)]}'
{
  "log": [
    {
      "commit": "cd0eb716c52b20fbc051d1da79a8fe1b91c1f4c3",
      "tree": "7b6b3b9a071026b5cbac8f1c03f21e7ac96b5b1c",
      "parents": [
        "8785209fd7e7172cb096350b4007d5d9f8ef3208"
      ],
      "author": {
        "name": "Mike Harris",
        "email": "mwharris@google.com",
        "time": "Thu Apr 26 15:20:10 2018 -0700"
      },
      "committer": {
        "name": "Rubin Xu",
        "email": "rubinxu@google.com",
        "time": "Mon Apr 30 09:27:31 2018 +0000"
      },
      "message": "Use the @Nullable annotations for choosePrivateKeyAlias.\n\nBoth the code and docstring support this, but the parameters weren\u0027t\nannotated.\n\nTest: it builds locally\n\nChange-Id: I16beddcd74a86047ce9aaf37007d96f3e8e0d4e0\nMerged-In: I16beddcd74a86047ce9aaf37007d96f3e8e0d4e0\nFix: 78868934\n(cherry picked from commit b7c5eddc53c3872b661222ae30270d95cfe63b4e)\n"
    },
    {
      "commit": "ec6268c5146ab3257172552234bc0fe6534940a4",
      "tree": "b3c04a5fadb572b7020849883d25d4b070639a3a",
      "parents": [
        "637422b2bf7ca08dde6fdfce1fba7daa4965ff2c",
        "52dcedca37a08bcd01f8d060e269d4eb3745831f"
      ],
      "author": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Fri Apr 13 10:07:36 2018 +0000"
      },
      "committer": {
        "name": "Android (Google) Code Review",
        "email": "android-gerrit@google.com",
        "time": "Fri Apr 13 10:07:36 2018 +0000"
      },
      "message": "Merge \"AttestationUtils: Request MEID explicitly\" into pi-dev"
    },
    {
      "commit": "52dcedca37a08bcd01f8d060e269d4eb3745831f",
      "tree": "24e18558d2e884c6402fb618517bf9bbbad4f47f",
      "parents": [
        "0b5dd8e56040e2cd3dc95abfebe7fdb71cc7f0bc"
      ],
      "author": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Thu Apr 12 14:06:59 2018 +0100"
      },
      "committer": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Thu Apr 12 17:20:35 2018 +0100"
      },
      "message": "AttestationUtils: Request MEID explicitly\n\nRather than rely on getDeviceId to provide the MEID, explicitly use\ngetMeid to get it.\n\nFor MEID attestation to work, the right identifier needs to be passed in\nfor attestation by Keymaster.\nAttestationUtils currently gets this identifier by calling getDeviceId.\nThis would only yield the MEID if the device does not have an IMEI\nprovisioned, which means it\u0027ll get the IMEI for devices that have both\n(like Pixel 2).\n\nAccording to bartfab@ that is the correct way (see b/77584730#13).\n\nBug: 77584730\nBug: 73284024\nTest: runtest --path cts/tests/tests/keystore/src/android/keystore/cts/KeyAttestationTest.java\nChange-Id: I98f6c2e2a9835bf2fd681cfb4ff74fc3984c3a8e\n"
    },
    {
      "commit": "9b5853d304702f1c76025ed80483276ce377f98f",
      "tree": "aeea93761e0e9390470edfc130587de16e8be62f",
      "parents": [
        "10fb6582eb9c0e84938af9a2be0017e35eb59c5e"
      ],
      "author": {
        "name": "Allen Webb",
        "email": "allenwebb@google.com",
        "time": "Tue Apr 10 10:33:42 2018 -0700"
      },
      "committer": {
        "name": "Allen Webb",
        "email": "allenwebb@google.com",
        "time": "Wed Apr 11 19:23:30 2018 +0000"
      },
      "message": "keystore: Add documentation for user presence required.\n\nTest: make -j50 docs\nBug: 77600728\nChange-Id: I6334bc0fc7a7d4faced6b03522c350ce74303443\nSigned-off-by: Allen Webb \u003callenwebb@google.com\u003e\n"
    },
    {
      "commit": "13e230f5d6a757f1a7ecd53d6254ac3e2826163d",
      "tree": "a845c7dfaa5c4aebf14a08aed628781433497185",
      "parents": [
        "1c5ee613be6ac28877468d89272ad76bf03440c9"
      ],
      "author": {
        "name": "Shawn Willden",
        "email": "swillden@google.com",
        "time": "Tue Apr 10 17:21:39 2018 -0600"
      },
      "committer": {
        "name": "Shawn Willden",
        "email": "swillden@google.com",
        "time": "Tue Apr 10 18:15:22 2018 -0600"
      },
      "message": "Mark CTS-tested APIs as @TestApi\n\nBug: 77596526\nTest: Keystore CTS\nChange-Id: Ic4280db3d9ff093138f0a361ac6a52ca69187cca\n"
    },
    {
      "commit": "1c5ee613be6ac28877468d89272ad76bf03440c9",
      "tree": "257878e6ec396df4e95bd7b1770b39ec9fc3d579",
      "parents": [
        "26f00b9d87dd49bbb69c3cfc87fe1a243c2d4c78"
      ],
      "author": {
        "name": "Brian C. Young",
        "email": "bcyoung@google.com",
        "time": "Tue Apr 10 08:43:53 2018 -0700"
      },
      "committer": {
        "name": "Shawn Willden",
        "email": "swillden@google.com",
        "time": "Tue Apr 10 17:05:39 2018 -0600"
      },
      "message": "Allow CTS tests to access more from KeyProtection\n\nAdd @TestApi to allow CTS tests to use that call.\nEncryption and decryption are reversed in some documentation.\n\nTest: CtsKeystoreTestCases\nBug: 77596526\nChange-Id: Ifaf8b3fa0e231eef256451a2514219fff1b16699\n"
    },
    {
      "commit": "aa5c335a60f8316e2935bf2281c4f985b607d586",
      "tree": "65f0c67c0d763f533f7c6a1e3f4ce57d39249c19",
      "parents": [
        "93a10eb1d2535f2ab9c3edfa10bb31e439a825e9",
        "be10891cab6ef8942cdeb6fd36920804199161a5"
      ],
      "author": {
        "name": "TreeHugger Robot",
        "email": "treehugger-gerrit@google.com",
        "time": "Thu Apr 05 00:58:18 2018 +0000"
      },
      "committer": {
        "name": "Android (Google) Code Review",
        "email": "android-gerrit@google.com",
        "time": "Thu Apr 05 00:58:18 2018 +0000"
      },
      "message": "Merge \"keystore: Change superclass of UserPresenceUnavailableException.\" into pi-dev"
    },
    {
      "commit": "084f9aee9a54a86680feed7cafd56a06ba6f24f8",
      "tree": "9f094fc4b33c4e2132786a15025725915ab45ce0",
      "parents": [
        "6d24a1c8bef4c70ac1e646ffb21299ad7fe4a22b",
        "6f8fa9ac83e8690728400ca78e7b969d01fceb62"
      ],
      "author": {
        "name": "TreeHugger Robot",
        "email": "treehugger-gerrit@google.com",
        "time": "Mon Apr 02 21:40:34 2018 +0000"
      },
      "committer": {
        "name": "Android (Google) Code Review",
        "email": "android-gerrit@google.com",
        "time": "Mon Apr 02 21:40:34 2018 +0000"
      },
      "message": "Merge \"\"Unlocked device required\" javadoc clarification\" into pi-dev"
    },
    {
      "commit": "840c29eb0be73a875c883863cf1421ca789f7041",
      "tree": "0746509d6debe27d2d3704105e47d58599dc8fbb",
      "parents": [
        "540f74786135b5c99170a518ef246ecfd0588739",
        "3c1830bd7f85f35fe216b8bc5bc7f515b8f6d777"
      ],
      "author": {
        "name": "TreeHugger Robot",
        "email": "treehugger-gerrit@google.com",
        "time": "Mon Apr 02 20:36:34 2018 +0000"
      },
      "committer": {
        "name": "Android (Google) Code Review",
        "email": "android-gerrit@google.com",
        "time": "Mon Apr 02 20:36:34 2018 +0000"
      },
      "message": "Merge \"Rename trustedUserPresenceRequired.\" into pi-dev"
    },
    {
      "commit": "6f8fa9ac83e8690728400ca78e7b969d01fceb62",
      "tree": "c3a6cc2ff0b058f42e78bcba518b54e880b83c12",
      "parents": [
        "50228a647183c9315312f8f36ba849f8b1e6d3d0"
      ],
      "author": {
        "name": "Brian C. Young",
        "email": "bcyoung@google.com",
        "time": "Mon Apr 02 12:40:58 2018 -0700"
      },
      "committer": {
        "name": "Brian C. Young",
        "email": "bcyoung@google.com",
        "time": "Mon Apr 02 12:40:58 2018 -0700"
      },
      "message": "\"Unlocked device required\" javadoc clarification\n\nWording changes on the public API functions for these keys.\n\nTest: CTS\nBug: 67752510\nChange-Id: Iaf620e8c0e06d436d09f50d308268653bec196ce\n"
    },
    {
      "commit": "3c1830bd7f85f35fe216b8bc5bc7f515b8f6d777",
      "tree": "ec912d970d6eabc3731e190e15c5fccfc321d869",
      "parents": [
        "78e805684b427d3ba903a3ee5d12d3ea47be68b9"
      ],
      "author": {
        "name": "Shawn Willden",
        "email": "swillden@google.com",
        "time": "Tue Mar 27 16:10:37 2018 -0600"
      },
      "committer": {
        "name": "Shawn Willden",
        "email": "swillden@google.com",
        "time": "Mon Apr 02 13:03:14 2018 -0600"
      },
      "message": "Rename trustedUserPresenceRequired.\n\nThe existing name is misleading, because it can be read as requiring\nthat a trusted user be present, rather than the intended meaning of\nrequiring trusted proof of user presence.  Since this is all about\nTEE/SE-based keys, the \"trusted\" part is implied, so the simple\n\"userPresenceRequired\" name makes more sense.\n\nBug: 77151288\nTest: Keystore CTS tests\nChange-Id: If8b533b9f34a1875eaf35cdd1bb8f3709da9761b\n"
    },
    {
      "commit": "50228a647183c9315312f8f36ba849f8b1e6d3d0",
      "tree": "a8d176ad21064b96cf4ba6f00abc38faded35b05",
      "parents": [
        "ea31cbea935a20d9d290453c2ba2f8b8670e45ca",
        "b631503200c8de47bbd83a71f17c798f5c2f1582"
      ],
      "author": {
        "name": "TreeHugger Robot",
        "email": "treehugger-gerrit@google.com",
        "time": "Mon Apr 02 18:45:35 2018 +0000"
      },
      "committer": {
        "name": "Android (Google) Code Review",
        "email": "android-gerrit@google.com",
        "time": "Mon Apr 02 18:45:35 2018 +0000"
      },
      "message": "Merge \"Revise secure key import API after review\" into pi-dev"
    },
    {
      "commit": "f5f6bb2d888ada9b4bb3a92b106f4b1416968ea7",
      "tree": "85a711efe72b59f1b429702d0a63451cd4774476",
      "parents": [
        "77fcc0da3b95b5a191fa65751aa86bc696260df7"
      ],
      "author": {
        "name": "Brian C. Young",
        "email": "bcyoung@google.com",
        "time": "Fri Mar 30 14:03:15 2018 -0700"
      },
      "committer": {
        "name": "Brian Young",
        "email": "bcyoung@google.com",
        "time": "Fri Mar 30 21:37:48 2018 +0000"
      },
      "message": "Remove getCurrentUser call to find an alternative\n\nThe call the framework uses to get the current user ID requires the\nINTERACT_ACROSS_USERS permission, which not a lot of apps will have.\nFind a better way to do that.\n\nBug: 76430246\n\nTest: CtsKeystoreTestCases\nChange-Id: I8a0637d351fff9cfbf40e02946325f90466b68c5\n"
    },
    {
      "commit": "1e0a9b0b1b706e4ef31522cdbc7d3d5232e6c382",
      "tree": "f52a975589283f52c50799e4ea3d61edfe8c6245",
      "parents": [
        "4ced90cb12c915db0cac0bbea25a1b8a43d93164",
        "9e8749058039b92fbed6ecf5a78eb9bf0c45c0e8"
      ],
      "author": {
        "name": "TreeHugger Robot",
        "email": "treehugger-gerrit@google.com",
        "time": "Fri Mar 30 18:54:39 2018 +0000"
      },
      "committer": {
        "name": "Android (Google) Code Review",
        "email": "android-gerrit@google.com",
        "time": "Fri Mar 30 18:54:39 2018 +0000"
      },
      "message": "Merge \"Enable \"Unlocked device required\" API\" into pi-dev"
    },
    {
      "commit": "b631503200c8de47bbd83a71f17c798f5c2f1582",
      "tree": "1999d958dd37941c66ed99972244e64afb1142bc",
      "parents": [
        "3d8fa52f59dcfae93e8ecc7a669fd3757e87c63f"
      ],
      "author": {
        "name": "Frank Salim",
        "email": "franksalim@google.com",
        "time": "Thu Mar 15 17:33:16 2018 -0700"
      },
      "committer": {
        "name": "Frank Salim",
        "email": "franksalim@google.com",
        "time": "Fri Mar 30 10:25:22 2018 -0700"
      },
      "message": "Revise secure key import API after review\n\n• WrappedKeyEntry: add doc (based on IKeymasterDevice.hal comments)\n• StrongBoxUnavailableException: add public ctors, match superclass\n• SecureKeyImportUnavailableException: new first class exception\n• ORIGIN_SECURELY_IMPORTED: elaborated on properties\n\nTest: make doc \u0026 review output\nBug: b/74218267\nChange-Id: Ice9adc60ede618870e57bb58ca66fd0218cd2bf7\n"
    },
    {
      "commit": "be10891cab6ef8942cdeb6fd36920804199161a5",
      "tree": "edcf91ceffed8bffc6ee06886d5f85872d2682b7",
      "parents": [
        "912853be102cc854f77d25f0946f4e6435b100b9"
      ],
      "author": {
        "name": "Allen Webb",
        "email": "allenwebb@google.com",
        "time": "Thu Mar 29 09:50:45 2018 -0700"
      },
      "committer": {
        "name": "Allen Webb",
        "email": "allenwebb@google.com",
        "time": "Fri Mar 30 10:02:46 2018 -0700"
      },
      "message": "keystore: Change superclass of UserPresenceUnavailableException.\n\nAlso add additional comments to isTrustedUserPresenceRequired().\n\nTest: m -j KeystoreTests \u0026\u0026 adb install -r\nout/target/product/${TARGET_PRODUCT}/data/app/KeystoreTests/KeystoreTests.apk\n    adb shell am instrument\n\nBug: 73392697\nBug: 76462141\nChange-Id: Iabcc331adda53e2a5cad5ead6002dfbc29188da2\nSigned-off-by: Allen Webb \u003callenwebb@google.com\u003e\n"
    },
    {
      "commit": "0186b42f2ae7e2c7b3e88043c2d1cb255f09514e",
      "tree": "500b6e1233f875e8f93f98759f3130234d637832",
      "parents": [
        "69196f6fadf2445c2b9c06c17162d0cd3dfaeb5a",
        "9272dab49efa9c70ab92879c3e79a76fc8364d34"
      ],
      "author": {
        "name": "Brian Young",
        "email": "bcyoung@google.com",
        "time": "Fri Mar 30 14:21:19 2018 +0000"
      },
      "committer": {
        "name": "Android (Google) Code Review",
        "email": "android-gerrit@google.com",
        "time": "Fri Mar 30 14:21:19 2018 +0000"
      },
      "message": "Merge changes from topics \"niap-asym-write-pi-dev\", \"niap-asym-write-api-pi-dev\" into pi-dev\n\n* changes:\n  Restore \"Add \"Unlocked device required\" parameter to keys\"\n  Add \"Unlocked device required\" key API\n"
    },
    {
      "commit": "9e8749058039b92fbed6ecf5a78eb9bf0c45c0e8",
      "tree": "3359c0d9694c908007e45d67ca5648df657d973e",
      "parents": [
        "9272dab49efa9c70ab92879c3e79a76fc8364d34"
      ],
      "author": {
