This workaround prevents use of keys with randomized encryption
(IND-CPA). Since randomized encryption is on by default, it's better
to keep it working and break non-randomized encryption (until
Keymaster is fixed).
Bug: 18088752
Change-Id: I4b11ce72cff705be41d3e66f28b507d6ddc1da79
This tracks 59f977c6988e21b3b8aa6c83428bd6ee1a98816d due to which
AndroidKeyStore is unable to provide symmetric keys because it
assumes that the digest field is not repeating.
Bug: 18088752
Change-Id: Ie8ed01449280b7c759e81aeaf2066953b0abaf2a
fix return value scale of notifyANR()
from milliseconds to nanoseconds when windowState is not null
This prevent unintended frequent method calls of notifyANR()
in a very short time.
Change-Id: Icc1f363b3ed3538821a42c080809567473bfb833
Signed-off-by: Baik Han <baik.han@lge.com>
This removes the need to specify the three parameters of the
self-signed certificate (serial number, subject, validity range) when
generating key pairs in AndroidKeyStore. This is achieved by
providing sensible defaults for these parameters:
* serial number: 1
* subject: CN=fake
* validity range: Jan 1 1970 to Jan 1 2048.
Bug: 18088752
Change-Id: I5df918b1ef8b26ed3ddd43828c4c78c9fa58cd43
This was originally to avoid RuntimeException in RouteInfo#matches():
When an IPv6 prefix with a length greater than the max permitted
for IPv4 is matched against an Inet4Address, the call to
NetworkUtils throws RuntimeException.
Change-Id: I92e2bd19a4e7d656cf682fd27678da07e211850d
The name is not used in any meaningful way yet, but would be used
to name the file for generated code for fused kernels in other
coming CLs.
A script group name cannot be null or empty, or longer than 100
characters. It can only contain letters, digits, '-', or '_'.
Change-Id: I95fdbf58e6689da91ca98c2057dfa1a803d3b27b
This replaces int-based enums from KeyStoreKeyConstraints with
String values commonly used in JCA API.
As part of under the hood refactoring:
* KeyStoreKeyCharacteristics and KeyStoreKeyConstraints have been
merged into KeyStoreKeyProperties.
* KeymasterUtils methods operating on KeymasterArguments and
KeymasterCharacteristics have been moved to their respective
classes.
Bug: 18088752
Change-Id: I9c8b984cb3c28184adb617e34d87f2837bd1d3a1
We can get a number of exceptions (e.g. SecurityException) when
a process is acquiring a provider. We need to clean-up correctly
so that other threads that try to acquire the provider the progress.
Bug: 20122809
Change-Id: Icac1d391df7e8c24198be89035b1c5a23da834cf
Fine tune commit 9ac9609f.
Because process may reuse same process record to restart.
It is better to check below conditions to skip:
1. Simple dead and has been cleaned.
=> .thread will be null
2.The process has restarted with new pid but has not attached yet.
=> .thread will be null
3.The process has restarted and attached.
=> The IBinder will be different
Change-Id: Ic052f5025558ca93e1a6ab11bca61fe995126bb9
