Commit Graph

33 Commits

Author SHA1 Message Date
Chia-chi Yeh
ae17a37d2d KeyStore: Update the parameters of generating master keys.
To improve the security, the parameters to generate the master key has
been changed. Special cares has been taken to prevent from permanent
damages of the existing data during the transition process.

Change-Id: I0c93f3de28a9fcd314932675ccfb65a7f11fa3ff
2010-10-01 01:42:55 +08:00
Chia-chi Yeh
857edec1a2 KeyStore: Initialize IV correctly.
Change-Id: Idbf207dfcc11b92e606cbf4fd3732ed7a8aa3416
2010-09-30 17:28:01 +08:00
Chia-chi Yeh
1c2eccfac3 KeyStore: Fix the return value when send() or recv() has an error.
Change-Id: I20a63c76bd29b1a9f8959a6c4fe5a5b8a9a971b4
2010-09-30 15:17:58 +08:00
Chia-chi Yeh
6efed6c20e keystore: rephrase the comment to make the usage more clear.
Change-Id: I529ca7ed443060089c95fe96dd230288be4b6c96
2010-03-17 16:31:20 +08:00
Chia-chi Yeh
5bf4691382 Merge "keystore: add AID_ROOT into the user table." 2010-03-08 17:50:56 -08:00
Chia-chi Yeh
e3bc023471 keystore: add AID_ROOT into the user table.
Change-Id: I4b9cf24d75ca79583d7913bbb2c33745a2316cde
2010-03-09 09:44:07 +08:00
Chia-chi Yeh
0755483539 keystore: allow '\0's in keys and add guards for cplusplus.
Change-Id: I0af6ed7c5d51ce4ca39cb837e475942800cf6e2d
2010-03-08 17:21:35 +08:00
Chia-chi Yeh
b78679e18d keystore: compute the padding in an intuitive way. 2009-12-30 10:38:39 +08:00
Chia-chi Yeh
ced66258e1 keystore: Add paddings before checksumming.
Also fix a file descriptor leak when file system is nearly full.

Bug: 2339184
2009-12-22 17:26:42 +08:00
Chia-chi Yeh
4424dd7dd5 keystore: remove old implementation and test.
The new tests will be implemented in java.
2009-09-24 13:35:26 +08:00
Chia-chi Yeh
1cdc2a4b81 keystore: rename scan() to saw(). 2009-09-22 02:57:52 +08:00
Chia-chi Yeh
c5dbc5e98a keystore: exclude builds for simulator. 2009-09-22 00:43:13 +08:00
Chia-chi Yeh
dd2a71eebc keystore: enable delete(), scan(), exist() when keystore is locked.
Also check end-of-file explicitly.
2009-09-21 11:36:33 +08:00
Chia-chi Yeh
2f3b2a5aa6 keystore: switch to multi-user version. 2009-09-18 17:23:53 +08:00
Chia-chi Yeh
4cff21f21b keystore: add multi-user support.
Change-Id: I60268261110934a1d60efa341ff530f94415724f
2009-09-18 11:49:55 +08:00
Hung-ying Tyan
408c5f2c98 Fix a minor bug in is_alnum_string()...
and remove some verbose logging
2009-09-17 12:17:29 +08:00
Hung-ying Tyan
b2de5bd4da Add tests and misc fixes on keystore.
* Refactor netkeystore.c to make client and server code testable.
* Add a client test for setting new passwd and changing passwd.
* Exclude "." and ".." from reset_keystore().
* Change ServerCommand.executeCommand() to accept variable length of
  arguments and add convert() to marshalling the args to bytes.
* Keystore.java is revised accordingly.
2009-09-11 19:30:13 +08:00
Chung-yih Wang
2a58b6dbf0 Replace the delimiter whitespace with '\0'.
+ Use '\0' as the delimiter.
+ Allow whitespace character for keystore password.

In previous implementation, we use space as the delimiter. That
will stop user from using passphrase with whitespace character.
2009-09-09 15:00:43 +08:00
repo sync
74c332f184 Fix network order for marshalling in keystore interface.
This will fix the endian issue for heterogeneous architectures in keystore marshalling interface.
2009-08-10 16:13:00 +08:00
Android (Google) Code Review
23c95b3b32 Merge change 9438 into donut
* changes:
  Change some log.i to log.d.
2009-07-31 20:15:15 -07:00
Hung-ying Tyan
6cdee58010 Change some log.i to log.d. 2009-08-01 10:11:46 +08:00
Chung-yih Wang
ccf407f7ac Add unit tests for netkeystore.
+ some boundary checks.
2009-07-30 16:37:48 +08:00
Chung-yih Wang
11e9f3dd26 Add memcpy and strcpy boundary check. 2009-07-24 11:24:31 +08:00
Chia-chi Yeh
23c7adc5e9 keystore: Fix a compile warning. 2009-07-16 14:45:11 +08:00
Android (Google) Code Review
dea9f55274 Merge change 6198 into donut
* changes:
  keystore: Provide a generic getter for native components.
2009-07-06 00:04:54 -07:00
Chia-chi Yeh
5d0ca76229 keystore: Provide a generic getter for native components. 2009-07-06 14:33:09 +08:00
Chung-yih Wang
6ac03019e6 Add password field for WiFi configuration.
1. the certtool.h is modified for avoiding the side effect,
   for saving the configuration with wpa_supplicant.
2. put the loadLibrary back in CertTool.java
3. Fix incorrect JNI declarations.
2009-07-05 11:06:01 +08:00
Chung-yih Wang
37b49519cc Two small checks in keymgmt.
1. Enforce the state check in listkey().
2. Enforce the password length check.
2009-07-03 12:14:36 +08:00
Chung-yih Wang
7bd460b120 Remove the null-termination for Java string compatibility.
1. Also change the keyname delimiter in CertTool.java.
2. Return NOTFOUND if the result.len==0 in the listKeys().
3. Define the keystore states in the class Keystore.
2009-07-02 23:08:39 +08:00
Chung-yih Wang
c186c66a29 Implement the generic mini-keystore for security.
1. We will progressively migrate to this implementation.
2. For richc to have a quick review on the keymgmt part.
3. Add remove_key and make sure all functions are working.
4. Add permission check for get operation.
5. Return the retry count if unlock failed.
6. Add the reset operation for keystore reset.
7. Add the putfile shell command for putting the key value from file.
8. Fix the boundary issue during parsing command.
9. Use the ' ' as delimiter and reset the reply structure for each request.
10. Add change password retry count check.
11. Extract the read_marshal/write_marshal for certtool.h.
12. Remove the old implementation.
2009-07-02 14:08:20 +08:00
Chung-yih Wang
4c40420cd2 Change the keystore APIs.
1. simplify the keypair selection in UI.
2. add the user certificate and key into the keystore for keygen feature.
2009-06-17 14:32:05 +08:00
Chung-yih Wang
8fcbada742 Provide the Keystore feature in the framework.
-- added the keystore library for Java application.
-- changed the marshalling of the keystore function return.
2009-06-11 17:28:40 +08:00
Chung-yih Wang
a92d5dc0f6 First version of the keystore service.
The keystore service is protected by the user 'keystore'. Only keystore
user/group can access the key content. All users are able to do the
following commands from shell as well:
  listcerts
  listuserkeys
  installcert
  removecert
  installuserkey
  removeuserkey
2009-06-08 16:34:54 +08:00