        "name": "Brian C. Young",
        "email": "bcyoung@google.com",
        "time": "Mon Mar 26 11:40:13 2018 -0700"
      },
      "committer": {
        "name": "Brian C. Young",
        "email": "bcyoung@google.com",
        "time": "Thu Mar 29 10:25:33 2018 -0700"
      },
      "message": "Enable \"Unlocked device required\" API\n\nRemove the @hide annotations so the SDP asymmetric-write functionality\nis included in the public API.\n\nTest: CtsKeystoreTestCases\n\nBug: 63928827\nChange-Id: I8f462b0ebe4d9a7b96b48fa1672dd2ab9140c505\n"
    },
    {
      "commit": "9272dab49efa9c70ab92879c3e79a76fc8364d34",
      "tree": "9155709e2901fd9e5fe2a9ff2608765d87ce9b02",
      "parents": [
        "36716eb4709503f2ef370c6f67273440cd91d18c"
      ],
      "author": {
        "name": "Brian Young",
        "email": "bcyoung@google.com",
        "time": "Fri Feb 23 18:04:20 2018 +0000"
      },
      "committer": {
        "name": "Brian C. Young",
        "email": "bcyoung@google.com",
        "time": "Thu Mar 29 10:24:18 2018 -0700"
      },
      "message": "Restore \"Add \"Unlocked device required\" parameter to keys\"\n\nAdd a keymaster parameter for keys that should be inaccessible when\nthe device screen is locked. \"Locked\" here is a state where the device\ncan be used or accessed without any further trust factor such as a\nPIN, password, fingerprint, or trusted face or voice.\n\nThis parameter is added to the Java keystore interface for key\ncreation and import, as well as enums specified by and for the native\nkeystore process.\n\nThis reverts commit da82e2cb7193032867f86b996467bcd117545616.\n\nTest: CTS tests in I8a5affd1eaed176756175158e3057e44934fffed\n\nBug: 67752510\n\nMerged-In: Ia162f1db81d050f64995d0360f714e79033ea8a5\nChange-Id: Ia162f1db81d050f64995d0360f714e79033ea8a5\n(cherry picked from d7c961ee914192e09ec10727da6d31a6b597bf51)\n"
    },
    {
      "commit": "6169239b942fc2f6e8721b219f84b506c106fbe1",
      "tree": "9826db736692e5d9d870117d4b4be68e770c6fce",
      "parents": [
        "3a5dabbb10861a5cea627936c56693550345b9a8"
      ],
      "author": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Mon Mar 26 16:43:14 2018 +0100"
      },
      "committer": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Thu Mar 29 10:58:20 2018 +0100"
      },
      "message": "Utilize verbose KeyChain errors\n\nAs KeyChain reports detailed error codes about failure to generate keys\nor attestation records for them, log these detailed errors and throw an\nexception if the hardware does not support Device ID attestation.\n\nBug: 72642093\nBug: 73448533\nTest: cts-tradefed run commandAndExit  cts-dev -s 127.0.0.1:50487 -a x86_64 -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.DeviceOwnerTest#testKeyManagement -l DEBUG\nChange-Id: Ib12efcf48c158373e1fc28cc51d67e70282d029e\n"
    },
    {
      "commit": "36716eb4709503f2ef370c6f67273440cd91d18c",
      "tree": "26dd3eedac52c5fdcb27fda06bb8180eeacf4232",
      "parents": [
        "ff23ffa8ff352b9c7178d19779783d7c231fabda"
      ],
      "author": {
        "name": "Brian Young",
        "email": "bcyoung@google.com",
        "time": "Fri Feb 23 18:04:20 2018 +0000"
      },
      "committer": {
        "name": "Brian C. Young",
        "email": "bcyoung@google.com",
        "time": "Wed Mar 28 08:38:56 2018 -0700"
      },
      "message": "Add \"Unlocked device required\" key API\n\nThis adds the API methods and values for keyguard-bound keys, but\ncontains none of the actual functionality.\n\nTest: CTS tests in CtsKeystoreTestCases\n\nBug: 67752510\n\nMerged-In: Iccd7dafd77258d903d11353e02ba3ab956050c40\nChange-Id: Iccd7dafd77258d903d11353e02ba3ab956050c40\n(cherry picked from commit fd75c7232aebc8690f004de3486b3b9a44f3e0b0)\n"
    },
    {
      "commit": "56e9c026b33da783088c10a3d1162076a8e25cb6",
      "tree": "36bd56d58d0890d16be28c3877d59b40f78357b8",
      "parents": [
        "cdaba41a6f36262ae37b3425b8da981d2266345b",
        "5437b81696e19e40be3f6f9cc95b8ef14fa93ae3"
      ],
      "author": {
        "name": "TreeHugger Robot",
        "email": "treehugger-gerrit@google.com",
        "time": "Tue Mar 27 22:13:37 2018 +0000"
      },
      "committer": {
        "name": "Android (Google) Code Review",
        "email": "android-gerrit@google.com",
        "time": "Tue Mar 27 22:13:37 2018 +0000"
      },
      "message": "Merge \"Refactor AddUserAuthArgs for extensibility\" into pi-dev"
    },
    {
      "commit": "4b4a0539b662695570d7d1ddbf96db93fc987e8d",
      "tree": "597ff21c0806a55348875361c42ec2bdc4614734",
      "parents": [
        "9cd3e43d86ea00fb93ef7561bb309e3a53f1a582"
      ],
      "author": {
        "name": "Dmitry Dementyev",
        "email": "dementyev@google.com",
        "time": "Fri Mar 23 17:46:52 2018 -0700"
      },
      "committer": {
        "name": "Dmitry Dementyev",
        "email": "dementyev@google.com",
        "time": "Fri Mar 23 17:46:52 2018 -0700"
      },
      "message": "Add missing @NonNull annotation to AndroidKeyStoreProvider method.\n\nBug: 73959762\nTest: none\nChange-Id: I2298c8fe0893032f374629a5af128474ba0f679c\n"
    },
    {
      "commit": "5437b81696e19e40be3f6f9cc95b8ef14fa93ae3",
      "tree": "c3aa310e3b0f093d25b3260d15c456f207d35d58",
      "parents": [
        "6b71daa0c2d9e01fdf3aa8ce09dbd96c4d2ab8ea"
      ],
      "author": {
        "name": "Brian Young",
        "email": "bcyoung@google.com",
        "time": "Fri Feb 23 18:04:20 2018 +0000"
      },
      "committer": {
        "name": "Brian C. Young",
        "email": "bcyoung@google.com",
        "time": "Thu Mar 22 16:10:40 2018 -0700"
      },
      "message": "Refactor AddUserAuthArgs for extensibility\n\nCreate an interface that encapsulates the common arguments to\nAddUserAuthArgs, add that interface to KeyProtection and\nKeyGenParameterSpec, and refactor AddUserAuthArgs to accept an\ninstance of that interface.\n\nTest: CTS Module CtsKeystoreTestCases\n\nBug: 74017618\n\nMerged-In: I591e34e5d08421ea1c022bbb6e955ee3c01eb435\nChange-Id: I591e34e5d08421ea1c022bbb6e955ee3c01eb435\n(cherry picked from commit df16c56fbf05908e03f3a95a8a3d981bbc2fdb91)\n"
    },
    {
      "commit": "ab6ec61251786bf6b4d0407db3bc28aeefcb55db",
      "tree": "fbdb5c5bd38879440eac702018dd53c0ed639541",
      "parents": [
        "58c83fa7c8609059f3d66a5860abb302284c2981"
      ],
      "author": {
        "name": "Anton Hansson",
        "email": "hansson@google.com",
        "time": "Fri Feb 23 12:57:51 2018 +0000"
      },
      "committer": {
        "name": "Anton Hansson",
        "email": "hansson@google.com",
        "time": "Wed Feb 28 15:13:23 2018 +0000"
      },
      "message": "frameworks/base: Set LOCAL_SDK_VERSION where possible.\n\nThis change sets LOCAL_SDK_VERSION for all packages where\nthis is possible without breaking the build, and\nLOCAL_PRIVATE_PLATFORM_APIS :\u003d true otherwise.\n\nSetting one of these two will be made required soon, and this\nis a change in preparation for that. Not setting LOCAL_SDK_VERSION\nmakes the app implicitly depend on the bootclasspath, which is\noften not required. This change effectively makes depending on\nprivate apis opt-in rather than opt-out.\n\nTest: make relevant packages\nBug: 73535841\nChange-Id: I4233b9091d9066c4fa69f3d24aaf367ea500f760\n"
    },
    {
      "commit": "bbb7f65a23937eeeabcc4caac5a3ea53ad836749",
      "tree": "fefa23fa352d64bcfd70e1dc1e69cbadbb6e7bfb",
      "parents": [
        "c5f5ad103fb9416cb63ec9f7c2397bb343cb2f44"
      ],
      "author": {
        "name": "David Zeuthen",
        "email": "zeuthen@google.com",
        "time": "Mon Feb 26 11:04:18 2018 -0500"
      },
      "committer": {
        "name": "David Zeuthen",
        "email": "zeuthen@google.com",
        "time": "Mon Feb 26 11:08:00 2018 -0500"
      },
      "message": "ConfirmationDialog: Pass accessibility options and implement isSupported().\n\nBug: 63928580\nTest: Manually tested.\nChange-Id: I6a06d10a4cb924c3e57c8e212ba4626cad00f4a1\n"
    },
    {
      "commit": "da82e2cb7193032867f86b996467bcd117545616",
      "tree": "7585d5778078b208575e2a535454946794490cb9",
      "parents": [
        "efc3f16be7870c84227b79f73f0ad7cab72a260f"
      ],
      "author": {
        "name": "Brian Young",
        "email": "bcyoung@google.com",
        "time": "Thu Feb 22 23:36:34 2018 +0000"
      },
      "committer": {
        "name": "Brian Young",
        "email": "bcyoung@google.com",
        "time": "Fri Feb 23 01:31:49 2018 +0000"
      },
      "message": "Revert \"Add \"Unlocked device required\" parameter to keys\"\n\nThis reverts commit efc3f16be7870c84227b79f73f0ad7cab72a260f.\n\nReason for revert: Regression in creating auth-bound keys\n\nBug: 73773914\n\nBug: 67752510\n\nChange-Id: Ic3886ceb3c3c0c4274682ed9f5f2bfbf8fdd71b9\n"
    },
    {
      "commit": "efc3f16be7870c84227b79f73f0ad7cab72a260f",
      "tree": "9bc781e0e7caf005e6037866954262fbb6f3152d",
      "parents": [
        "5f76688c5a8eefd16bc51569263667e7f403f242"
      ],
      "author": {
        "name": "Brian C. Young",
        "email": "bcyoung@google.com",
        "time": "Thu Nov 16 15:36:43 2017 -0800"
      },
      "committer": {
        "name": "Brian C. Young",
        "email": "bcyoung@google.com",
        "time": "Wed Feb 14 12:19:13 2018 -0800"
      },
      "message": "Add \"Unlocked device required\" parameter to keys\n\nAdd a keymaster parameter for keys that should be inaccessible when\nthe device screen is locked. \"Locked\" here is a state where the device\ncan be used or accessed without any further trust factor such as a\nPIN, password, fingerprint, or trusted face or voice.\n\nThis parameter is added to the Java keystore interface for key\ncreation and import, as well as enums specified by and for the native\nkeystore process.\n\nTest: CTS tests in I8a5affd1eaed176756175158e3057e44934fffed\n\nBug: 67752510\n\nChange-Id: I314b848f6971d1849a7a6347d52e41d9604639ae\n"
    },
    {
      "commit": "a8e8b659d0a872c9221e70b94c094cb6bff0508a",
      "tree": "82e4bab84a85a3cb6153fe3512b185b2f4b603be",
      "parents": [
        "f100eea32f6ca4cfb858a53820a0b93f91b24942"
      ],
      "author": {
        "name": "David Zeuthen",
        "email": "zeuthen@google.com",
        "time": "Wed Oct 25 14:25:55 2017 -0400"
      },
      "committer": {
        "name": "David Zeuthen",
        "email": "zeuthen@google.com",
        "time": "Tue Jan 30 17:33:21 2018 -0500"
      },
      "message": "Add Confirmation API.\n\nThis CL adds new Framework APIs that can be used for the secure\nconfirmations. This includes support for configuring a key such that\nit can only sign data returned by the confirmation APIs.\n\nBug: 63928580\nTest: Manually tested.\nChange-Id: I94c1fc532376bd555b3dc37fc4709469450cfde6\n"
    },
    {
      "commit": "3a28570b285d9248206fc0ab8b30e3b2a51ae5b3",
      "tree": "9d63c735395cb8389297c8f41bcc400d92be7fc8",
      "parents": [
        "55fff3a89d96d0d0f8b8cb161bb0dda170c21ccb"
      ],
      "author": {
        "name": "Brian Young",
        "email": "bcyoung@google.com",
        "time": "Mon Jan 29 23:56:59 2018 +0000"
      },
      "committer": {
        "name": "Ian Pedowitz",
        "email": "ijpedowitz@google.com",
        "time": "Tue Jan 30 15:31:42 2018 +0000"
      },
      "message": "Revert \"Add \"Unlocked device required\" parameter to keys\"\n\nThis reverts commit 55fff3a89d96d0d0f8b8cb161bb0dda170c21ccb.\n\nReason for revert: Build breakages on elfin, gce_x86_phone.\n\nBug: 67752510\n\nBug: 72679761\nChange-Id: Ia495e9cb158b64fcf015e37b170554a7ed6810a7\n"
    },
    {
      "commit": "55fff3a89d96d0d0f8b8cb161bb0dda170c21ccb",
      "tree": "dbe7cbcb2d2af17be47e8f4dd69a07a672b456c1",
      "parents": [
        "e2975162dca148be4be46b5bfbacdce7c74513ee"
      ],
      "author": {
        "name": "Brian C. Young",
        "email": "bcyoung@google.com",
        "time": "Thu Nov 16 15:36:43 2017 -0800"
      },
      "committer": {
        "name": "Brian C. Young",
        "email": "bcyoung@google.com",
        "time": "Mon Jan 29 10:16:02 2018 -0800"
      },
      "message": "Add \"Unlocked device required\" parameter to keys\n\nAdd a keymaster parameter for keys that should be inaccessible when\nthe device screen is locked. \"Locked\" here is a state where the device\ncan be used or accessed without any further trust factor such as a\nPIN, password, fingerprint, or trusted face or voice.\n\nThis parameter is added to the Java keystore interface for key\ncreation and import, as well as enums specified by and for the native\nkeystore process.\n\nTest: go/asym-write-test-plan\n\nBug: 67752510\n\nChange-Id: I8b88ff8fceeafe14e7613776c9cf5427752d9172\n"
    },
    {
      "commit": "4dadff8be0d8aebe41822eb2daeaaacd72631865",
      "tree": "96007a29171585eb80e70ae0da43c88c91f1b721",
      "parents": [
        "7f1e49f2ff6b97a85dca041a72398d4a56149787",
        "7dacad8dc88c820cc750495017c11e322ac7309f"
      ],
      "author": {
        "name": "TreeHugger Robot",
        "email": "treehugger-gerrit@google.com",
        "time": "Thu Jan 25 17:31:38 2018 +0000"
      },
      "committer": {
        "name": "Android (Google) Code Review",
        "email": "android-gerrit@google.com",
        "time": "Thu Jan 25 17:31:38 2018 +0000"
      },
      "message": "Merge \"Add confirmation UI protocol to Keystore AIDL definition\""
    },
    {
      "commit": "7f1e49f2ff6b97a85dca041a72398d4a56149787",
      "tree": "fda5bc4917b7555423ecebaa493bc83c76eeaccb",
      "parents": [
        "0ad372a7e40cb18115b881175430ce7c3cdc65d0",
        "ea5e038bc11f234553043c24b10134406444f601"
      ],
      "author": {
        "name": "TreeHugger Robot",
        "email": "treehugger-gerrit@google.com",
        "time": "Thu Jan 25 17:24:17 2018 +0000"
      },
      "committer": {
