the native\nkeystore process.\n\nTest: go/asym-write-test-plan\n\nBug: 67752510\n\nChange-Id: I8b88ff8fceeafe14e7613776c9cf5427752d9172\n"
    },
    {
      "commit": "4dadff8be0d8aebe41822eb2daeaaacd72631865",
      "tree": "96007a29171585eb80e70ae0da43c88c91f1b721",
      "parents": [
        "7f1e49f2ff6b97a85dca041a72398d4a56149787",
        "7dacad8dc88c820cc750495017c11e322ac7309f"
      ],
      "author": {
        "name": "TreeHugger Robot",
        "email": "treehugger-gerrit@google.com",
        "time": "Thu Jan 25 17:31:38 2018 +0000"
      },
      "committer": {
        "name": "Android (Google) Code Review",
        "email": "android-gerrit@google.com",
        "time": "Thu Jan 25 17:31:38 2018 +0000"
      },
      "message": "Merge \"Add confirmation UI protocol to Keystore AIDL definition\""
    },
    {
      "commit": "7f1e49f2ff6b97a85dca041a72398d4a56149787",
      "tree": "fda5bc4917b7555423ecebaa493bc83c76eeaccb",
      "parents": [
        "0ad372a7e40cb18115b881175430ce7c3cdc65d0",
        "ea5e038bc11f234553043c24b10134406444f601"
      ],
      "author": {
        "name": "TreeHugger Robot",
        "email": "treehugger-gerrit@google.com",
        "time": "Thu Jan 25 17:24:17 2018 +0000"
      },
      "committer": {
        "name": "Android (Google) Code Review",
        "email": "android-gerrit@google.com",
        "time": "Thu Jan 25 17:24:17 2018 +0000"
      },
      "message": "Merge \"Generating StrongBox backed keys\""
    },
    {
      "commit": "fcd05a94ef0642857abcd0e7746c40d601a787e7",
      "tree": "da7f18190651f370d8277a8d44672b13052fc775",
      "parents": [
        "5e24057999b51f13d868dbe46f74701cb403697e"
      ],
      "author": {
        "name": "Allen Webb",
        "email": "allenwebb@google.com",
        "time": "Thu Jan 18 08:34:45 2018 -0800"
      },
      "committer": {
        "name": "nagendra modadugu",
        "email": "ngm@google.com",
        "time": "Wed Jan 24 23:06:35 2018 -0800"
      },
      "message": "keystore: Add Trusted User Presence (TUP) APIs.\n\nTest: m -j KeystoreTests \u0026\u0026 adb install -r\nout/target/product/crosshatch/data/app/KeystoreTests/KeystoreTests.apk\n    adb shell am instrument\n    \u0027android.security.tests/android.support.test.runner.AndroidJUnitRunner\u0027\nBug: 72476834\n\nChange-Id: I61ee4326a5e31f1cefacd47470b53634fa94c2ef\n"
    },
    {
      "commit": "ea5e038bc11f234553043c24b10134406444f601",
      "tree": "e9d39663dacbcc531cea1b3bd2ff5aebf049ed9f",
      "parents": [
        "f88fdc995fbd23ecc3e9b6b8a94186cd96969085"
      ],
      "author": {
        "name": "Frank Salim",
        "email": "franksalim@google.com",
        "time": "Tue Jan 23 22:42:29 2018 -0800"
      },
      "committer": {
        "name": "Frank Salim",
        "email": "franksalim@google.com",
        "time": "Wed Jan 24 23:45:54 2018 +0000"
      },
      "message": "Generating StrongBox backed keys\n\n•Add FLAG_STRONGBOX when the generator spec requires it.\n•Throw StrongBoxUnavailableException when the request\nfails due to HARDWARE_UNAVAILABLE.\n•Add PackageManager.FEATURE_STRONGBOX_KEYSTORE\n\nTest: KeyStore CTS tests under development on an emulator\nBug: 63931634\nChange-Id: I42d32b22981e43e504d30e5657d21ac555c71ebe\n"
    },
    {
      "commit": "7dacad8dc88c820cc750495017c11e322ac7309f",
      "tree": "95e5a4a87059b23d8032eb226081b54955af3355",
      "parents": [
        "f88fdc995fbd23ecc3e9b6b8a94186cd96969085"
      ],
      "author": {
        "name": "Janis Danisevskis",
        "email": "jdanis@google.com",
        "time": "Wed Jan 24 15:12:11 2018 -0800"
      },
      "committer": {
        "name": "Janis Danisevskis",
        "email": "jdanis@google.com",
        "time": "Wed Jan 24 15:45:08 2018 -0800"
      },
      "message": "Add confirmation UI protocol to Keystore AIDL definition\n\nTest: Manually tested\nBug: 63928580\nChange-Id: Ief1cdb9a64737d5aac08aa1c48ff60c34218d5ba\n"
    },
    {
      "commit": "21d9c1d44a4a5e788d2a84e65b8509cb04c6d432",
      "tree": "4fb6b51bc7475147c63b5d6a41a3f6ae193e7a7e",
      "parents": [
        "504039b1d36075f03f2923a457b03694380c529f"
      ],
      "author": {
        "name": "Frank Salim",
        "email": "franksalim@google.com",
        "time": "Tue Dec 19 22:38:09 2017 -0800"
      },
      "committer": {
        "name": "Frank Salim",
        "email": "franksalim@google.com",
        "time": "Tue Jan 23 00:29:11 2018 -0800"
      },
      "message": "Keystore APIs for Import Wrapped Key, Strongbox, 3DES\n\nImport Wrapped Key:\nApplications can import keys in a wrapped, encrypted format. Wrapped keys are\nunwrapped inside of a Keymaster device.\n\nStrongbox:\nApplications can import and generate keys in secure hardware.\n\n3DES:\nAdd KeyProperties and KeymasterDefs\nAdd AndroidKeyStore3DESCipherSpi and provider registrations\n\nBug: 63931634\nTest: Keystore CTS tests in progress\n\nChange-Id: I80b6db865b517fa108f14aced7402336212c441b\n"
    },
    {
      "commit": "eab62566ef5caff37098f034db46b39f0e06317a",
      "tree": "428368182f2359cfa84afc774f5624de8cdad141",
      "parents": [
        "2bb444136a10731f73fe7e7052a0fcbec0472262"
      ],
      "author": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Tue Jan 16 16:33:22 2018 +0000"
      },
      "committer": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Tue Jan 16 16:33:22 2018 +0000"
      },
      "message": "KeyStore: Remove duplicate method\n\nRemove the duplicate() method from KeyStore.\nIt is backed by dead code in the Keystore service, which (as far as I\ncan tell) is not doing the right thing.\n\nPrevious conversations with Keystore team members suggested this API\nshould not be used and it is marked for removal in the Keystore service.\n\nBug: 72037261\nTest: That it compiles.\nChange-Id: I7f8af95473c876340cbd5c73dd88c5d0282897b3\n"
