Keystore is reimplemented and it is mainly for storing
(key, value) pair generically. The certificate related
APIs are moved to the class CertTool instead.
Updates:
Provide the getInstance() which gives the singleton.
Fix the missing construction of the BIO in cert.c.
Without the metadata we can't verify the version number or the signatures of the
apps whose data we'd be trying to restore against the apps present on device.
This is not acceptable; we need to refuse to give data to an unauthenticated
app.
It's now possible to ask that the backup manager wipe the saved data for a given
application from the backing store. LocalTransport implements this now but the
Google backend does not yet. When the data is wiped, the on-device backup state
is also wiped to ensure that the next backup pushes all necessary data.
Bmgr has not yet been modified to actually call into this method, but it will
be soon.
This is to prevent a bad app from using up all the global references in the
system process due to allocating too many DeathRecipients.
Signed-off-by: Mike Lockwood <lockwood@android.com>
1. Also change the keyname delimiter in CertTool.java.
2. Return NOTFOUND if the result.len==0 in the listKeys().
3. Define the keystore states in the class Keystore.
This backs up the basic system and secure settings. THe restoration doesn't
take effect immediately. You many need to restart the runtime to see all
restored values take effect.
1. Have the new Keystore for mini-keystore impelemntation.
2. Add CertTool library and jni dll for handling keygen and certificates.
3. Make Reply hidden.
4. Revert some 'incorrect' change and correct the description.
1. We will progressively migrate to this implementation.
2. For richc to have a quick review on the keymgmt part.
3. Add remove_key and make sure all functions are working.
4. Add permission check for get operation.
5. Return the retry count if unlock failed.
6. Add the reset operation for keystore reset.
7. Add the putfile shell command for putting the key value from file.
8. Fix the boundary issue during parsing command.
9. Use the ' ' as delimiter and reset the reply structure for each request.
10. Add change password retry count check.
11. Extract the read_marshal/write_marshal for certtool.h.
12. Remove the old implementation.
The system now keeps a tag of the last version (just an arbitrary string)
that the setup wizard was run for. If this is different than the current
one in the setup wizard, then setup is launched at boot.
This introduces a new intent action for the part of the setup wizard that
gets run for an ungrade, which the system uses to find its current version
tag for comparing against what was last stored. It is up to the launched
setup activity update the stored setting to reflect its current value,
once it is happy.
This changes the backup service to use the settings provider instead
of system properties, correspondingly making it off by default and
allowing specific devices to define the transport. Also tweaks
the permission checks to use the permission symbol instead of raw
strings.
This requires some corresponding changes in the vendor projects.
Otherwise, the different text measurement methods produce slightly
different results and cause the text to show different results for
Spanned vs. non-Spanned source strings.
Bug 1837826