        "name": "Android (Google) Code Review",
        "email": "android-gerrit@google.com",
        "time": "Thu Jan 25 17:24:17 2018 +0000"
      },
      "message": "Merge \"Generating StrongBox backed keys\""
    },
    {
      "commit": "fcd05a94ef0642857abcd0e7746c40d601a787e7",
      "tree": "da7f18190651f370d8277a8d44672b13052fc775",
      "parents": [
        "5e24057999b51f13d868dbe46f74701cb403697e"
      ],
      "author": {
        "name": "Allen Webb",
        "email": "allenwebb@google.com",
        "time": "Thu Jan 18 08:34:45 2018 -0800"
      },
      "committer": {
        "name": "nagendra modadugu",
        "email": "ngm@google.com",
        "time": "Wed Jan 24 23:06:35 2018 -0800"
      },
      "message": "keystore: Add Trusted User Presence (TUP) APIs.\n\nTest: m -j KeystoreTests \u0026\u0026 adb install -r\nout/target/product/crosshatch/data/app/KeystoreTests/KeystoreTests.apk\n    adb shell am instrument\n    \u0027android.security.tests/android.support.test.runner.AndroidJUnitRunner\u0027\nBug: 72476834\n\nChange-Id: I61ee4326a5e31f1cefacd47470b53634fa94c2ef\n"
    },
    {
      "commit": "ea5e038bc11f234553043c24b10134406444f601",
      "tree": "e9d39663dacbcc531cea1b3bd2ff5aebf049ed9f",
      "parents": [
        "f88fdc995fbd23ecc3e9b6b8a94186cd96969085"
      ],
      "author": {
        "name": "Frank Salim",
        "email": "franksalim@google.com",
        "time": "Tue Jan 23 22:42:29 2018 -0800"
      },
      "committer": {
        "name": "Frank Salim",
        "email": "franksalim@google.com",
        "time": "Wed Jan 24 23:45:54 2018 +0000"
      },
      "message": "Generating StrongBox backed keys\n\n•Add FLAG_STRONGBOX when the generator spec requires it.\n•Throw StrongBoxUnavailableException when the request\nfails due to HARDWARE_UNAVAILABLE.\n•Add PackageManager.FEATURE_STRONGBOX_KEYSTORE\n\nTest: KeyStore CTS tests under development on an emulator\nBug: 63931634\nChange-Id: I42d32b22981e43e504d30e5657d21ac555c71ebe\n"
    },
    {
      "commit": "7dacad8dc88c820cc750495017c11e322ac7309f",
      "tree": "95e5a4a87059b23d8032eb226081b54955af3355",
      "parents": [
        "f88fdc995fbd23ecc3e9b6b8a94186cd96969085"
      ],
      "author": {
        "name": "Janis Danisevskis",
        "email": "jdanis@google.com",
        "time": "Wed Jan 24 15:12:11 2018 -0800"
      },
      "committer": {
        "name": "Janis Danisevskis",
        "email": "jdanis@google.com",
        "time": "Wed Jan 24 15:45:08 2018 -0800"
      },
      "message": "Add confirmation UI protocol to Keystore AIDL definition\n\nTest: Manually tested\nBug: 63928580\nChange-Id: Ief1cdb9a64737d5aac08aa1c48ff60c34218d5ba\n"
    },
    {
      "commit": "21d9c1d44a4a5e788d2a84e65b8509cb04c6d432",
      "tree": "4fb6b51bc7475147c63b5d6a41a3f6ae193e7a7e",
      "parents": [
        "504039b1d36075f03f2923a457b03694380c529f"
      ],
      "author": {
        "name": "Frank Salim",
        "email": "franksalim@google.com",
        "time": "Tue Dec 19 22:38:09 2017 -0800"
      },
      "committer": {
        "name": "Frank Salim",
        "email": "franksalim@google.com",
        "time": "Tue Jan 23 00:29:11 2018 -0800"
      },
      "message": "Keystore APIs for Import Wrapped Key, Strongbox, 3DES\n\nImport Wrapped Key:\nApplications can import keys in a wrapped, encrypted format. Wrapped keys are\nunwrapped inside of a Keymaster device.\n\nStrongbox:\nApplications can import and generate keys in secure hardware.\n\n3DES:\nAdd KeyProperties and KeymasterDefs\nAdd AndroidKeyStore3DESCipherSpi and provider registrations\n\nBug: 63931634\nTest: Keystore CTS tests in progress\n\nChange-Id: I80b6db865b517fa108f14aced7402336212c441b\n"
    },
    {
      "commit": "eab62566ef5caff37098f034db46b39f0e06317a",
      "tree": "428368182f2359cfa84afc774f5624de8cdad141",
      "parents": [
        "2bb444136a10731f73fe7e7052a0fcbec0472262"
      ],
      "author": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Tue Jan 16 16:33:22 2018 +0000"
      },
      "committer": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Tue Jan 16 16:33:22 2018 +0000"
      },
      "message": "KeyStore: Remove duplicate method\n\nRemove the duplicate() method from KeyStore.\nIt is backed by dead code in the Keystore service, which (as far as I\ncan tell) is not doing the right thing.\n\nPrevious conversations with Keystore team members suggested this API\nshould not be used and it is marked for removal in the Keystore service.\n\nBug: 72037261\nTest: That it compiles.\nChange-Id: I7f8af95473c876340cbd5c73dd88c5d0282897b3\n"
    },
    {
      "commit": "94d56761249a8e8c073867c17bba59b4a898f113",
      "tree": "a5d48db4ef71a6e105810d282ea3c8af32e42697",
      "parents": [
        "ea713a3882d11675ca067ad63ab01a664d012f3b"
      ],
      "author": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Thu Dec 21 20:50:54 2017 +0000"
      },
      "committer": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Tue Jan 02 23:36:15 2018 +0000"
      },
      "message": "DPM: Implement Device ID attestation\n\nEnable requesting inclusion of device identifiers in the attestation\nrecord issued for keys generated by generateKeyPair.\nThis is done by passing an array of flags with values indicating which\nidentifiers should be included.\nSince the attestation record will include sensitive identifiers, it can\nonly be requested by the DPC in Device Owner mode or by the Delegated\nCert Installer in Device Owner mode.\n\nDesign note:\nDevicePolicyManager defines its own set of constants for the different\nidentifier types (ID_TYPE_*) and prior to calling\nDevicePolicyManagerService it translates them to the values defined by\nAttestationUtils (which is not a public class).\nThe reason is to allow re-use of code in AttestationUtils for preparing\nthe attestation arguments.\nIn theory, these constants could be moved from AttestationUtils to\nDevicePolicyManager, however that would create a dependency on DPM from\nKeystore, which logically does not make sense as Keystore is independent\nof the DPM (and in a lower level of the system, conceptually).\n\nBug: 63388672\nTest: cts-tradefed run commandAndExit cts-dev -a armeabi-v7a -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.DeviceOwnerTest#testKeyManagement; runtest frameworks-services -c com.android.server.devicepolicy.DevicePolicyManagerTest#testTranslationOfIdAttestationFlag\nChange-Id: Ifb42e8e813fa812a08203b4a81d15b1f91152354\n"
    },
    {
      "commit": "7b27036950574a51edd6ade7b3c8d82b950b857a",
      "tree": "4f54b9dab58679d803a9f575be246183efb3ae36",
      "parents": [
        "43fce46bcd2f77cbcf53fcb8d64d16b3eb92da2a",
        "03dd82792e41ed76602ca5f2ea32446da741c737"
      ],
      "author": {
        "name": "TreeHugger Robot",
        "email": "treehugger-gerrit@google.com",
        "time": "Thu Dec 28 02:16:55 2017 +0000"
      },
      "committer": {
        "name": "Android (Google) Code Review",
        "email": "android-gerrit@google.com",
        "time": "Thu Dec 28 02:16:55 2017 +0000"
      },
      "message": "Merge changes from topics \"wrapped_key_import\", \"keystore_seclevels\"\n\n* changes:\n  Add importWrappedKey to IKeystoreService.aidl\n  Keystore: Use security levels\n"
    },
    {
      "commit": "0aadf935cbaa0a0f3b1570e162790fd04cbef530",
      "tree": "a59e946d1a27852741295fd14961e204377840f3",
      "parents": [
        "39b4499d943d2a078b7c7ca2936908d7aac719d1"
      ],
      "author": {
        "name": "Janis Danisevskis",
        "email": "jdanis@google.com",
        "time": "Mon Dec 18 17:28:52 2017 -0800"
      },
      "committer": {
        "name": "Janis Danisevskis",
        "email": "jdanis@google.com",
        "time": "Fri Dec 22 00:02:39 2017 +0000"
      },
      "message": "Keystore: Use security levels\n\nIn anticipation of the availability of Keymaster implementations with\nmultiple security levels this patch adds the additional\nkeystore flags FLAG_SOFTWARE and FLAG_STROGBOX.\n\nAlso, the IKeystore method addRngEntropy got a new flags parameter\nfor the caller to express which implementation shall be awarded the\nprecious entropy.\n\nTest: Keystore CTS tests\nBug: 63931634\nChange-Id: I4a4eafbdbe1290f0c7bd2bfa2ce3e5fbb06c2dd8\n"
    },
    {
      "commit": "ecf0f22e5831832afb48c86abfaa81234c8db619",
      "tree": "06616aa20a0ffe77805d314c2b24bae9a3866534",
      "parents": [
        "171fec8c356ffa8cd4837092fce3b5cd5e2712fe"
      ],
      "author": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Mon Dec 11 12:32:13 2017 +0000"
      },
      "committer": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Mon Dec 18 13:26:01 2017 +0000"
      },
      "message": "DPM: Implement installing certificates for generated keys\n\nAdd a new method in the DevicePolicyManager to associate certificates (and\nset the user-visibility) with a given key alias.\nConceptually, the new method, setKeyPairCertificate is very similar to\ninstallKeyPair, except it does not install a key, only certificates.\n\n(The new setKeyPairCertificate, together with generateKeyPair is\nfunctionally equivalent to installKeyPair, except the keys are generated\nin hardware rather than supplied externally).\n\nBug: 63388672\nTest: cts-tradefed run commandAndExit cts-dev -a armeabi-v7a -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.DeviceOwnerTest#testKeyManagement -l DEBUG\nChange-Id: Idbfe151f6e5311766decbc1a010bff78dc60249f\n"
    },
    {
      "commit": "39b4499d943d2a078b7c7ca2936908d7aac719d1",
      "tree": "d6740506d01771f9d169666d48aba5359129d1cd",
      "parents": [
        "cc1b3e0e89c738503f99a4fe23de1712425c67e4",
        "64338c0e4d0ec64c55abc34c0559d94ee352723c"
      ],
      "author": {
        "name": "Janis Danisevskis",
        "email": "jdanis@google.com",
        "time": "Fri Dec 15 23:48:55 2017 +0000"
      },
      "committer": {
        "name": "Android (Google) Code Review",
        "email": "android-gerrit@google.com",
        "time": "Fri Dec 15 23:48:55 2017 +0000"
      },
      "message": "Merge \"Consolidate Keystore alias prefixes.\""
    },
    {
      "commit": "64338c0e4d0ec64c55abc34c0559d94ee352723c",
      "tree": "ca55c1153ac4e02df80af05dcf7fc2581f193e88",
      "parents": [
        "bb91f5fe94188de451726dd83cdaffd5944f5108"
      ],
      "author": {
        "name": "Janis Danisevskis",
        "email": "jdanis@google.com",
        "time": "Wed Apr 19 09:17:17 2017 -0700"
      },
      "committer": {
        "name": "Janis Danisevskis",
        "email": "jdanis@google.com",
        "time": "Fri Dec 15 00:14:40 2017 +0000"
      },
      "message": "Consolidate Keystore alias prefixes.\n\nCurrently, the keystore SPI assigns different prefixes to user key\nentries depending on the algorithm. Symmetric keys (secret keys) get\nthe prefix USERSKEY_ and asymmetric keys (private keys) get the\nprefix USERPKEY_. This distinction is superfluous, as the information\ncan always be retrieved from the key characteristics. Also moving\nforward it is desirable to be able to import keys the nature\nof which is not known a priori. In these cases the prefix cannot be\nchosen meaningfully.\n\nThis patch deprecates one of the prefixes (i.e. USERSKEY_) and uses\nthe other for both types of keys. Legacy keys with the old prefix\ncan still be used, but all new keys will have the prefix USERPKEY_.\n\nBug: 63931634\nTest: CTS test and Manual upgrade test with KeyStoreTool app\n      Also performed upgrade test with device PIN set\nChange-Id: I5b4bb0b0d2b82c276659d55b862150326bb68d5d\n"
    },
    {
      "commit": "a173064047d304837d907b9b39ece5c14adf2b25",
      "tree": "6b8716f7f503e84cb257b3154bf5cdded48e43f9",
      "parents": [
        "7d6688f35e37a96579db8ae2342eda3239a92c3c"
      ],
      "author": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Mon Dec 11 17:48:47 2017 +0000"
      },
      "committer": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Thu Dec 14 18:09:05 2017 +0000"
      },
      "message": "DevicePolicyManager: Support attestation for generated keys.\n\nIf the KeyGenParameterSpec passed into\nDevicePolicyManager.generateKeyPair contains an attestation challenge,\nrequest an attestation record for the newly-generated key with the\nchallenge provided.\n\nThis particular implementation was chosen, rather than letting the\nattestation record be generated at the same time as key generation, to\navoid having the attestation chain stored in Keystore and associated\nwith the generated alias.\n\nThe rationale is that this is a key that is potentially accessible by\nmultiple applications and the attestation chain may end up being sent\nas a TLS client certificate chain, for example.\n\nAs the attestation challenge should be unique per device, to avoid\nthe potential of sending / sharing unique device information, by\nexplicitly requesting an attestation record after key generation, the\nattestation record is only returned to the generateKeyPair client and\nnot persistend in Keystore.\n\nBug: 63388672\nTest: New CTS test to be run with: \u0027cts-tradefed run commandAndExit cts-dev -a armeabi-v7a -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.DeviceOwnerTest#testKeyManagement -l DEBUG\u0027\nChange-Id: I95a9aef179173b571b533301ac438c675e8fe702\n"
    },
    {
      "commit": "27674aedc0c2fe6f013ea0d6722bdb0d17fc7c57",
      "tree": "746a77641c8f5a615b8415b3e55f87d897b557a7",
      "parents": [
        "e5634eeba63e975f8d69f7673596a5dc59908438",
        "5db9a911354271abdc13a2a645d0de7d2619010e"
      ],
      "author": {
        "name": "Jeff Sharkey",
        "email": "jsharkey@google.com",
        "time": "Mon Dec 11 16:47:13 2017 +0000"
      },
      "committer": {
        "name": "Android (Google) Code Review",
        "email": "android-gerrit@google.com",
        "time": "Mon Dec 11 16:47:13 2017 +0000"