    },
    {
      "commit": "94d56761249a8e8c073867c17bba59b4a898f113",
      "tree": "a5d48db4ef71a6e105810d282ea3c8af32e42697",
      "parents": [
        "ea713a3882d11675ca067ad63ab01a664d012f3b"
      ],
      "author": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Thu Dec 21 20:50:54 2017 +0000"
      },
      "committer": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Tue Jan 02 23:36:15 2018 +0000"
      },
      "message": "DPM: Implement Device ID attestation\n\nEnable requesting inclusion of device identifiers in the attestation\nrecord issued for keys generated by generateKeyPair.\nThis is done by passing an array of flags with values indicating which\nidentifiers should be included.\nSince the attestation record will include sensitive identifiers, it can\nonly be requested by the DPC in Device Owner mode or by the Delegated\nCert Installer in Device Owner mode.\n\nDesign note:\nDevicePolicyManager defines its own set of constants for the different\nidentifier types (ID_TYPE_*) and prior to calling\nDevicePolicyManagerService it translates them to the values defined by\nAttestationUtils (which is not a public class).\nThe reason is to allow re-use of code in AttestationUtils for preparing\nthe attestation arguments.\nIn theory, these constants could be moved from AttestationUtils to\nDevicePolicyManager, however that would create a dependency on DPM from\nKeystore, which logically does not make sense as Keystore is independent\nof the DPM (and in a lower level of the system, conceptually).\n\nBug: 63388672\nTest: cts-tradefed run commandAndExit cts-dev -a armeabi-v7a -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.DeviceOwnerTest#testKeyManagement; runtest frameworks-services -c com.android.server.devicepolicy.DevicePolicyManagerTest#testTranslationOfIdAttestationFlag\nChange-Id: Ifb42e8e813fa812a08203b4a81d15b1f91152354\n"
    },
    {
      "commit": "7b27036950574a51edd6ade7b3c8d82b950b857a",
      "tree": "4f54b9dab58679d803a9f575be246183efb3ae36",
      "parents": [
        "43fce46bcd2f77cbcf53fcb8d64d16b3eb92da2a",
        "03dd82792e41ed76602ca5f2ea32446da741c737"
      ],
      "author": {
        "name": "TreeHugger Robot",
        "email": "treehugger-gerrit@google.com",
        "time": "Thu Dec 28 02:16:55 2017 +0000"
      },
      "committer": {
        "name": "Android (Google) Code Review",
        "email": "android-gerrit@google.com",
        "time": "Thu Dec 28 02:16:55 2017 +0000"
      },
      "message": "Merge changes from topics \"wrapped_key_import\", \"keystore_seclevels\"\n\n* changes:\n  Add importWrappedKey to IKeystoreService.aidl\n  Keystore: Use security levels\n"
    },
    {
      "commit": "0aadf935cbaa0a0f3b1570e162790fd04cbef530",
      "tree": "a59e946d1a27852741295fd14961e204377840f3",
      "parents": [
        "39b4499d943d2a078b7c7ca2936908d7aac719d1"
      ],
      "author": {
        "name": "Janis Danisevskis",
        "email": "jdanis@google.com",
        "time": "Mon Dec 18 17:28:52 2017 -0800"
      },
      "committer": {
        "name": "Janis Danisevskis",
        "email": "jdanis@google.com",
        "time": "Fri Dec 22 00:02:39 2017 +0000"
      },
      "message": "Keystore: Use security levels\n\nIn anticipation of the availability of Keymaster implementations with\nmultiple security levels this patch adds the additional\nkeystore flags FLAG_SOFTWARE and FLAG_STROGBOX.\n\nAlso, the IKeystore method addRngEntropy got a new flags parameter\nfor the caller to express which implementation shall be awarded the\nprecious entropy.\n\nTest: Keystore CTS tests\nBug: 63931634\nChange-Id: I4a4eafbdbe1290f0c7bd2bfa2ce3e5fbb06c2dd8\n"
    },
    {
      "commit": "ecf0f22e5831832afb48c86abfaa81234c8db619",
      "tree": "06616aa20a0ffe77805d314c2b24bae9a3866534",
      "parents": [
        "171fec8c356ffa8cd4837092fce3b5cd5e2712fe"
      ],
      "author": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Mon Dec 11 12:32:13 2017 +0000"
      },
      "committer": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Mon Dec 18 13:26:01 2017 +0000"
      },
      "message": "DPM: Implement installing certificates for generated keys\n\nAdd a new method in the DevicePolicyManager to associate certificates (and\nset the user-visibility) with a given key alias.\nConceptually, the new method, setKeyPairCertificate is very similar to\ninstallKeyPair, except it does not install a key, only certificates.\n\n(The new setKeyPairCertificate, together with generateKeyPair is\nfunctionally equivalent to installKeyPair, except the keys are generated\nin hardware rather than supplied externally).\n\nBug: 63388672\nTest: cts-tradefed run commandAndExit cts-dev -a armeabi-v7a -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.DeviceOwnerTest#testKeyManagement -l DEBUG\nChange-Id: Idbfe151f6e5311766decbc1a010bff78dc60249f\n"
    },
    {
      "commit": "39b4499d943d2a078b7c7ca2936908d7aac719d1",
      "tree": "d6740506d01771f9d169666d48aba5359129d1cd",
      "parents": [
        "cc1b3e0e89c738503f99a4fe23de1712425c67e4",
        "64338c0e4d0ec64c55abc34c0559d94ee352723c"
      ],
      "author": {
        "name": "Janis Danisevskis",
        "email": "jdanis@google.com",
        "time": "Fri Dec 15 23:48:55 2017 +0000"
      },
      "committer": {
        "name": "Android (Google) Code Review",
        "email": "android-gerrit@google.com",
        "time": "Fri Dec 15 23:48:55 2017 +0000"
      },
      "message": "Merge \"Consolidate Keystore alias prefixes.\""
    },
    {
      "commit": "64338c0e4d0ec64c55abc34c0559d94ee352723c",
      "tree": "ca55c1153ac4e02df80af05dcf7fc2581f193e88",
      "parents": [
        "bb91f5fe94188de451726dd83cdaffd5944f5108"
      ],
      "author": {
        "name": "Janis Danisevskis",
        "email": "jdanis@google.com",
        "time": "Wed Apr 19 09:17:17 2017 -0700"
      },
      "committer": {
        "name": "Janis Danisevskis",
        "email": "jdanis@google.com",
        "time": "Fri Dec 15 00:14:40 2017 +0000"
      },
      "message": "Consolidate Keystore alias prefixes.\n\nCurrently, the keystore SPI assigns different prefixes to user key\nentries depending on the algorithm. Symmetric keys (secret keys) get\nthe prefix USERSKEY_ and asymmetric keys (private keys) get the\nprefix USERPKEY_. This distinction is superfluous, as the information\ncan always be retrieved from the key characteristics. Also moving\nforward it is desirable to be able to import keys the nature\nof which is not known a priori. In these cases the prefix cannot be\nchosen meaningfully.\n\nThis patch deprecates one of the prefixes (i.e. USERSKEY_) and uses\nthe other for both types of keys. Legacy keys with the old prefix\ncan still be used, but all new keys will have the prefix USERPKEY_.\n\nBug: 63931634\nTest: CTS test and Manual upgrade test with KeyStoreTool app\n      Also performed upgrade test with device PIN set\nChange-Id: I5b4bb0b0d2b82c276659d55b862150326bb68d5d\n"
    },
    {
      "commit": "a173064047d304837d907b9b39ece5c14adf2b25",
      "tree": "6b8716f7f503e84cb257b3154bf5cdded48e43f9",
      "parents": [
        "7d6688f35e37a96579db8ae2342eda3239a92c3c"
      ],
      "author": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Mon Dec 11 17:48:47 2017 +0000"
      },
      "committer": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Thu Dec 14 18:09:05 2017 +0000"
      },
      "message": "DevicePolicyManager: Support attestation for generated keys.\n\nIf the KeyGenParameterSpec passed into\nDevicePolicyManager.generateKeyPair contains an attestation challenge,\nrequest an attestation record for the newly-generated key with the\nchallenge provided.\n\nThis particular implementation was chosen, rather than letting the\nattestation record be generated at the same time as key generation, to\navoid having the attestation chain stored in Keystore and associated\nwith the generated alias.\n\nThe rationale is that this is a key that is potentially accessible by\nmultiple applications and the attestation chain may end up being sent\nas a TLS client certificate chain, for example.\n\nAs the attestation challenge should be unique per device, to avoid\nthe potential of sending / sharing unique device information, by\nexplicitly requesting an attestation record after key generation, the\nattestation record is only returned to the generateKeyPair client and\nnot persistend in Keystore.\n\nBug: 63388672\nTest: New CTS test to be run with: \u0027cts-tradefed run commandAndExit cts-dev -a armeabi-v7a -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.DeviceOwnerTest#testKeyManagement -l DEBUG\u0027\nChange-Id: I95a9aef179173b571b533301ac438c675e8fe702\n"
    },
    {
      "commit": "27674aedc0c2fe6f013ea0d6722bdb0d17fc7c57",
      "tree": "746a77641c8f5a615b8415b3e55f87d897b557a7",
      "parents": [
        "e5634eeba63e975f8d69f7673596a5dc59908438",
        "5db9a911354271abdc13a2a645d0de7d2619010e"
      ],
      "author": {
        "name": "Jeff Sharkey",
        "email": "jsharkey@google.com",
        "time": "Mon Dec 11 16:47:13 2017 +0000"
      },
      "committer": {
        "name": "Android (Google) Code Review",
        "email": "android-gerrit@google.com",
        "time": "Mon Dec 11 16:47:13 2017 +0000"
      },
      "message": "Merge \"Add auto-doc support for @StringDef.\""
    },
    {
      "commit": "47670548e07140f3308c2aa4741b1bbf4f25d7bc",
      "tree": "eff6958afdadc70e5a27b06f6a0f8f9593f06bc2",
      "parents": [
        "b8f2728a787db8dc551345b464705f049d970502"
      ],
      "author": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Sat Dec 09 21:25:04 2017 +0000"
      },
      "committer": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Mon Dec 11 12:28:13 2017 +0000"
      },
      "message": "Keystore: Fix KeyGenParameterSpec parceling\n\nFix the way KeyGenParameterSpec is parceled, by correctly handling\ndefault and null values for some of the fields.\n\nA recent CL added the ability to parcel/unparcel KeyGenParameterSpec (by\na separate class).\nDue to refactoring late in the CL review cycle, the parceling code did\nnot take into account a few edge cases.\n\nUnit tests:\nm -j KeystoreTests \u0026\u0026 adb install -r out/target/product/marlin/data/app/KeystoreTests/KeystoreTests.apk\nadb shell am instrument \u0027android.security.tests/android.support.test.runner.AndroidJUnitRunner\u0027\n\nCTS tests:\ncts-tradefed run commandAndExit cts-dev -a armeabi-v7a -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.DeviceOwnerTest#testKeyManagement -l DEBUG\n\nBug: 69337278\nTest: Keystore unit tets (see instructions above) and cts Key Management test.\nChange-Id: Ie08f42b07fb55b6fa1d8fb73c89d69687c97e214\n"
    },
    {
      "commit": "5db9a911354271abdc13a2a645d0de7d2619010e",
      "tree": "cca7ffd53bc9355afa36e96124912a7af62fd90e",
      "parents": [
        "6e15c2a89ae9733d2552d9d0a20504a4bdf69c29"
      ],
      "author": {
        "name": "Jeff Sharkey",
        "email": "jsharkey@android.com",
        "time": "Fri Dec 08 17:32:32 2017 -0700"