      },
      "message": "Merge \"Add auto-doc support for @StringDef.\""
    },
    {
      "commit": "47670548e07140f3308c2aa4741b1bbf4f25d7bc",
      "tree": "eff6958afdadc70e5a27b06f6a0f8f9593f06bc2",
      "parents": [
        "b8f2728a787db8dc551345b464705f049d970502"
      ],
      "author": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Sat Dec 09 21:25:04 2017 +0000"
      },
      "committer": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Mon Dec 11 12:28:13 2017 +0000"
      },
      "message": "Keystore: Fix KeyGenParameterSpec parceling\n\nFix the way KeyGenParameterSpec is parceled, by correctly handling\ndefault and null values for some of the fields.\n\nA recent CL added the ability to parcel/unparcel KeyGenParameterSpec (by\na separate class).\nDue to refactoring late in the CL review cycle, the parceling code did\nnot take into account a few edge cases.\n\nUnit tests:\nm -j KeystoreTests \u0026\u0026 adb install -r out/target/product/marlin/data/app/KeystoreTests/KeystoreTests.apk\nadb shell am instrument \u0027android.security.tests/android.support.test.runner.AndroidJUnitRunner\u0027\n\nCTS tests:\ncts-tradefed run commandAndExit cts-dev -a armeabi-v7a -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.DeviceOwnerTest#testKeyManagement -l DEBUG\n\nBug: 69337278\nTest: Keystore unit tets (see instructions above) and cts Key Management test.\nChange-Id: Ie08f42b07fb55b6fa1d8fb73c89d69687c97e214\n"
    },
    {
      "commit": "5db9a911354271abdc13a2a645d0de7d2619010e",
      "tree": "cca7ffd53bc9355afa36e96124912a7af62fd90e",
      "parents": [
        "6e15c2a89ae9733d2552d9d0a20504a4bdf69c29"
      ],
      "author": {
        "name": "Jeff Sharkey",
        "email": "jsharkey@android.com",
        "time": "Fri Dec 08 17:32:32 2017 -0700"
      },
      "committer": {
        "name": "Jeff Sharkey",
        "email": "jsharkey@android.com",
        "time": "Fri Dec 08 17:33:40 2017 -0700"
      },
      "message": "Add auto-doc support for @StringDef.\n\nBehaves pretty much the same as @IntDef, but now supports \"suffix\"\nin addition to \"prefix\" when matching constants.\n\nTest: manual docs output looks sane\nBug: 70406696\nChange-Id: I35064b0f9f36f1f13ccdb40302d818a004014f15\n"
    },
    {
      "commit": "b866307f99c35252dcb76e9269bb57d97c3c4b86",
      "tree": "ce8d4edc1cf2edbc48029214dfbde2213a3d9466",
      "parents": [
        "9d25218985ba8ea944b4a51d194744b5a85a1105"
      ],
      "author": {
        "name": "Paul Duffin",
        "email": "paulduffin@google.com",
        "time": "Fri Dec 08 00:02:42 2017 +0000"
      },
      "committer": {
        "name": "Paul Duffin",
        "email": "paulduffin@google.com",
        "time": "Fri Dec 08 00:07:17 2017 +0000"
      },
      "message": "Stop statically including legacy-android-test\n\nStatically including legacy-android-test leads to duplicate classes\nwhich causes build time problems (with Proguard) and runtime problems on\nolder SDK versions. This change:\n* Stops statically including legacy-android-test.\n* Adds compile time dependencies on andoid.test.base, android.test.mock\n  and android.test.runner where necessary.\n* Adds \u003cuses-library android:name\u003d\"android.test.runner\"/\u003e to any\n  affected package to ensure that the classes that were included by\n  legacy-android-test are still available at runtime. That also adds a\n  dependency on android.test.base and android.test.mock.\n\nThe following change descriptions were generated automatically and so\nmay be a little repetitive. They are provided to give the reviewer\nenough information to check the comments match what has actually been\nchanged and check the reasoning behind the changes.\n\n* apct-tests/perftests/core/Android.mk\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in CorePerfTests results\n    in duplicate classes which leads to build time and compile time\n    issues.\n\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    CorePerfTests\u0027s source depends on its classes and because of these\n    changes they are no longer present on the compilation path.\n\n* core/tests/ConnectivityManagerTest/Android.mk\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    ConnectivityManagerTest\u0027s source depends on its classes and because\n    of these changes they are no longer present on the compilation\n    path.\n\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in ConnectivityManagerTest\n    results in duplicate classes which leads to build time and compile\n    time issues.\n\n* core/tests/bandwidthtests/Android.mk\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    BandwidthTests\u0027s source depends on its classes and because of these\n    changes they are no longer present on the compilation path.\n\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in BandwidthTests results\n    in duplicate classes which leads to build time and compile time\n    issues.\n\n* core/tests/bluetoothtests/Android.mk\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    BluetoothTests\u0027s source depends on its classes and because of these\n    changes they are no longer present on the compilation path.\n\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in BluetoothTests results\n    in duplicate classes which leads to build time and compile time\n    issues.\n\n* core/tests/hosttests/test-apps/DownloadManagerTestApp/Android.mk\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in DownloadManagerTestApp\n    results in duplicate classes which leads to build time and compile\n    time issues.\n\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    DownloadManagerTestApp\u0027s source depends on its classes and because\n    of these changes they are no longer present on the compilation\n    path.\n\n* core/tests/hosttests/test-apps/ExternalSharedPerms/Android.mk\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in\n    ExternalSharedPermsTestApp results in duplicate classes which leads\n    to build time and compile time issues.\n\n* core/tests/hosttests/test-apps/ExternalSharedPermsBT/Android.mk\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in\n    ExternalSharedPermsBTTestApp results in duplicate classes which\n    leads to build time and compile time issues.\n\n* core/tests/hosttests/test-apps/ExternalSharedPermsDiffKey/Android.mk\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in\n    ExternalSharedPermsDiffKeyTestApp results in duplicate classes\n    which leads to build time and compile time issues.\n\n* core/tests/hosttests/test-apps/ExternalSharedPermsFL/Android.mk\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in\n    ExternalSharedPermsFLTestApp results in duplicate classes which\n    leads to build time and compile time issues.\n\n* core/tests/notificationtests/Android.mk\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    NotificationStressTests\u0027s source depends on its classes and because\n    of these changes they are no longer present on the compilation\n    path.\n\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in NotificationStressTests\n    results in duplicate classes which leads to build time and compile\n    time issues.\n\n* keystore/tests/Android.mk\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in KeystoreTests results\n    in duplicate classes which leads to build time and compile time\n    issues.\n\n* media/mca/tests/Android.mk\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    CameraEffectsTests\u0027s source depends on its classes and because of\n    these changes they are no longer present on the compilation path.\n\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in CameraEffectsTests\n    results in duplicate classes which leads to build time and compile\n    time issues.\n\n* media/tests/MediaFrameworkTest/Android.mk\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    mediaframeworktest\u0027s source depends on its classes and because of\n    these changes they are no longer present on the compilation path.\n\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in mediaframeworktest\n    results in duplicate classes which leads to build time and compile\n    time issues.\n\n* nfc-extras/tests/Android.mk\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in NfcExtrasTests results\n    in duplicate classes which leads to build time and compile time\n    issues.\n\n* packages/CarrierDefaultApp/tests/unit/Android.mk\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    CarrierDefaultAppUnitTests\u0027s source depends on its classes and\n    because of these changes they are no longer present on the\n    compilation path.\n\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in\n    CarrierDefaultAppUnitTests results in duplicate classes which leads\n    to build time and compile time issues.\n\n* packages/ExtServices/tests/Android.mk\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    ExtServicesUnitTests\u0027s source depends on its classes and because of\n    these changes they are no longer present on the compilation path.\n\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in ExtServicesUnitTests\n    results in duplicate classes which leads to build time and compile\n    time issues.\n\n* packages/MtpDocumentsProvider/tests/Android.mk\n    Added \u0027android.test.base\u0027 and \u0027android.test.mock\u0027 to\n    LOCAL_JAVA_LIBRARIES because MtpDocumentsProviderTests\u0027s source\n    depends on their classes and because of these changes they are no\n    longer present on the compilation path.\n\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in\n    MtpDocumentsProviderTests results in duplicate classes which leads\n    to build time and compile time issues.\n\n* packages/SettingsLib/tests/integ/Android.mk\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    SettingsLibTests\u0027s source depends on its classes and because of\n    these changes they are no longer present on the compilation path.\n\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in SettingsLibTests\n    results in duplicate classes which leads to build time and compile\n    time issues.\n\n* packages/SettingsProvider/Android.mk\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in SettingsProvider\n    results in duplicate classes which leads to build time and compile\n    time issues.\n\n* packages/SettingsProvider/AndroidManifest.xml\n    Add uses-library for android.test.runner because otherwise this\n    change would change the set of files available to SettingsProvider\n    at runtime.\n\n* packages/Shell/tests/Android.mk\n    Added \u0027android.test.base\u0027 and \u0027android.test.mock\u0027 to\n    LOCAL_JAVA_LIBRARIES because ShellTests\u0027s source depends on their\n    classes and because of these changes they are no longer present on\n    the compilation path.\n\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in ShellTests results in\n    duplicate classes which leads to build time and compile time\n    issues.\n\n* packages/SystemUI/shared/tests/Android.mk\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in SystemUISharedLibTests\n    results in duplicate classes which leads to build time and compile\n    time issues.\n\n* packages/SystemUI/tests/Android.mk\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in SystemUITests results\n    in duplicate classes which leads to build time and compile time\n    issues.\n\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    SystemUITests\u0027s source depends on its classes and because of these\n    changes they are no longer present on the compilation path.\n\n* packages/WAPPushManager/tests/Android.mk\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    WAPPushManagerTests\u0027s source depends on its classes and because of\n    these changes they are no longer present on the compilation path.\n\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in WAPPushManagerTests\n    results in duplicate classes which leads to build time and compile\n    time issues.\n\n* sax/tests/saxtests/Android.mk\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    FrameworksSaxTests\u0027s source depends on its classes and because of\n    these changes they are no longer present on the compilation path.\n\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in FrameworksSaxTests\n    results in duplicate classes which leads to build time and compile\n    time issues.\n\n* tests/BrowserPowerTest/Android.mk\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    BrowserPowerTests\u0027s source depends on its classes and because of\n    these changes they are no longer present on the compilation path.\n\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in BrowserPowerTests\n    results in duplicate classes which leads to build time and compile\n    time issues.\n\n* tests/CanvasCompare/Android.mk\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    CanvasCompare\u0027s source depends on its classes and because of these\n    changes they are no longer present on the compilation path.\n\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in CanvasCompare results\n    in duplicate classes which leads to build time and compile time\n    issues.\n\n* tests/CoreTests/android/Android.mk\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    CoreTests\u0027s source depends on its classes and because of these\n    changes they are no longer present on the compilation path.\n\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in CoreTests results in\n    duplicate classes which leads to build time and compile time\n    issues.\n\n* tests/DataIdleTest/Android.mk\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    DataIdleTest\u0027s source depends on its classes and because of these\n    changes they are no longer present on the compilation path.