      },
      "committer": {
        "name": "Jeff Sharkey",
        "email": "jsharkey@android.com",
        "time": "Fri Dec 08 17:33:40 2017 -0700"
      },
      "message": "Add auto-doc support for @StringDef.\n\nBehaves pretty much the same as @IntDef, but now supports \"suffix\"\nin addition to \"prefix\" when matching constants.\n\nTest: manual docs output looks sane\nBug: 70406696\nChange-Id: I35064b0f9f36f1f13ccdb40302d818a004014f15\n"
    },
    {
      "commit": "b866307f99c35252dcb76e9269bb57d97c3c4b86",
      "tree": "ce8d4edc1cf2edbc48029214dfbde2213a3d9466",
      "parents": [
        "9d25218985ba8ea944b4a51d194744b5a85a1105"
      ],
      "author": {
        "name": "Paul Duffin",
        "email": "paulduffin@google.com",
        "time": "Fri Dec 08 00:02:42 2017 +0000"
      },
      "committer": {
        "name": "Paul Duffin",
        "email": "paulduffin@google.com",
        "time": "Fri Dec 08 00:07:17 2017 +0000"
      },
      "message": "Stop statically including legacy-android-test\n\nStatically including legacy-android-test leads to duplicate classes\nwhich causes build time problems (with Proguard) and runtime problems on\nolder SDK versions. This change:\n* Stops statically including legacy-android-test.\n* Adds compile time dependencies on andoid.test.base, android.test.mock\n  and android.test.runner where necessary.\n* Adds \u003cuses-library android:name\u003d\"android.test.runner\"/\u003e to any\n  affected package to ensure that the classes that were included by\n  legacy-android-test are still available at runtime. That also adds a\n  dependency on android.test.base and android.test.mock.\n\nThe following change descriptions were generated automatically and so\nmay be a little repetitive. They are provided to give the reviewer\nenough information to check the comments match what has actually been\nchanged and check the reasoning behind the changes.\n\n* apct-tests/perftests/core/Android.mk\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in CorePerfTests results\n    in duplicate classes which leads to build time and compile time\n    issues.\n\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    CorePerfTests\u0027s source depends on its classes and because of these\n    changes they are no longer present on the compilation path.\n\n* core/tests/ConnectivityManagerTest/Android.mk\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    ConnectivityManagerTest\u0027s source depends on its classes and because\n    of these changes they are no longer present on the compilation\n    path.\n\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in ConnectivityManagerTest\n    results in duplicate classes which leads to build time and compile\n    time issues.\n\n* core/tests/bandwidthtests/Android.mk\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    BandwidthTests\u0027s source depends on its classes and because of these\n    changes they are no longer present on the compilation path.\n\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in BandwidthTests results\n    in duplicate classes which leads to build time and compile time\n    issues.\n\n* core/tests/bluetoothtests/Android.mk\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    BluetoothTests\u0027s source depends on its classes and because of these\n    changes they are no longer present on the compilation path.\n\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in BluetoothTests results\n    in duplicate classes which leads to build time and compile time\n    issues.\n\n* core/tests/hosttests/test-apps/DownloadManagerTestApp/Android.mk\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in DownloadManagerTestApp\n    results in duplicate classes which leads to build time and compile\n    time issues.\n\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    DownloadManagerTestApp\u0027s source depends on its classes and because\n    of these changes they are no longer present on the compilation\n    path.\n\n* core/tests/hosttests/test-apps/ExternalSharedPerms/Android.mk\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in\n    ExternalSharedPermsTestApp results in duplicate classes which leads\n    to build time and compile time issues.\n\n* core/tests/hosttests/test-apps/ExternalSharedPermsBT/Android.mk\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in\n    ExternalSharedPermsBTTestApp results in duplicate classes which\n    leads to build time and compile time issues.\n\n* core/tests/hosttests/test-apps/ExternalSharedPermsDiffKey/Android.mk\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in\n    ExternalSharedPermsDiffKeyTestApp results in duplicate classes\n    which leads to build time and compile time issues.\n\n* core/tests/hosttests/test-apps/ExternalSharedPermsFL/Android.mk\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in\n    ExternalSharedPermsFLTestApp results in duplicate classes which\n    leads to build time and compile time issues.\n\n* core/tests/notificationtests/Android.mk\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    NotificationStressTests\u0027s source depends on its classes and because\n    of these changes they are no longer present on the compilation\n    path.\n\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in NotificationStressTests\n    results in duplicate classes which leads to build time and compile\n    time issues.\n\n* keystore/tests/Android.mk\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in KeystoreTests results\n    in duplicate classes which leads to build time and compile time\n    issues.