\n\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in DataIdleTest results in\n    duplicate classes which leads to build time and compile time\n    issues.\n\n* tests/FrameworkPerf/Android.mk\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    FrameworkPerf\u0027s source depends on its classes and because of these\n    changes they are no longer present on the compilation path.\n\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in FrameworkPerf results\n    in duplicate classes which leads to build time and compile time\n    issues.\n\n* tests/HierarchyViewerTest/Android.mk\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    HierarchyViewerTest\u0027s source depends on its classes and because of\n    these changes they are no longer present on the compilation path.\n\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in HierarchyViewerTest\n    results in duplicate classes which leads to build time and compile\n    time issues.\n\n* tests/ImfTest/tests/Android.mk\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    ImfTestTests\u0027s source depends on its classes and because of these\n    changes they are no longer present on the compilation path.\n\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in ImfTestTests results in\n    duplicate classes which leads to build time and compile time\n    issues.\n\n* tests/Internal/Android.mk\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in InternalTests results\n    in duplicate classes which leads to build time and compile time\n    issues.\n\n* tests/MemoryUsage/Android.mk\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    MemoryUsage\u0027s source depends on its classes and because of these\n    changes they are no longer present on the compilation path.\n\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in MemoryUsage results in\n    duplicate classes which leads to build time and compile time\n    issues.\n\n* tests/NetworkSecurityConfigTest/Android.mk\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    NetworkSecurityConfigTests\u0027s source depends on its classes and\n    because of these changes they are no longer present on the\n    compilation path.\n\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in\n    NetworkSecurityConfigTests results in duplicate classes which leads\n    to build time and compile time issues.\n\n* tests/SoundTriggerTests/Android.mk\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in SoundTriggerTests\n    results in duplicate classes which leads to build time and compile\n    time issues.\n\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    SoundTriggerTests\u0027s source depends on its classes and because of\n    these changes they are no longer present on the compilation path.\n\n* tests/SurfaceComposition/Android.mk\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in SurfaceComposition\n    results in duplicate classes which leads to build time and compile\n    time issues.\n\n    Added \u0027android.test.runner.stubs\u0027 to LOCAL_JAVA_LIBRARIES because\n    SurfaceComposition\u0027s source depends on its classes and because of\n    these changes they are no longer present on the compilation path.\n\n* tests/TtsTests/Android.mk\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in TtsTests results in\n    duplicate classes which leads to build time and compile time\n    issues.\n\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    TtsTests\u0027s source depends on its classes and because of these\n    changes they are no longer present on the compilation path.\n\n* tests/WindowAnimationJank/Android.mk\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in WindowAnimationJank\n    results in duplicate classes which leads to build time and compile\n    time issues.\n\n* tests/permission/Android.mk\n    Added \u0027android.test.base\u0027 to LOCAL_JAVA_LIBRARIES because\n    FrameworkPermissionTests\u0027s source depends on its classes and\n    because of these changes they are no longer present on the\n    compilation path.\n\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in\n    FrameworkPermissionTests results in duplicate classes which leads\n    to build time and compile time issues.\n\n* tests/testables/tests/Android.mk\n    Removed legacy-android-test from LOCAL_STATIC_JAVA_LIBRARIES\n    because statically including the classes in TestablesTests results\n    in duplicate classes which leads to build time and compile time\n    issues.\n\n    Added \u0027android.test.base\u0027 and \u0027android.test.mock\u0027 to\n    LOCAL_JAVA_LIBRARIES because TestablesTests\u0027s source depends on\n    their classes and because of these changes they are no longer\n    present on the compilation path.\n\nBug: 30188076\nTest: make checkbuild\nChange-Id: Iacfc939c97415314366ed61c5f3b7aa1a40f0ec9\n"
    },
    {
      "commit": "b2795710f33ce03f4106b4bbd3b41faec0c31bad",
      "tree": "020ae2fc5a5d7770f6868df4947dbd9036bffc72",
      "parents": [
        "f20ed0321032d70d715eb1ccdde338689a30c7f1",
        "852c8f121f2e502e1e8503bfc230dccb81b681d4"
      ],
      "author": {
        "name": "TreeHugger Robot",
        "email": "treehugger-gerrit@google.com",
        "time": "Thu Dec 07 18:20:45 2017 +0000"
      },
      "committer": {
        "name": "Android (Google) Code Review",
        "email": "android-gerrit@google.com",
        "time": "Thu Dec 07 18:20:45 2017 +0000"
      },
      "message": "Merge \"DevicePolicyManager: Add key generation functionality.\""
    },
    {
      "commit": "852c8f121f2e502e1e8503bfc230dccb81b681d4",
      "tree": "27c90a754791b77990afbcb369cac3fad401a3bf",
      "parents": [
        "d52efa56adaca0bc70fb72082c7c663adcb669cc"
      ],
      "author": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Wed Nov 15 05:55:52 2017 +0000"
      },
      "committer": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Thu Dec 07 15:12:30 2017 +0000"
      },
      "message": "DevicePolicyManager: Add key generation functionality.\n\nThis is the crux of the Verified Access feature implementation:\nAdding the ability to generate KeyChain keys directly by the\nsecure hardware, rather than installing software-generated keys\ninto KeyChain.\n\nAdd generateKeyPair to the DevicePolicyManager, which delegates key\ngeneration (via the DevicePolicyManagerService) to the KeyChainService.\n\nDesign highlights:\n* The key generation is delegated via the DevicePolicyManagerService to\n  check that only authorized callers request key generation in KeyChain.\n* KeyChainService performs the actual key generation so it owns the key\n  in Keystore outright.\n* DevicePolicyManagerService then grants the calling app access to the\n  Keystore key, so it can actually be used.\n* Loading the public/private key pair, as well as attestation\n  certificate chain, is done in the client code (DevicePolicyManager)\n  to save parceling / unparceling those objects across process\n  boundaries twice (for no good reason).\n\nNOTE: The key attestation functionality (that includes Device ID) is\nmissing/untested. Will be added in a follow-up CL as this one is quite\nbig already.\n\nHIGHLIGHT FOR REVIEWERS:\n* API: New API in DevicePolicyManager.\n\nBug: 63388672\nTest: cts-tradefed run commandAndExit cts-dev -a armeabi-v7a -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.DeviceOwnerTest#testKeyManagement -l DEBUG; adb shell am instrument \u0027android.security.tests/android.support.test.runner.AndroidJUnitRunner\u0027 (After building the KeystoreTests target and installing the apk)\nChange-Id: I73762c9123f32a94d454ba4f8b533883b55c44cc\n"
    },
    {
      "commit": "dcb520b4ed5889281124d3520a1675d0a7418a0a",
      "tree": "550daa9592c6c688bbc2916876f597b8fbb7cf10",
      "parents": [
        "231d50e799108b709d576400419a292908988e37",
        "9271333842c402d8486acfd781a87fac9d3eced9"
      ],
      "author": {
        "name": "Kevin Hufnagle",
        "email": "khufnagle@google.com",
        "time": "Thu Dec 07 05:47:03 2017 +0000"
      },
      "committer": {
        "name": "android-build-merger",
        "email": "android-build-merger@google.com",
        "time": "Thu Dec 07 05:47:03 2017 +0000"
      },
      "message": "Merge \"docs: Fixed key generator initialize method call.\" into oc-mr1-dev am: a1150e90e0\nam: 9271333842\n\nChange-Id: If099ce9dc3a35a1617de54c0187f718a0b391dcc\n"
    },
    {
      "commit": "8cc88984c8e62aba0d79c1b4b0e1c8c506b40df5",
      "tree": "0812746e83d84693f73e5dbdd045947de3d6375b",
      "parents": [
        "b94e697dcff23569f2b2bcc77173bed329a38242"
      ],
      "author": {
        "name": "Kevin Hufnagle",
        "email": "khufnagle@google.com",
        "time": "Wed Nov 29 12:06:52 2017 -0800"
      },
      "committer": {
        "name": "Kevin Hufnagle",
        "email": "khufnagle@google.com",
        "time": "Wed Nov 29 12:06:52 2017 -0800"
      },
      "message": "docs: Fixed key generator initialize method call.\n\nThe guide within the KeyGenParameterSpec class now uses the correct\nmethod (init() instead of initialize()) to initialize the key\ngenerator in the examples that show how to create AES and HMAC keys.\n\nTest: make ds-docs -j8\n\nBug: 69093664\nChange-Id: I6a9cbe6decd895c2505538f6ad4be91cd9133714\n"
    },
    {
      "commit": "23c438d711c15541312dbb5a83548967874f9ccb",
      "tree": "83b5160da7a62def6f3d014964fc53042926d83d",
      "parents": [
        "78252a23d6d38e4b1c938fef3d7b1dc6b7dfbe05"
      ],
      "author": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Thu Nov 23 17:20:52 2017 +0000"
      },
      "committer": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Thu Nov 23 17:59:36 2017 +0000"
      },
      "message": "KeyChain: Provide public \u0026 private keys\n\nIn order for the DevicePolicyManager to provide key generation\nfunctionality, it has to return both the private and public keys\nin form of a KeyPair.\n\nSince the KeyChainService will perform the key generation on behalf\nof the DevicePolicyManager (so that KeyChain will be the owner of\nthe generated keys outright), the DevicePolicyManager needs a way\nto get both the private and public key representations from KeyChain.\n\nA getKeyPair method is added that gets the private and public\nkey pair associated with a given alias from Keystore.\nThe getPrivateKey now delegates to the getKeyPair method and returns\nonly the private key.\n\nTested using existing CTS tests.\n\nBug: 63388672\nTest: cts-tradefed run commandAndExit cts-dev -a armeabi-v7a -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.DeviceOwnerTest#testKeyManagement\nChange-Id: I06b8511acd2049a0053ec8893de6de7429f7c92e\n"
    },
    {
      "commit": "5c0a517dffc67aac4c8b6df1b3324f1ff0311704",
      "tree": "308257396bbcb792a63aae1ecc18a1ab462a9ac0",
      "parents": [
        "a9a65af6ac4414b2df2a17bb2d3d5fb9254450c3",
        "7039f416c3db02bafc43dda0fc6db87b6ace2745"
      ],
      "author": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Tue Nov 14 13:43:03 2017 +0000"
      },
      "committer": {
        "name": "Android (Google) Code Review",
        "email": "android-gerrit@google.com",
        "time": "Tue Nov 14 13:43:03 2017 +0000"
      },
      "message": "Merge \"KeyChain: Adding methods for user-visibility.\""
    },
    {
      "commit": "7039f416c3db02bafc43dda0fc6db87b6ace2745",
      "tree": "e32cadf31e53155c2a3451eaa4c6e549d4681d1e",
      "parents": [
        "2b267dfbe967661879b54c638e1f72ab85c5b2f5"
      ],
      "author": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Wed Nov 08 01:03:30 2017 +0000"
      },
      "committer": {
        "name": "Eran Messeri",
        "email": "eranm@google.com",
        "time": "Thu Nov 09 20:51:35 2017 +0000"
      },
      "message": "KeyChain: Adding methods for user-visibility.\n\nAdd to the KeyChain aidl two methods for getting and setting whether\na key can be selectable by the user or not.\n\nSee\nhttps://googleplex-android-review.git.corp.google.com/#/c/platform/packages/apps/KeyChain/+/3199414/\n\nTest: To be determined.\nBug: 65624467\nChange-Id: Ib31a11ca432a5d29fdb8ed5349598dbff4bcb516\n"
    },
    {
      "commit": "efc4311a3fb84cacc98f0afe669c69f9d5196bd3",
      "tree": "7084786efb494627bfb7446704e49072a62d8b13",
      "parents": [
        "843f07e2d31e64b57357bbfc106b5c3a28315332"
      ],
      "author": {
        "name": "Dmitry Dementyev",
        "email": "dementyev@google.com",
        "time": "Fri Oct 27 23:10:28 2017 -0700"
      },
      "committer": {
        "name": "Dmitry Dementyev",
        "email": "dementyev@google.com",
        "time": "Tue Nov 07 10:21:08 2017 -0800"
      },
      "message": "Get rid of manually created IKeystoreService.\n\nJava/aidl side changes necessary to generate IKeystoreService.cpp\nGenerated C++ service currently doesn\u0027t support null parameters, so lots\nof parameters were updated to pass default value instead of null.\n\nTest: cts-tradefed run cts -m CtsKeystoreTestCases\nBug: 68389643\n\nChange-Id: Ifaf2ab48b2bcd7b081e4b336aa279fa8ba4fbbbf\n"
    },
    {
      "commit": "5596642a1035bcc120071d715336b965a51040fa",
      "tree": "9c16ea5cf15093e46ba18884173de6b5fc664302",
      "parents": [
        "ce7416809a6953ad2d421977de2aae81cc0549f8"
      ],
      "author": {
        "name": "Kevin Chyn",
        "email": "kchyn@google.com",
        "time": "Mon Oct 23 16:08:47 2017 -0700"
      },
      "committer": {
        "name": "Kevin Chyn",
        "email": "kchyn@google.com",
        "time": "Tue Oct 24 02:29:15 2017 +0000"
      },
      "message": "Check FEATURE_FINGERPRINT before trying to getSystemService\n\nFixes: 65838275\n\nTest: Tested on Ryu/Walleye, the stack trace is not seen anymore\nChange-Id: I7b12fdca81d5f2523dea5a981fcf1daa69254eb4\n"
    },
    {
      "commit": "da5dae23f9cd5a2776b7f70a58e234dd8a9fcdf7",
      "tree": "788854828cf3a1b6b9e2c6345c3b882c3589add3",
      "parents": [
        "ec02583438effc8b3559ccdfa6c78a8fe1da6fc4"
      ],
      "author": {
        "name": "Janis Danisevskis",
        "email": "jdanis@google.com",
        "time": "Fri Sep 01 14:45:16 2017 -0700"
      },
      "committer": {
        "name": "Shawn Willden",
        "email": "swillden@google.com",
        "time": "Tue Sep 12 04:13:11 2017 +0000"
      },
      "message": "Fix use of auth-bound keys after screen lock removal\n\nWhen an auth-bound key is used after the screen lock has been removed by\nthe user, KeyStore.begin retruns UNINITIALIZED.\n\nThis patch adds handling for this error code, indicating that the key\nthat was to be used was permanently invalidated.\n\nBug: 65200397\nTest: CtsVerifier ScreenLockBoundKeysTest:\n      1. Run test\n      2. with CtsVerifier in the background remove the screen lock\n         through the settings dialog\n      3. Select VtsVerifier in \u0027recents\u0027\n      4. Run test again\n\nChange-Id: If68ba0eb2f9c04655fe8c9eea28c4491eae8e92f\n(cherry picked from commit d07d3384279c0c07c5c6747ea8d0c5684264c9d0)\n"
    },
    {
      "commit": "d07d3384279c0c07c5c6747ea8d0c5684264c9d0",
      "tree": "a0cac335651521d9d60d6381087fd05c93715b85",
      "parents": [
        "9f5e99159056da901aefc4ac4ff26aa382a23765"
      ],
      "author": {
        "name": "Janis Danisevskis",
        "email": "jdanis@google.com",
        "time": "Fri Sep 01 14:45:16 2017 -0700"
      },
      "committer": {
        "name": "Janis Danisevskis",
        "email": "jdanis@google.com",
        "time": "Fri Sep 01 14:45:16 2017 -0700"
      },
      "message": "Fix use of auth-bound keys after screen lock removal\n\nWhen an auth-bound key is used after the screen lock has been removed by\nthe user, KeyStore.begin retruns UNINITIALIZED.\n\nThis patch adds handling for this error code, indicating that the key\nthat was to be used was permanently invalidated.\n\nBug: 65200397\nTest: CtsVerifier ScreenLockBoundKeysTest:\n      1. Run test\n      2. with CtsVerifier in the background remove the screen lock\n         through the settings dialog\n      3. Select VtsVerifier in \u0027recents\u0027\n      4. Run test again\n\nChange-Id: If68ba0eb2f9c04655fe8c9eea28c4491eae8e92f\n"
    },
    {
      "commit": "520ba6d132cc581461b532811141867fa30a5cf8",
      "tree": "ca7263f42154fcf23e597d93a0ccf1703767184c",
      "parents": [
        "7fc53a11f839b1cbe779d4132f10aaa495ab3176",
        "3311ba316adaf6837e2d8623e2df3ae86ff93d4a"
      ],
      "author": {
        "name": "Cindy Kuang",
        "email": "ckuang@google.com",
        "time": "Wed Aug 16 17:28:26 2017 +0000"
      },
      "committer": {
        "name": "android-build-merger",
        "email": "android-build-merger@google.com",
        "time": "Wed Aug 16 17:28:26 2017 +0000"
      },
      "message": "Merge \"docs: corrected code example mistakes\" into oc-dev am: 5714da6e93\nam: 3311ba316a\n\nChange-Id: I5a7f89494a450d8ff657161e70301aebd93c63b0\n"
    },
    {
      "commit": "735aa14f4ea01f0fc9d38f5cad2f17ddfc6285b3",
      "tree": "321b6f3162008b6df00e4e3228859bbd4ad20508",
      "parents": [
        "7745a7975f23577db755cb03f50df038f21d00a3",
        "1ed1ee3c7040259ca13a8017c7bdb4d42d092f94"
      ],
      "author": {
        "name": "Cindy Kuang",
        "email": "ckuang@google.com",
        "time": "Wed Aug 16 17:24:05 2017 +0000"
      },
      "committer": {
        "name": "android-build-merger",
        "email": "android-build-merger@google.com",
        "time": "Wed Aug 16 17:24:05 2017 +0000"
      },
      "message": "Merge \"docs: corrected code example mistakes\" into oc-dev am: 5714da6e93\nam: 1ed1ee3c70\n\nChange-Id: I979b54f30b9a09c2160b3d2087c619ba979a868e\n"
    },
    {
      "commit": "1ed1ee3c7040259ca13a8017c7bdb4d42d092f94",
      "tree": "24df5cf70999ff944a14c5765790e23b255180ac",
      "parents": [
        "759696c47cf2fd2276f305a94a3e27494d3417af",
        "5714da6e93271324b020be990b8274463b441b4b"
      ],
      "author": {
        "name": "Cindy Kuang",
        "email": "ckuang@google.com",
        "time": "Wed Aug 16 17:12:09 2017 +0000"
      },
      "committer": {
        "name": "android-build-merger",
        "email": "android-build-merger@google.com",
        "time": "Wed Aug 16 17:12:09 2017 +0000"
      },
      "message": "Merge \"docs: corrected code example mistakes\" into oc-dev\nam: 5714da6e93\n\nChange-Id: Iafb9e2fd73fa1c5c0132da387d900a701433b78c\n"
    },
    {
      "commit": "3311ba316adaf6837e2d8623e2df3ae86ff93d4a",
      "tree": "ac3d9fcc85945ed1feae5ad843f02fc4d16c6ce7",
      "parents": [
        "44cab75cb0ec40368597180e06d6d037a76ef41a",
        "5714da6e93271324b020be990b8274463b441b4b"
      ],
      "author": {
        "name": "Cindy Kuang",
        "email": "ckuang@google.com",
        "time": "Wed Aug 16 17:12:08 2017 +0000"
      },
      "committer": {
        "name": "android-build-merger",
        "email": "android-build-merger@google.com",
        "time": "Wed Aug 16 17:12:08 2017 +0000"
      },
      "message": "Merge \"docs: corrected code example mistakes\" into oc-dev\nam: 5714da6e93\n\nChange-Id: I75b35bd6ff92b345c3fd9d27fdf03e5db2927be9\n"
    },
    {
      "commit": "2b1a5b8fd9efc41451f933fff27f615961f2d6d1",
      "tree": "85d278260f6a51cf75972355922f00148071d03c",
      "parents": [
        "744976e2985a07f602c02721db8969a638d51c82"
      ],
      "author": {
        "name": "Cindy Kuang",
        "email": "ckuang@google.com",
        "time": "Wed Aug 09 14:18:02 2017 -0700"
      },
      "committer": {
        "name": "Cindy Kuang",
        "email": "ckuang@google.com",
        "time": "Fri Aug 11 10:49:04 2017 -0700"
      },
      "message": "docs: corrected code example mistakes\n\nTest: make ds-docs\n\nBug: 10808505\nChange-Id: I9ee4efab9f0cbac00213179d06a6f0919cb82756\n"
    },
    {
      "commit": "e06f53372649b766cefe0cc408381f497426a2b8",
      "tree": "0c47f0012d0bd55948411ccc5005fabab6d0888c",
      "parents": [
        "5898d52184c436c473c577d7c7f6ce5d16769046"
      ],
      "author": {
        "name": "Janis Danisevskis",
        "email": "jdanis@google.com",
        "time": "Thu Jun 08 17:53:34 2017 -0700"
      },
      "committer": {
        "name": "Janis Danisevskis",
        "email": "jdanis@google.com",
        "time": "Mon Jul 24 10:58:33 2017 -0700"
      },
      "message": "Refurbish granting mechanism\n\nKeystore stores key blobs in with filenames that include the symbolic\nname and the uid of the owner. This behaviour should have been\ncompletely opaque to the user keystore. However, the granting mechanism,\nby which an app can allow another app to use one of its keys, leaked the\ninternal structure in that the grantee had to specify the key name with\nthe granter\u0027s uid prefix in order to use the granted key. This in turn\ncollided with prefix handling in other parts of the framework.\n\nThis patch refurbishes the granting mechanism such that keystore can\nchoose a name for the grant. It uses the original symbolic key name as\nprefix and appends _KEYSTOREGRANT_\u003cgrant_no\u003e where the grant_no is\nchosen as first free slot starting from 0. Each uid has its own grant_no\nspace.\n\nThis changes the grant call such that it now returns a string, which is\nthe alias name of the newly created grant. The string is empty if the\ngrant operation failed.\n\nAs before apps can still mask granted keys by importing a key with the\nexact same name including the added suffix. But everybody deserves the\nright to shoot themselves in the foot if they really want to.\n\nBug: 37264540\nBug: 62237038\nTest: run cts-dev --module CtsDevicePolicyManagerTestCases --test\n          com.android.cts.devicepolicy.DeviceOwnerTest#testKeyManagement\n\t  because it grants a key\nMerged-In: I047512ba345c25e6e691e78f7a37fc3f97b95d32\nChange-Id: I047512ba345c25e6e691e78f7a37fc3f97b95d32\n"
    },
    {
      "commit": "6396ccb82e368a5f4ca06c5e47f287930608cc3e",
      "tree": "a0e2e50638e1e34e74569cd6b45b7706250df074",
      "parents": [
        "001956c626c8c2c8c02c6065ea0964dd505e5406"
      ],
      "author": {
        "name": "Janis Danisevskis",
        "email": "jdanis@google.com",
        "time": "Thu Jun 08 17:53:34 2017 -0700"
      },
      "committer": {
        "name": "Janis Danisevskis",
        "email": "jdanis@google.com",
        "time": "Sun Jul 23 09:39:04 2017 -0700"
      },
      "message": "Refurbish granting mechanism\n\nKeystore stores key blobs in with filenames that include the symbolic\nname and the uid of the owner. This behaviour should have been\ncompletely opaque to the user keystore. However, the granting mechanism,\nby which an app can allow another app to use one of its keys, leaked the\ninternal structure in that the grantee had to specify the key name with\nthe granter\u0027s uid prefix in order to use the granted key. This in turn\ncollided with prefix handling in other parts of the framework.\n\nThis patch refurbishes the granting mechanism such that keystore can\nchoose a name for the grant. It uses the original symbolic key name as\nprefix and appends _KEYSTOREGRANT_\u003cgrant_no\u003e where the grant_no is\nchosen as first free slot starting from 0. Each uid has its own grant_no\nspace.\n\nThis changes the grant call such that it now returns a string, which is\nthe alias name of the newly created grant. The string is empty if the\ngrant operation failed.\n\nAs before apps can still mask granted keys by importing a key with the\nexact same name including the added suffix. But everybody deserves the\nright to shoot themselves in the foot if they really want to.\n\nBug: 37264540\nBug: 62237038\nTest: run cts-dev --module CtsDevicePolicyManagerTestCases --test\n          com.android.cts.devicepolicy.DeviceOwnerTest#testKeyManagement\n\t  because it grants a key\nMerged-In: I047512ba345c25e6e691e78f7a37fc3f97b95d32\nChange-Id: I047512ba345c25e6e691e78f7a37fc3f97b95d32\n"
    },
    {
      "commit": "05b5fa502787b9933b5b25db1b1cc9d794cda12d",
      "tree": "cd001d2189e876d9f3bf50208828d2b386ee9809",
      "parents": [
        "a178205e8bcaf9b4dd75c4618d53d30eb94c8802"
      ],
      "author": {
        "name": "Tobias Thierer",
        "email": "tobiast@google.com",
        "time": "Mon Jun 26 20:02:54 2017 +0100"
      },
      "committer": {
        "name": "Tobias Thierer",
        "email": "tobiast@google.com",
        "time": "Mon Jun 26 20:38:07 2017 +0100"
      },
      "message": "Revert \"Delete obsolete and unused KeyStoreTests\". DO NOT MERGE ANYWHERE.\n\nNeeded to revert the CL\u0027s base CL, which tracks the revert\nof the corrsponding conscrypt CL.\n\nThis reverts commit 91abf9f6e2c60b05377b2b82ea2a09fc25476e56.\n\nThis is a clean revert. The upload hook to fix lint errors was not run\n(this CL was uploaded with --no-verify).\n\nTest: Treehugger\nTest: make droid cts\nBug: 62424503\n\nChange-Id: Ic7a3a5550b1e2bdfec98acd986a6a4e84eef41ea\n"
    },
    {
      "commit": "b50e9f65d631dbed4df9c4b0996f6c4d41a71a2a",
      "tree": "64f43abd5f3b20b802f3a34e4ee2c4f10623277b",
      "parents": [
        "2d8b429bb4130d574aeb0c0a4fddc4c38f559424"
      ],
      "author": {
        "name": "Janis Danisevskis",
        "email": "jdanis@google.com",
        "time": "Thu Jun 08 17:53:34 2017 -0700"
      },
      "committer": {
        "name": "Janis Danisevskis",
        "email": "jdanis@google.com",
        "time": "Fri Jun 23 09:27:12 2017 -0700"
      },
      "message": "Refurbish granting mechanism\n\nKeystore stores key blobs in with filenames that include the symbolic\nname and the uid of the owner. This behaviour should have been\ncompletely opaque to the user keystore. However, the granting mechanism,\nby which an app can allow another app to use one of its keys, leaked the\ninternal structure in that the grantee had to specify the key name with\nthe granter\u0027s uid prefix in order to use the granted key. This in turn\ncollided with prefix handling in other parts of the framework.\n\nThis patch refurbishes the granting mechanism such that keystore can\nchoose a name for the grant. It uses the original symbolic key name as\nprefix and appends _KEYSTOREGRANT_\u003cgrant_no\u003e where the grant_no is\nchosen as first free slot starting from 0. Each uid has its own grant_no\nspace.\n\nThis changes the grant call such that it now returns a string, which is\nthe alias name of the newly created grant. The string is empty if the\ngrant operation failed.\n\nAs before apps can still mask granted keys by importing a key with the\nexact same name including the added suffix. But everybody deserves the\nright to shoot themselves in the foot if they really want to.\n\nBug: 37264540\nBug: 62237038\nTest: run cts-dev --module CtsDevicePolicyManagerTestCases --test\n          com.android.cts.devicepolicy.DeviceOwnerTest#testKeyManagement\n\t  because it grants a key\nChange-Id: I047512ba345c25e6e691e78f7a37fc3f97b95d32\n"
    },
    {
      "commit": "47d13239c08648dce6b07b2c0034da429bed5779",
      "tree": "d7210cd12452f730fc99624177917e476e1874b2",
      "parents": [
        "537ece988ae0e854f716266fe3dc117f2888bf08",
        "4c78ac9ce45bc49bb19cec822fdd33df4e7bcde8"
      ],
      "author": {
        "name": "Philipp Weiß",
        "email": "phweiss@google.com",
        "time": "Wed May 10 15:22:07 2017 +0000"
      },
      "committer": {
        "name": "android-build-merger",
        "email": "android-build-merger@google.com",
        "time": "Wed May 10 15:22:07 2017 +0000"
      },
      "message": "Merge \"Implement CACert queries in SecurityController\" into oc-dev\nam: 4c78ac9ce4\n\nChange-Id: Ic4a8e36b7f14ad8ebb2b23e76ef6c38f1bc1da72\n"
    },
    {
      "commit": "7eeab2cdd99f84ecef12ebbb92e0731b26508da1",