\n\n* media/mca/tests/Android.mk\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    CameraEffectsTests\u0027s source depends on its classes and because of\n    these changes they are no longer present on the compilation path.\n\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in CameraEffectsTests\n    results in duplicate classes which leads to build time and compile\n    time issues.\n\n* media/tests/MediaFrameworkTest/Android.mk\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    mediaframeworktest\u0027s source depends on its classes and because of\n    these changes they are no longer present on the compilation path.\n\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in mediaframeworktest\n    results in duplicate classes which leads to build time and compile\n    time issues.\n\n* nfc-extras/tests/Android.mk\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in NfcExtrasTests results\n    in duplicate classes which leads to build time and compile time\n    issues.\n\n* packages/CarrierDefaultApp/tests/unit/Android.mk\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    CarrierDefaultAppUnitTests\u0027s source depends on its classes and\n    because of these changes they are no longer present on the\n    compilation path.\n\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in\n    CarrierDefaultAppUnitTests results in duplicate classes which leads\n    to build time and compile time issues.\n\n* packages/ExtServices/tests/Android.mk\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    ExtServicesUnitTests\u0027s source depends on its classes and because of\n    these changes they are no longer present on the compilation path.\n\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in ExtServicesUnitTests\n    results in duplicate classes which leads to build time and compile\n    time issues.\n\n* packages/MtpDocumentsProvider/tests/Android.mk\n    Added \u0027android.test.base\u0027 and \u0027android.test.mock\u0027 to\n    LOCAL_JAVA_LIBRARIES because MtpDocumentsProviderTests\u0027s source\n    depends on their classes and because of these changes they are no\n    longer present on the compilation path.\n\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in\n    MtpDocumentsProviderTests results in duplicate classes which leads\n    to build time and compile time issues.\n\n* packages/SettingsLib/tests/integ/Android.mk\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    SettingsLibTests\u0027s source depends on its classes and because of\n    these changes they are no longer present on the compilation path.\n\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in SettingsLibTests\n    results in duplicate classes which leads to build time and compile\n    time issues.\n\n* packages/SettingsProvider/Android.mk\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in SettingsProvider\n    results in duplicate classes which leads to build time and compile\n    time issues.\n\n* packages/SettingsProvider/AndroidManifest.xml\n    Add uses-library for android.test.runner because otherwise this\n    change would change the set of files available to SettingsProvider\n    at runtime.\n\n* packages/Shell/tests/Android.mk\n    Added \u0027android.test.base\u0027 and \u0027android.test.mock\u0027 to\n    LOCAL_JAVA_LIBRARIES because ShellTests\u0027s source depends on their\n    classes and because of these changes they are no longer present on\n    the compilation path.\n\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in ShellTests results in\n    duplicate classes which leads to build time and compile time\n    issues.\n\n* packages/SystemUI/shared/tests/Android.mk\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in SystemUISharedLibTests\n    results in duplicate classes which leads to build time and compile\n    time issues.\n\n* packages/SystemUI/tests/Android.mk\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in SystemUITests results\n    in duplicate classes which leads to build time and compile time\n    issues.\n\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    SystemUITests\u0027s source depends on its classes and because of these\n    changes they are no longer present on the compilation path.\n\n* packages/WAPPushManager/tests/Android.mk\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    WAPPushManagerTests\u0027s source depends on its classes and because of\n    these changes they are no longer present on the compilation path.\n\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in WAPPushManagerTests\n    results in duplicate classes which leads to build time and compile\n    time issues.\n\n* sax/tests/saxtests/Android.mk\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    FrameworksSaxTests\u0027s source depends on its classes and because of\n    these changes they are no longer present on the compilation path.\n\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in FrameworksSaxTests\n    results in duplicate classes which leads to build time and compile\n    time issues.\n\n* tests/BrowserPowerTest/Android.mk\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    BrowserPowerTests\u0027s source depends on its classes and because of\n    these changes they are no longer present on the compilation path.\n\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in BrowserPowerTests\n    results in duplicate classes which leads to build time and compile\n    time issues.\n\n* tests/CanvasCompare/Android.mk\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    CanvasCompare\u0027s source depends on its classes and because of these\n    changes they are no longer present on the compilation path.\n\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in CanvasCompare results\n    in duplicate classes which leads to build time and compile time\n    issues.\n\n* tests/CoreTests/android/Android.mk\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    CoreTests\u0027s source depends on its classes and because of these\n    changes they are no longer present on the compilation path.\n\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in CoreTests results in\n    duplicate classes which leads to build time and compile time\n    issues.\n\n* tests/DataIdleTest/Android.mk\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    DataIdleTest\u0027s source depends on its classes and because of these\n    changes they are no longer present on the compilation path.\n\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in DataIdleTest results in\n    duplicate classes which leads to build time and compile time\n    issues.\n\n* tests/FrameworkPerf/Android.mk\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    FrameworkPerf\u0027s source depends on its classes and because of these\n    changes they are no longer present on the compilation path.\n\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in FrameworkPerf results\n    in duplicate classes which leads to build time and compile time\n    issues.\n\n* tests/HierarchyViewerTest/Android.mk\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    HierarchyViewerTest\u0027s source depends on its classes and because of\n    these changes they are no longer present on the compilation path.\n\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in HierarchyViewerTest\n    results in duplicate classes which leads to build time and compile\n    time issues.\n\n* tests/ImfTest/tests/Android.mk\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    ImfTestTests\u0027s source depends on its classes and because of these\n    changes they are no longer present on the compilation path.\n\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in ImfTestTests results in\n    duplicate classes which leads to build time and compile time\n    issues.\n\n* tests/Internal/Android.mk\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in InternalTests results\n    in duplicate classes which leads to build time and compile time\n    issues.\n\n* tests/MemoryUsage/Android.mk\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    MemoryUsage\u0027s source depends on its classes and because of these\n    changes they are no longer present on the compilation path.\n\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in MemoryUsage results in\n    duplicate classes which leads to build time and compile time\n    issues.\n\n* tests/NetworkSecurityConfigTest/Android.mk\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    NetworkSecurityConfigTests\u0027s source depends on its classes and\n    because of these changes they are no longer present on the\n    compilation path.\n\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in\n    NetworkSecurityConfigTests results in duplicate classes which leads\n    to build time and compile time issues.\n\n* tests/SoundTriggerTests/Android.mk\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in SoundTriggerTests\n    results in duplicate classes which leads to build time and compile\n    time issues.\n\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    SoundTriggerTests\u0027s source depends on its classes and because of\n    these changes they are no longer present on the compilation path.\n\n* tests/SurfaceComposition/Android.mk\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in SurfaceComposition\n    results in duplicate classes which leads to build time and compile\n    time issues.\n\n    Added \u0027android.test.runner.stubs\u0027 to LOCAL_JAVA_LIBRARIES because\n    SurfaceComposition\u0027s source depends on its classes and because of\n    these changes they are no longer present on the compilation path.\n\n* tests/TtsTests/Android.mk\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in TtsTests results in\n    duplicate classes which leads to build time and compile time\n    issues.\n\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    TtsTests\u0027s source depends on its classes and because of these\n    changes they are no longer present on the compilation path.\n\n* tests/WindowAnimationJank/Android.mk\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in WindowAnimationJank\n    results in duplicate classes which leads to build time and compile\n    time issues.\n\n* tests/permission/Android.mk\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    FrameworkPermissionTests\u0027s source depends on its classes and\n    because of these changes they are no longer present on the\n    compilation path.\n\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in\n    FrameworkPermissionTests results in duplicate classes which leads\n    to build time and compile time issues.\n\n* tests/testables/tests/Android.mk\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in TestablesTests results\n    in duplicate classes which leads to build time and compile time\n    issues.\n\n    Added \u0027android.test.base\u0027 and \u0027android.test.mock\u0027 to\n    LOCAL_JAVA_LIBRARIES because TestablesTests\u0027s source depends on\n    their classes and because of these changes they are no longer\n    present on the compilation path.\n\nBug: 30188076\nTest: make checkbuild\nChange-Id: Iacfc939c97415314366ed61c5f3b7aa1a40f0ec9\n"
    },
    {
      "commit": "b2795710f33ce03f4106b4bbd3b41faec0c31bad",