      "tree": "07400ff228dba5e9cb51c6d9cf0bcb66bcd91f85",
      "parents": [
        "7cf5f74f3fda19901d8c572f8c47981eda96e091"
      ],
      "author": {
        "name": "phweiss",
        "email": "phweiss@google.com",
        "time": "Wed Apr 19 20:15:06 2017 +0200"
      },
      "committer": {
        "name": "phweiss",
        "email": "phweiss@google.com",
        "time": "Tue May 09 15:35:30 2017 +0200"
      },
      "message": "Implement CACert queries in SecurityController\n\nCherry-pick note:\ntestCACertLoader() was flaky, so this cherry-pick contains\ntwo attempted fixes and a CL that disables the test. The original commit\nmessages of the squashed CLs are below.\nMerged-In: I3b9cc3d85c9f49d0a892613b63d1fba184ab647e\n\nImplement CACert queries in SecurityController\n\nQueries are run (on a AsyncTask) when user is switched and when\nACTION_TRUST_STORE_CHANGED is broadcasted. Otherwise, the result is cached\nin the SecurityController.\n\nBug: 37535489\nTest: runtest --path frameworks/base/packages/SystemUI/tests/src/com/android/systemui/statusbar/policy/SecurityControllerTest.java\nChange-Id: I3b9cc3d85c9f49d0a892613b63d1fba184ab647e\n\nIncrease timeout for flaky testCACertLoader()\n\nBug: 37535489\nBug: 38045871\nTest: runtest --path frameworks/base/packages/SystemUI/tests/src/com/android/systemui/statusbar/policy/SecurityControllerTest.java\nChange-Id: I5778082973af7c6d4d719b83e334fec552b0a89e\n\nFix flaky SecurityControllerTest.testCaCertLoader\n\nFixes: 38108698\nTest: runtest -c .statusbar.policy.SecurityControllerTest systemui\nChange-Id: I6029a09984b72599622f0df57187a20aba4dab30\n\nDisable flaky test\n\nTest: treehugger\nBug: 38118260\nChange-Id: I05c6504acee6a787e1cc5071bed0118388963212\n\n(cherry picked from commit e375fc441cc889890d1cff5bc771039bb65f08ef)\n"
    },
    {
      "commit": "d5bcc031d953046f5698281e419978f4a7b9291f",
      "tree": "7d8d2e41c7c4527ef47062205cc4eedb4ce8384f",
      "parents": [
        "47fe47852328857f4d0bb33f5337202e8108d7db",
        "76da1723bc18f8eedba98cf3d96525ff79e7ebe7"
      ],
      "author": {
        "name": "Kenny Root",
        "email": "kroot@google.com",
        "time": "Fri May 05 21:54:12 2017 +0000"
      },
      "committer": {
        "name": "android-build-merger",
        "email": "android-build-merger@google.com",
        "time": "Fri May 05 21:54:12 2017 +0000"
      },
      "message": "Merge changes from topic \u0027update-conscrypt\u0027 am: c497348c74 am: 37607dfca6 am: 9172df0777\nam: 76da1723bc\n\nChange-Id: I8e1e1a749831c90ab132df1d481ba314ec5012d5\n"
    },
    {
      "commit": "76da1723bc18f8eedba98cf3d96525ff79e7ebe7",
      "tree": "43d843456900063ed667765ac7ed15ade9a62feb",
      "parents": [
        "7df412a6bf8f63db456617d92861202dfefc6c48",
        "9172df07775fc4cae9cd70b14310703d763cc0db"
      ],
      "author": {
        "name": "Kenny Root",
        "email": "kroot@google.com",
        "time": "Fri May 05 21:33:39 2017 +0000"
      },
      "committer": {
        "name": "android-build-merger",
        "email": "android-build-merger@google.com",
        "time": "Fri May 05 21:33:39 2017 +0000"
      },
      "message": "Merge changes from topic \u0027update-conscrypt\u0027 am: c497348c74 am: 37607dfca6\nam: 9172df0777\n\nChange-Id: I78b96e5ae3231185a1b26e2e8b9f95881c279de0\n"
    },
    {
      "commit": "e375fc441cc889890d1cff5bc771039bb65f08ef",
      "tree": "3723d89aebe8f973f72a57717c6ed25772d16ea9",
      "parents": [
        "83abc4f26d470ed032d91c65c66eff71a2499f53"
      ],
      "author": {
        "name": "phweiss",
        "email": "phweiss@google.com",
        "time": "Wed Apr 19 20:15:06 2017 +0200"
      },
      "committer": {
        "name": "phweiss",
        "email": "phweiss@google.com",
        "time": "Fri May 05 19:03:29 2017 +0200"
      },
      "message": "Implement CACert queries in SecurityController\n\nQueries are run (on a AsyncTask) when user is switched and when\nACTION_TRUST_STORE_CHANGED is broadcasted. Otherwise, the result is cached\nin the SecurityController.\n\nBug: 37535489\nTest: runtest --path frameworks/base/packages/SystemUI/tests/src/com/android/systemui/statusbar/policy/SecurityControllerTest.java\n\nChange-Id: I3b9cc3d85c9f49d0a892613b63d1fba184ab647e\n"
    },
    {
      "commit": "91abf9f6e2c60b05377b2b82ea2a09fc25476e56",
      "tree": "24739cefc13f9d57fa8c8e3574c7d6eb5efbe865",
      "parents": [
        "7fdce769c3ef3885ec8f1716bdeedfc8b056a1d7"
      ],
      "author": {
        "name": "Kenny Root",
        "email": "kroot@google.com",
        "time": "Mon May 01 16:38:45 2017 -0700"
      },
      "committer": {
        "name": "Kenny Root",
        "email": "kroot@google.com",
        "time": "Mon May 01 16:39:20 2017 -0700"
      },
      "message": "Delete obsolete and unused KeyStoreTests\n\nThese depended on internal implementation details of Conscrypt that are\nchanging. Delete these tests since they\u0027re not included in builds any\nmore.\n\nTest: make checkbuild\nChange-Id: I6ddf832c30bcf49e940c55aa81534c3d987393fb\n"
    },
    {
      "commit": "237f4b369bfd8021882007d103b9921fca789263",
      "tree": "ae8c83b2076af2a15ad7dc51ce37aabde19734e8",
      "parents": [
        "c4a169cfb452ac4e8c7fb4ac153f66892ee0b16e"
      ],
      "author": {
        "name": "Bartosz Fabianowski",
        "email": "bartfab@google.com",
        "time": "Mon Apr 24 13:57:46 2017 +0200"
      },
      "committer": {
        "name": "Bartosz Fabianowski",
        "email": "bartfab@google.com",
        "time": "Wed Apr 26 17:40:44 2017 +0200"
      },
      "message": "Add device ID attestation method to keymaster\n\nDevice ID attestation consists of three steps:\n* Generate a temporary key\n* Attest the key and desired device IDs\n* Delete the temporary key\n\nRather than being spread over three keymaster APIs, these operations\nshould happen automatically in a single keymaster method.\n\nBug: 34734938\nTest: GTS com.google.android.gts.security.DeviceIdAttestationHostTest\n\nChange-Id: Ifabb5163b9e4d12cb309a6b0ca8e5f2f92d212f4\n"
    },
    {
      "commit": "a00c7c0a9983e30e4dcbc4f7ae847a26d9ea614f",
      "tree": "147c433a2c9ee6dc9caaa01198700c805ca6dedd",
      "parents": [
        "5313eee98a2e7bcac48105888bdfb25d61dce2ce",
        "0f3f60b576aedc78524d50da3dadada2201e63c2"
      ],
      "author": {
        "name": "Jeff Sharkey",
        "email": "jsharkey@google.com",
        "time": "Tue Apr 25 22:10:56 2017 +0000"
      },
      "committer": {
        "name": "Android (Google) Code Review",
        "email": "android-gerrit@google.com",
        "time": "Tue Apr 25 22:11:01 2017 +0000"
      },
      "message": "Merge \"Fix some issues found by new doclava linter.\" into oc-dev"
    },
    {
      "commit": "0f3f60b576aedc78524d50da3dadada2201e63c2",
      "tree": "10687f8ec2be4c125de12c100effc0c796a4b529",
      "parents": [
        "30e06bb668f2e4b024c4ebc2a131de91c96de5eb"
      ],
      "author": {
        "name": "Jeff Sharkey",
        "email": "jsharkey@android.com",
        "time": "Mon Apr 24 18:06:20 2017 -0600"
      },
      "committer": {
        "name": "Jeff Sharkey",
        "email": "jsharkey@android.com",
        "time": "Tue Apr 25 13:12:45 2017 -0600"
      },
      "message": "Fix some issues found by new doclava linter.\n\nAdd missing API annotations for permissions and SdkConstants, and\ninvoke doclava with new \"-android\" flag.\n\nTest: make -j32 offline-sdk-docs\nBug: 37526420\nChange-Id: I970bb2655eb568fd25004636f134c794663a6c33\n"
    },
    {
      "commit": "12b644d275b121dd952a4a564fa65b9c18c9b22c",
      "tree": "70b21b6b53191591312ca0ade265e0d59aeed6da",
      "parents": [
        "274442e33433b74f4c6abca936cf3a1b3e0705bd"
      ],
      "author": {
        "name": "Rubin Xu",
        "email": "rubinxu@google.com",
        "time": "Fri Apr 21 19:21:42 2017 +0100"
      },
      "committer": {
        "name": "Rubin Xu",
        "email": "rubinxu@google.com",
        "time": "Mon Apr 24 20:04:50 2017 +0100"
      },
      "message": "Introduce KEYSTORE_FLAG_CRITICAL_TO_DEVICE_ENCRYPTION\n\nThis flag is used by system server to mark keys used during the\nsynthetic password auth flow. keys marked with this flag will not\nbe super encrypted because super encryption requires knowledge of\nthe synthetic password, causing a chicken-and-egg problem.\n\nBug: 35849499\nBug: 34600579\nTest: cts-tradefed run cts-dev -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.MixedProfileOwnerTest#testResetPasswordWithToken\n\nChange-Id: I474822f2e026f24ce6f6de1aa58b5012922f7b13\n"
    },
    {
      "commit": "910e081216ac530432ac9d0aab10d5e5e4c73ab8",
      "tree": "d3c1c65d39a11fc3b446bf1534773ae8c46c6263",
      "parents": [
        "faf37babb0bc0962c01750b222fc03bd197b0b62"
      ],
      "author": {
        "name": "Jeff Sharkey",
        "email": "jsharkey@android.com",
        "time": "Fri Apr 21 16:29:27 2017 -0600"
      },
      "committer": {
        "name": "Jeff Sharkey",
        "email": "jsharkey@android.com",
        "time": "Fri Apr 21 16:35:08 2017 -0600"
      },
      "message": "More auto-doc work.\n\nAdd support for AnyThread, CallSuper, and UiThread.\n\nAnother related CL started documenting @RequiresPermission, so remove\nduplicated information in existing APIs.\n\nSuppress auto-doc on a handful of classes that are already\nwell-documented.\n\nTest: make -j32 offline-sdk-docs\nBug: 37526420\nChange-Id: I791437dccec0f11d5349a23b982ba098cb551af8\n"
    },
    {
      "commit": "8b651bf7d54f23549c8a7baa27dbed38a35465e4",
      "tree": "0a8bc7769b65d7505baff93dded2de577b965622",
      "parents": [
        "b261269bcf2178a22ce3b4275cd3d89f8ac4a240"
      ],
      "author": {
        "name": "Chad Brubaker",
        "email": "cbrubaker@google.com",
        "time": "Thu Mar 23 09:26:09 2017 -0700"
      },
      "committer": {
        "name": "Chad Brubaker",
        "email": "cbrubaker@google.com",
        "time": "Thu Mar 23 09:26:09 2017 -0700"
      },
      "message": "Fix ACTION_STORAGE_CHANGED doc\n\nThe deprecation note was not quite correct.\n\nChange-Id: I15231881bbf1ee1ee4d342bff74280d7e9807ac0\nFixes: 36493384\nTest: builds\n"
    },
    {
      "commit": "ad60c0615facbcccb1a2b4e87584e8e3980c4f4e",
      "tree": "20ad9f32f97a96d667e361eb5c34f12d2d9240ad",
      "parents": [
        "6099e75df2c12f5b4b9e73cf3f8acdbaea4b3146"
      ],
      "author": {
        "name": "Bartosz Fabianowski",
        "email": "bartfab@google.com",
        "time": "Mon Mar 20 13:59:51 2017 +0100"
      },
      "committer": {
        "name": "Bartosz Fabianowski",
        "email": "bartfab@google.com",
        "time": "Mon Mar 20 14:00:25 2017 +0100"
      },
      "message": "Add manufacturer and model to device ID attestation\n\nDiscussions have shown that in addition to brand, device and product,\nwe should also allow devices to attest their manufacturer and model.\n\nBug: 36433192\nTest: GTS com.google.android.gts.security.DeviceIdAttestationHostTest\n\nChange-Id: Idd48929d6a0c9fe6656c6d2656e2c3f6f370a21e\n"
    },
    {
      "commit": "05dc9f764c9d399add8b7495e680f66d098c55eb",
      "tree": "9ef2b8247c040c633438baffc7dd38e9f819339d",
      "parents": [
        "f063264d3a1393608501f9c07180a1f3cfbb8b7f"
      ],
      "author": {
        "name": "Bartosz Fabianowski",
        "email": "bartfab@google.com",
        "time": "Wed Feb 22 23:41:14 2017 +0100"
      },
      "committer": {
        "name": "Bartosz Fabianowski",
        "email": "bartfab@google.com",
        "time": "Fri Mar 03 19:42:51 2017 +0100"
      },
      "message": "Add API for checking which CA certs were installed by the DO/PO\n\nWith this API, the system can determine whether a CA cert was\ninstalled by the user or the user\u0027s DO/PO.\n\nBug: 32692748\nTest: unit tests (see DevicePolicyManagerTest.java for invocation)\nTest: cts-tradefed run cts-dev --module CtsDevicePolicyManagerTestCases\n\nChange-Id: I3bcae5ac18ec2b110154184fc515df804fd73da6\n"
    },
    {
      "commit": "66925ecc64e909a1ec2b650d10a4e8647f9c5f14",
      "tree": "198e0da88f56fcbe0760b9ec931ac446dffdf852",
      "parents": [
        "77f53170030c8a5c6af00d215967a6f455511649"
      ],
      "author": {
        "name": "Frank Salim",
        "email": "franksalim@google.com",
        "time": "Wed Jan 25 22:22:41 2017 +0000"
      },
      "committer": {
        "name": "Shawn Willden",
        "email": "swillden@google.com",
        "time": "Thu Mar 02 11:16:09 2017 -0700"
      },
      "message": "Revert \"Add new key purpose Wrap Key to KeyProperties.java and\"\n\nThis reverts commit eb30e64f3fac192404a6ae3c162a0770201a7dc2.\n\nReason for revert: Remove partial support for wrapped key import\n\nTest: CTS tested\nChange-Id: I8008494860534257fa983e1a5169d0ed034621f7\n"
    },
    {
      "commit": "a7aaae881cb3168641e3117a0de6db15b63b5a44",
      "tree": "22d8ca0bc254cc0096665a953831f790e68e51c1",
      "parents": [
        "d92eee2344cbe4eba957a2f6d227dd3361d804d5",
        "abaa0695c5361b36a7a2cdbe87c77bf60be20af7"
      ],
      "author": {
        "name": "TreeHugger Robot",
        "email": "treehugger-gerrit@google.com",
        "time": "Tue Feb 28 22:09:02 2017 +0000"
      },
      "committer": {
        "name": "Android (Google) Code Review",
        "email": "android-gerrit@google.com",
        "time": "Tue Feb 28 22:09:06 2017 +0000"
      },
      "message": "Merge \"Delete ParcelableString, add StringParceledListSlice\""
    },
    {
      "commit": "abaa0695c5361b36a7a2cdbe87c77bf60be20af7",
      "tree": "d4df278a80bfdd1b25373072946426981bbfe884",
      "parents": [
        "c98c16ded8738054242b2576a74e145f834b6efa"
      ],
      "author": {
        "name": "Robin Lee",
        "email": "rgl@google.com",
        "time": "Mon Feb 20 20:54:22 2017 +0000"
      },