      "tree": "020ae2fc5a5d7770f6868df4947dbd9036bffc72",
      "parents": [
        "f20ed0321032d70d715eb1ccdde338689a30c7f1",
        "852c8f121f2e502e1e8503bfc230dccb81b681d4"
      ],
      "author": {
        "name": "TreeHugger Robot",
        "email": "treehugger-gerrit@google.com",
        "time": "Thu Dec 07 18:20:45 2017 +0000"
      },
      "committer": {
        "name": "Android (Google) Code Review",
        "email": "android-gerrit@google.com",
        "time": "Thu Dec 07 18:20:45 2017 +0000"
      },
      "message": "Merge \"DevicePolicyManager: Add key generation functionality.\""
    },
    {
      "commit": "852c8f121f2e502e1e8503bfc230dccb81b681d4",
      "tree": "27c90a754791b77990afbcb369cac3fad401a3bf",
      "parents": [
        "d52efa56adaca0bc70fb72082c7c663adcb669cc"
      ],
      "author": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Wed Nov 15 05:55:52 2017 +0000"
      },
      "committer": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Thu Dec 07 15:12:30 2017 +0000"
      },
      "message": "DevicePolicyManager: Add key generation functionality.\n\nThis is the crux of the Verified Access feature implementation:\nAdding the ability to generate KeyChain keys directly by the\nsecure hardware, rather than installing software-generated keys\ninto KeyChain.\n\nAdd generateKeyPair to the DevicePolicyManager, which delegates key\ngeneration (via the DevicePolicyManagerService) to the KeyChainService.\n\nDesign highlights:\n* The key generation is delegated via the DevicePolicyManagerService to\n  check that only authorized callers request key generation in KeyChain.\n* KeyChainService performs the actual key generation so it owns the key\n  in Keystore outright.\n* DevicePolicyManagerService then grants the calling app access to the\n  Keystore key, so it can actually be used.\n* Loading the public/private key pair, as well as attestation\n  certificate chain, is done in the client code (DevicePolicyManager)\n  to save parceling / unparceling those objects across process\n  boundaries twice (for no good reason).\n\nNOTE: The key attestation functionality (that includes Device ID) is\nmissing/untested. Will be added in a follow-up CL as this one is quite\nbig already.\n\nHIGHLIGHT FOR REVIEWERS:\n* API: New API in DevicePolicyManager.\n\nBug: 63388672\nTest: cts-tradefed run commandAndExit cts-dev -a armeabi-v7a -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.DeviceOwnerTest#testKeyManagement -l DEBUG; adb shell am instrument \u0027android.security.tests/android.support.test.runner.AndroidJUnitRunner\u0027 (After building the KeystoreTests target and installing the apk)\nChange-Id: I73762c9123f32a94d454ba4f8b533883b55c44cc\n"
    },
    {
      "commit": "dcb520b4ed5889281124d3520a1675d0a7418a0a",
      "tree": "550daa9592c6c688bbc2916876f597b8fbb7cf10",
      "parents": [
        "231d50e799108b709d576400419a292908988e37",
        "9271333842c402d8486acfd781a87fac9d3eced9"
      ],
      "author": {
        "name": "Kevin Hufnagle",
        "email": "khufnagle@google.com",
        "time": "Thu Dec 07 05:47:03 2017 +0000"
      },
      "committer": {
        "name": "android-build-merger",
        "email": "android-build-merger@google.com",
        "time": "Thu Dec 07 05:47:03 2017 +0000"
      },
      "message": "Merge \"docs: Fixed key generator initialize method call.\" into oc-mr1-dev am: a1150e90e0\nam: 9271333842\n\nChange-Id: If099ce9dc3a35a1617de54c0187f718a0b391dcc\n"
    },
    {
      "commit": "8cc88984c8e62aba0d79c1b4b0e1c8c506b40df5",
      "tree": "0812746e83d84693f73e5dbdd045947de3d6375b",
      "parents": [
        "b94e697dcff23569f2b2bcc77173bed329a38242"
      ],
      "author": {
        "name": "Kevin Hufnagle",
        "email": "khufnagle@google.com",
        "time": "Wed Nov 29 12:06:52 2017 -0800"
      },
      "committer": {
        "name": "Kevin Hufnagle",
        "email": "khufnagle@google.com",
        "time": "Wed Nov 29 12:06:52 2017 -0800"
      },
      "message": "docs: Fixed key generator initialize method call.\n\nThe guide within the KeyGenParameterSpec class now uses the correct\nmethod (init() instead of initialize()) to initialize the key\ngenerator in the examples that show how to create AES and HMAC keys.\n\nTest: make ds-docs -j8\n\nBug: 69093664\nChange-Id: I6a9cbe6decd895c2505538f6ad4be91cd9133714\n"
    },
    {
      "commit": "23c438d711c15541312dbb5a83548967874f9ccb",
      "tree": "83b5160da7a62def6f3d014964fc53042926d83d",
      "parents": [
        "78252a23d6d38e4b1c938fef3d7b1dc6b7dfbe05"
      ],
      "author": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Thu Nov 23 17:20:52 2017 +0000"
      },
      "committer": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Thu Nov 23 17:59:36 2017 +0000"
      },
      "message": "KeyChain: Provide public \u0026 private keys\n\nIn order for the DevicePolicyManager to provide key generation\nfunctionality, it has to return both the private and public keys\nin form of a KeyPair.\n\nSince the KeyChainService will perform the key generation on behalf\nof the DevicePolicyManager (so that KeyChain will be the owner of\nthe generated keys outright), the DevicePolicyManager needs a way\nto get both the private and public key representations from KeyChain.\n\nA getKeyPair method is added that gets the private and public\nkey pair associated with a given alias from Keystore.\nThe getPrivateKey now delegates to the getKeyPair method and returns\nonly the private key.\n\nTested using existing CTS tests.\n\nBug: 63388672\nTest: cts-tradefed run commandAndExit cts-dev -a armeabi-v7a -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.DeviceOwnerTest#testKeyManagement\nChange-Id: I06b8511acd2049a0053ec8893de6de7429f7c92e\n"
    },
    {
      "commit": "5c0a517dffc67aac4c8b6df1b3324f1ff0311704",
      "tree": "308257396bbcb792a63aae1ecc18a1ab462a9ac0",
      "parents": [
        "a9a65af6ac4414b2df2a17bb2d3d5fb9254450c3",
        "7039f416c3db02bafc43dda0fc6db87b6ace2745"
      ],
      "author": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Tue Nov 14 13:43:03 2017 +0000"
      },
      "committer": {
        "name": "Android (Google) Code Review",
        "email": "android-gerrit@google.com",
        "time": "Tue Nov 14 13:43:03 2017 +0000"
      },
      "message": "Merge \"KeyChain: Adding methods for user-visibility.\""
    },
    {
      "commit": "7039f416c3db02bafc43dda0fc6db87b6ace2745",
      "tree": "e32cadf31e53155c2a3451eaa4c6e549d4681d1e",
      "parents": [
        "2b267dfbe967661879b54c638e1f72ab85c5b2f5"
      ],
      "author": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Wed Nov 08 01:03:30 2017 +0000"
      },
      "committer": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Thu Nov 09 20:51:35 2017 +0000"
      },
      "message": "KeyChain: Adding methods for user-visibility.\n\nAdd to the KeyChain aidl two methods for getting and setting whether\na key can be selectable by the user or not.\n\nSee\nhttps://googleplex-android-review.git.corp.google.com/#/c/platform/packages/apps/KeyChain/+/3199414/\n\nTest: To be determined.\nBug: 65624467\nChange-Id: Ib31a11ca432a5d29fdb8ed5349598dbff4bcb516\n"
    },
    {
      "commit": "efc4311a3fb84cacc98f0afe669c69f9d5196bd3",
      "tree": "7084786efb494627bfb7446704e49072a62d8b13",
      "parents": [
        "843f07e2d31e64b57357bbfc106b5c3a28315332"
      ],
      "author": {
        "name": "Dmitry Dementyev",
        "email": "dementyev@google.com",
        "time": "Fri Oct 27 23:10:28 2017 -0700"
      },
      "committer": {
        "name": "Dmitry Dementyev",
        "email": "dementyev@google.com",
        "time": "Tue Nov 07 10:21:08 2017 -0800"
      },
      "message": "Get rid of manually created IKeystoreService.\n\nJava/aidl side changes necessary to generate IKeystoreService.cpp\nGenerated C++ service currently doesn\u0027t support null parameters, so lots\nof parameters were updated to pass default value instead of null.\n\nTest: cts-tradefed run cts -m CtsKeystoreTestCases\nBug: 68389643\n\nChange-Id: Ifaf2ab48b2bcd7b081e4b336aa279fa8ba4fbbbf\n"
    },
    {
      "commit": "5596642a1035bcc120071d715336b965a51040fa",
      "tree": "9c16ea5cf15093e46ba18884173de6b5fc664302",
      "parents": [
        "ce7416809a6953ad2d421977de2aae81cc0549f8"
      ],
      "author": {
        "name": "Kevin Chyn",
        "email": "kchyn@google.com",
        "time": "Mon Oct 23 16:08:47 2017 -0700"
      },
      "committer": {
        "name": "Kevin Chyn",
        "email": "kchyn@google.com",
        "time": "Tue Oct 24 02:29:15 2017 +0000"
      },
      "message": "Check FEATURE_FINGERPRINT before trying to getSystemService\n\nFixes: 65838275\n\nTest: Tested on Ryu/Walleye, the stack trace is not seen anymore\nChange-Id: I7b12fdca81d5f2523dea5a981fcf1daa69254eb4\n"
    },
    {
      "commit": "da5dae23f9cd5a2776b7f70a58e234dd8a9fcdf7",
      "tree": "788854828cf3a1b6b9e2c6345c3b882c3589add3",
      "parents": [
        "ec02583438effc8b3559ccdfa6c78a8fe1da6fc4"
      ],
      "author": {
        "name": "Janis Danisevskis",
        "email": "jdanis@google.com",
        "time": "Fri Sep 01 14:45:16 2017 -0700"
      },
      "committer": {
        "name": "Shawn Willden",
        "email": "swillden@google.com",
        "time": "Tue Sep 12 04:13:11 2017 +0000"
      },
      "message": "Fix use of auth-bound keys after screen lock removal\n\nWhen an auth-bound key is used after the screen lock has been removed by\nthe user, KeyStore.begin retruns UNINITIALIZED.\n\nThis patch adds handling for this error code, indicating that the key\nthat was to be used was permanently invalidated.\n\nBug: 65200397\nTest: CtsVerifier ScreenLockBoundKeysTest:\n      1. Run test\n      2. with CtsVerifier in the background remove the screen lock\n         through the settings dialog\n      3. Select VtsVerifier in \u0027recents\u0027\n      4. Run test again\n\nChange-Id: If68ba0eb2f9c04655fe8c9eea28c4491eae8e92f\n(cherry picked from commit d07d3384279c0c07c5c6747ea8d0c5684264c9d0)\n"
    },
    {
      "commit": "d07d3384279c0c07c5c6747ea8d0c5684264c9d0",
      "tree": "a0cac335651521d9d60d6381087fd05c93715b85",
      "parents": [
        "9f5e99159056da901aefc4ac4ff26aa382a23765"
      ],
      "author": {
        "name": "Janis Danisevskis",
        "email": "jdanis@google.com",
        "time": "Fri Sep 01 14:45:16 2017 -0700"
      },
      "committer": {
        "name": "Janis Danisevskis",
        "email": "jdanis@google.com",
        "time": "Fri Sep 01 14:45:16 2017 -0700"
      },
      "message": "Fix use of auth-bound keys after screen lock removal\n\nWhen an auth-bound key is used after the screen lock has been removed by\nthe user, KeyStore.begin retruns UNINITIALIZED.\n\nThis patch adds handling for this error code, indicating that the key\nthat was to be used was permanently invalidated.\n\nBug: 65200397\nTest: CtsVerifier ScreenLockBoundKeysTest:\n      1. Run test\n      2. with CtsVerifier in the background remove the screen lock\n         through the settings dialog\n      3. Select VtsVerifier in \u0027recents\u0027\n      4. Run test again\n\nChange-Id: If68ba0eb2f9c04655fe8c9eea28c4491eae8e92f\n"
    }
  ],
  "next": "520ba6d132cc581461b532811141867fa30a5cf8"
}