      "committer": {
        "name": "Robin Lee",
        "email": "rgl@google.com",
        "time": "Tue Feb 28 18:07:08 2017 +0000"
      },
      "message": "Delete ParcelableString, add StringParceledListSlice\n\nBoth inherit from package private BaseParceledListSlice.\n\nThis is still bad, but it\u0027s not as bad. The existing code that uses\nthis can just do Foo.bar().getList() now instead of having to marshal\nto and from an oddball type at either end as well.\n\nIn the longer term ParceledListSlice\u003c\u003e should be eliminated, but it\u0027s\nnot clear how far into the future that is going to happen.\n\nTest: runtest -x services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java\nTest: runtest -x core/tests/coretests/src/android/content/pm/ParceledListSliceTest.java\nChange-Id: Ie69b96b5215d6e04990f6d31345772cdfee21d78\n"
    },
    {
      "commit": "3e7cf168a547982676f18d3308b83381abc95f06",
      "tree": "fe117bb7181058d1350a72b2a1079819b7f7aea0",
      "parents": [
        "c98c16ded8738054242b2576a74e145f834b6efa"
      ],
      "author": {
        "name": "Robin Lee",
        "email": "rgl@google.com",
        "time": "Sat Feb 25 01:28:25 2017 +0000"
      },
      "committer": {
        "name": "Robin Lee",
        "email": "rgl@google.com",
        "time": "Sat Feb 25 01:32:54 2017 +0000"
      },
      "message": "Make IKeyChainAliasCallback oneway\n\nSo it can be sent from devicepolicymanager (system_server) to keychain\n(a system_app) without waiting on the response and having to do\neverything in a background thread.\n\nSide-effect: the regular keychain \u003d\u003e app callback is slightly more\nefficient now too. in case anyone particularly needs blazing fast\nprivate key user selections.\n\nFix: 35675253\nTest: cts-tradefed run cts --abi\u003darm64-v8a --skip-device-info --module CtsDevicePolicyManagerTestCases --test \u0027com.android.cts.devicepolicy.DeviceOwnerTest#testKeyManagement\u0027 \u003c/dev/null 2\u003e\u00261\nChange-Id: I6e9d96ca3c42e6489d879d8cfb0507eb94838bf1\n"
    },
    {
      "commit": "2c92e9daa4c787e8678c25d4a2d3f3ae2362dd4d",
      "tree": "e2c105b49fe8c00066c5ad3ff8f1820b537c93c6",
      "parents": [
        "02761acc674ae9b13d5bbda493ac794ecc4c1c6e",
        "7c3b65e9b184c975b77b2c202e0d675a6770bd2d"
      ],
      "author": {
        "name": "TreeHugger Robot",
        "email": "treehugger-gerrit@google.com",
        "time": "Tue Feb 14 15:58:28 2017 +0000"
      },
      "committer": {
        "name": "Android (Google) Code Review",
        "email": "android-gerrit@google.com",
        "time": "Tue Feb 14 15:58:31 2017 +0000"
      },
      "message": "Merge \"Reject HMAC keys smaller than 64 bits.\""
    },
    {
      "commit": "7f5c91c6bce6a8ff2414549219a321a98a98ab31",
      "tree": "ad73588c43eed6d0f29b368b8e3faa3f00562258",
      "parents": [
        "f9a55d42d2e2adbf5895d04e4790debb145508ed"
      ],
      "author": {
        "name": "Robin Lee",
        "email": "rgl@google.com",
        "time": "Wed Feb 08 21:27:02 2017 +0000"
      },
      "committer": {
        "name": "Robin Lee",
        "email": "rgl@google.com",
        "time": "Tue Feb 14 13:29:31 2017 +0000"
      },
      "message": "MonitoringCertTask no longer relies on software.device_admin\n\nAdded a test to validate that it still works the way it should before\nand after the change.\n\nBug: 33258404\nBug: 35196414\nFix: 35129745\nTest: runtest -x services/tests/servicestests/src/com/android/server/devicepolicy/DevicePolicyManagerTest.java\nTest: also manual, instructions:\nTest: (1) Disable software.device_admin from tablet_core_hardware, rebuild.\nTest: (2) Install CA cert. Notification should appear.\nTest: (3) Reboot. Notification should still be there.\nChange-Id: Id992725c1844a2fffbde4d8acaba531e99f853ad\n"
    },
    {
      "commit": "59ced28f0f722d2517afc65d755ebb388902f76b",
      "tree": "dd9fd9a52c6558c73222620d96d8021cb429b843",
      "parents": [
        "451911ea3a324a153a30daa42e30987071fc16ed"
      ],
      "author": {
        "name": "Rubin Xu",
        "email": "rubinxu@google.com",
        "time": "Mon Jan 30 23:39:12 2017 +0000"
      },
      "committer": {
        "name": "Rubin Xu",
        "email": "rubinxu@google.com",
        "time": "Thu Feb 02 17:53:32 2017 +0000"
      },
      "message": "Add hidden KeyProtection API to specify SID\n\nAllows the caller to specify which SID the given key\nshould be bound to, overriding the default rule of\nbinding to the current root/fingerprint SID.\n\nThis is a prerequsite for introducing synthetic password\nbased authentication flow.\n\nTest: cts-tradefed run cts -m CtsKeystoreTestCases\nBug: 33126414\nChange-Id: Ide03c0f4fd33ecca7a169ea763c3d4d0b173d1dd\n"
    },
    {
      "commit": "92e8cfd21dbe4800b2ed6f18316b07136af1791f",
      "tree": "fbd65a82c97973365f9f6cd81e48555895f5af48",
      "parents": [
        "9d3d90a22f0f64af71fb970e9a5ce75ac799fe3e"
      ],
      "author": {
        "name": "Bartosz Fabianowski",
        "email": "bartfab@google.com",
        "time": "Mon Jan 23 17:40:47 2017 +0100"
      },
      "committer": {
        "name": "Bartosz Fabianowski",
        "email": "bartfab@google.com",
        "time": "Wed Jan 25 04:47:15 2017 +0100"
      },
      "message": "Add device id attestation\n\nThis adds a new public API for attesting the device\u0027s hardware ids\n(e.g. serial number and IMEI).\n\nBug: 34597337\nTest: CTS CtsKeystoreTestCases and GTS DeviceIdAttestationHostTest\n\nChange-Id: I2e9c1b4f8eb24afa4a09c71c137ce33a6b87eb27\n"
    },
    {
      "commit": "eb30e64f3fac192404a6ae3c162a0770201a7dc2",
      "tree": "4c788e9a0f0307eaeeec2e1ab1f8c610de97f5a5",
      "parents": [
        "a9da39cb645243e334505cd072488593521ea42c"
      ],
      "author": {
        "name": "Crystal Qin",
        "email": "crystalyq@google.com",
        "time": "Tue Jan 03 15:45:23 2017 -0800"
      },
      "committer": {
        "name": "Crystal Qin",
        "email": "crystalyq@google.com",
        "time": "Thu Jan 19 21:02:10 2017 -0800"
      },
      "message": "Add new key purpose Wrap Key to KeyProperties.java and\nKeymasterDefs.java.\n\nTest: There will be a CTS test CL submitted together.\nChange-Id: Ic60c3efc451cd7cbb04689b3d7bf9d607fae6c1f\n"
    },
    {
      "commit": "ccb04450279c53eda250ac3e20b75cd07bcd1f7e",
      "tree": "b7465ccb8c71931bcc64f3fa19c90be70d6baf54",
      "parents": [
        "0ac7232b7cd55806b4fd231899a57a20c7f7bdd8"
      ],
      "author": {
        "name": "Paul Duffin",
        "email": "paulduffin@google.com",
        "time": "Tue Jan 10 12:08:23 2017 +0000"
      },
      "committer": {
        "name": "Paul Duffin",
        "email": "paulduffin@google.com",
        "time": "Thu Jan 19 09:43:05 2017 +0000"
      },
      "message": "Prepare for removal of legacy-test from default targets\n\nIn preparation for removing junit classes from the Android API\nthe legacy-test target will be removed from the\nTARGET_DEFAULT_JAVA_LIBRARIES. This change adds explicit\ndependencies on junit and/or legacy-android-test to ensure that\nmodules will compile properly once it is removed.\n\n(cherry picked from 6387604f9e672ece85e07c4bcbd7be396867f06f)\n\nBug: 30188076\nTest: make checkbuild\nMerged-In: I13e88297731253420e4e5f5291d503f13a39a156\nChange-Id: I58446eb8c45d8ac2bcdbc9fa40d1321e811bdd4b\n"
    },
    {
      "commit": "8aeb59ebcd50a510d024dc082fa17b192074c63d",
      "tree": "b7f3e92f4eebc63df03fd63d35b0eafc18ccc81c",
      "parents": [
        "57b8eb3da0c4692ac4f39a9c73aa090af475d14a"
      ],
      "author": {
        "name": "Paul Duffin",
        "email": "paulduffin@google.com",
        "time": "Tue Jan 10 12:08:23 2017 +0000"
      },
      "committer": {
        "name": "Paul Duffin",
        "email": "paulduffin@google.com",
        "time": "Wed Jan 18 16:39:34 2017 +0000"
      },
      "message": "Prepare for removal of legacy-test from default targets\n\nIn preparation for removing junit classes from the Android API\nthe legacy-test target will be removed from the\nTARGET_DEFAULT_JAVA_LIBRARIES. This change adds explicit\ndependencies on junit and/or legacy-android-test to ensure that\nmodules will compile properly once it is removed.\n\nBug: 30188076\nTest: make checkbuild\nChange-Id: I13e88297731253420e4e5f5291d503f13a39a156\n"
    },
    {
      "commit": "7c3b65e9b184c975b77b2c202e0d675a6770bd2d",
      "tree": "dc6f29eae3147e7361862f106264a83784add22b",
      "parents": [
        "38b17ad26b2e69081637d6a2836ed2f149462c6b"
      ],
      "author": {
        "name": "Shawn Willden",
        "email": "swillden@google.com",
        "time": "Tue Nov 22 06:53:02 2016 -0700"
      },
      "committer": {
        "name": "Shawn Willden",
        "email": "swillden@google.com",
        "time": "Tue Jan 17 05:05:56 2017 -0700"
      },
      "message": "Reject HMAC keys smaller than 64 bits.\n\nTest: CTS test has been updated to verify this.\nChange-Id: I6389d9fa2ff75d08a2223c789e5437190c4b82c6\n"
    },
    {
      "commit": "dea66146038a28e9c7da2ad04a6119cfd83de2f8",
      "tree": "e3b8f683d3f5e5722a11b94a96a5a160d945d1c5",
      "parents": [
        "ebd8b62cfe53192c967dc4a9822d5668d3bec8a0"
      ],
      "author": {
        "name": "Shawn Willden",
        "email": "swillden@google.com",
        "time": "Wed Nov 16 06:01:06 2016 -0700"
      },
      "committer": {
        "name": "Shawn Willden",
        "email": "swillden@google.com",
        "time": "Wed Nov 16 06:06:36 2016 -0700"
      },
      "message": "Test for null context in getPrivateKey\n\nIn N, passing a null context to getPrivateKey provoked a\nNullPointerException, which is validated by a CTS test. In commit\n28d68b1 this behavior was changed (inadvertently, I believe) causing\ngetPrivateKey to wrap the NPE in a KeyChainException. This CL restores\nthe previous behavior, fixing the test and avoiding breaking any apps\nthat were catching the NPE.\n\nTest: Fixing broken test\nChange-Id: Icb0c75b03efc478b7310998cf3e7108a2c419107\n"
    },
    {
      "commit": "0a17db1cc5942ea000ca87bb72853de57a15ec64",
      "tree": "7a0b51064dc654901bd69857c2f3a14fe8d5871a",
      "parents": [
        "9d710882602a8a0ad661cf10ce2cb421f3255ee2"
      ],
      "author": {
        "name": "Jeff Sharkey",
        "email": "jsharkey@android.com",
        "time": "Fri Nov 04 11:23:46 2016 -0600"
      },
      "committer": {
        "name": "Jeff Sharkey",
        "email": "jsharkey@android.com",
        "time": "Mon Nov 07 17:03:37 2016 -0700"
      },
      "message": "Detect non-oneway calls leaving system_server.\n\nTo protect system stability, any Binder calls leaving the\nsystem_server must carefully be performed using FLAG_ONEWAY (or\nthe \u0027oneway\u0027 verb in AIDL) which prevents the call from blocking\nindefinitely on the remote process.\n\nIn this CL, the system_server uses the new Binder.setWarnOnBlocking()\nmethod to enable detection by default for all remote Binder\ninterfaces.  It can also use Binder.allowBlocking() to allow\nblocking calls on certain remote interfaces that have been\ndetermined to be safe.\n\nThis CL adds the \u0027oneway\u0027 verb to several interfaces and methods\nwhere it should have been added, and marks a handful of system\nContentProviders as being safe to call into.  Also, we assume that\nany services obtained from ServiceManager are part of the core\nOS, and are okay to make blocking calls to.\n\nTest: builds, boots, runs with minimal logs triggered\nBug: 32715088\nChange-Id: Ide476e120cb40436a94b7faf7615c943d691f4c0\n"
    },
    {
      "commit": "7f99db4e634619144c09f309ed11519e6336b075",
      "tree": "23d54b88a435880c6992c06c46575ef787e45f46",
      "parents": [
        "1a1c99bdf19056cd05999e13cfb2d520cb3dcb15",
        "8f75adc624c70dfd597b7fc3aab993a7d5815f4c"
      ],
      "author": {
        "name": "Tucker Sylvestro",
        "email": "tuckeris@google.com",
        "time": "Thu Oct 06 16:20:19 2016 +0000"
      },
      "committer": {
        "name": "android-build-merger",
        "email": "android-build-merger@google.com",
        "time": "Thu Oct 06 16:20:19 2016 +0000"
      },
      "message": "Add the onDeviceOffBody API method to KeyStore am: b32aae2a46\nam: 8f75adc624\n\nChange-Id: Ib8d7bc19a167999894b90b45e7eb1cadb2a85d24\n"
    },
    {
      "commit": "8f75adc624c70dfd597b7fc3aab993a7d5815f4c",
      "tree": "f0254eed5c074f872a47e2a3312596c92efb7c26",
      "parents": [
        "67c1ee6ed40bd6ccf899db32e9977a636e040c65",
        "b32aae2a46bc3678e11c7f0ca88e01a192829490"
      ],
      "author": {
        "name": "Tucker Sylvestro",
        "email": "tuckeris@google.com",
        "time": "Thu Oct 06 16:13:48 2016 +0000"
      },
      "committer": {
        "name": "android-build-merger",
        "email": "android-build-merger@google.com",
        "time": "Thu Oct 06 16:13:48 2016 +0000"
      },
      "message": "Add the onDeviceOffBody API method to KeyStore\nam: b32aae2a46\n\nChange-Id: Idbf7f1d505b1d446a3d648dcf1b0f334a629110a\n"
    },
    {
      "commit": "c8d45456bddec043a1b3db6f047e59f0fee8d562",
      "tree": "9a86ca440f50dd9661dc6c338385c22e196a1a80",
      "parents": [
        "9fbfa5dcbd0e466a1d472ee64d93ead9f361870d",
        "f4ac9198497ce3bb10862167772f18ad729f6e24"
      ],
      "author": {
        "name": "Kevin Hufnagle",
        "email": "khufnagle@google.com",
        "time": "Tue Sep 27 02:06:09 2016 +0000"
      },
      "committer": {
        "name": "android-build-merger",
        "email": "android-build-merger@google.com",
        "time": "Tue Sep 27 02:06:09 2016 +0000"
      },
      "message": "docs: Fixed broken link to Android KeyStore facility am: c0c4ac5e35 am: 507a5c03da\nam: f4ac919849\n\nChange-Id: I20e5abdffd9ac4fd8b4164ef56c1b3bafb58ad2b\n"
    }
  ],
  "next": "f4ac9198497ce3bb10862167772f18ad729f6e24"
}
