git.osdn.net Git - android-x86/frameworks-base.git/commit

(root) / android-x86 / frameworks-base.git / commit

author	Alex Klyubin <klyubin@google.com>
	Wed, 9 Sep 2015 21:55:03 +0000 (14:55 -0700)
committer	Alex Klyubin <klyubin@google.com>
	Thu, 10 Sep 2015 22:35:06 +0000 (15:35 -0700)
commit	3876b1be27e3aefde9a72eb2e4f856e94fc5f946
tree	5783b18f074f1971a83a615ef805f5483f6cfb90	tree \| snapshot
parent	435acfc88917e3535462ea520b01d0868266acd2	commit \| diff

Support cross-UID access from AndroidKeyStore.

This is meant for exposing the pre-existing cross-UID access to keys
backed by the keystore service via higher-level JCA API. For example,
this lets system_server use Wi-Fi or VPN UID keys via JCA API.

To obtain a JCA AndroidKeyStore KeyStore for another UID, use the
hidden system API AndroidKeyStoreProvider.getKeyStoreForUid(uid).

To generate a key owned by another UID, invoke setUid(uid) on
KeyGenParameterSpec.Builder.

This CL does not change the security policy, such as which UID can
access/modify which UIDs' keys. The policy is that only certain system
UIDs are permitted to access keys of certain other system UIDs.

Bug: 23978113
Change-Id: Ie381530f41dc41c50d52f675fb9e68bc87c006de

27 files changed:

keystore/java/android/security/Credentials.java		diff \| blob \| history
keystore/java/android/security/KeyChain.java		diff \| blob \| history
keystore/java/android/security/KeyStore.java		diff \| blob \| history
keystore/java/android/security/keystore/AndroidKeyStoreCipherSpiBase.java		diff \| blob \| history
keystore/java/android/security/keystore/AndroidKeyStoreECDSASignatureSpi.java		diff \| blob \| history
keystore/java/android/security/keystore/AndroidKeyStoreECPrivateKey.java		diff \| blob \| history
keystore/java/android/security/keystore/AndroidKeyStoreECPublicKey.java		diff \| blob \| history
keystore/java/android/security/keystore/AndroidKeyStoreHmacSpi.java		diff \| blob \| history
keystore/java/android/security/keystore/AndroidKeyStoreKey.java		diff \| blob \| history
keystore/java/android/security/keystore/AndroidKeyStoreKeyFactorySpi.java		diff \| blob \| history
keystore/java/android/security/keystore/AndroidKeyStoreKeyGeneratorSpi.java		diff \| blob \| history
keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java		diff \| blob \| history
keystore/java/android/security/keystore/AndroidKeyStoreLoadStoreParameter.java	[new file with mode: 0644]	blob
keystore/java/android/security/keystore/AndroidKeyStorePrivateKey.java		diff \| blob \| history
keystore/java/android/security/keystore/AndroidKeyStoreProvider.java		diff \| blob \| history
keystore/java/android/security/keystore/AndroidKeyStorePublicKey.java		diff \| blob \| history
keystore/java/android/security/keystore/AndroidKeyStoreRSACipherSpi.java		diff \| blob \| history
keystore/java/android/security/keystore/AndroidKeyStoreRSAPrivateKey.java		diff \| blob \| history
keystore/java/android/security/keystore/AndroidKeyStoreRSAPublicKey.java		diff \| blob \| history
keystore/java/android/security/keystore/AndroidKeyStoreSecretKey.java		diff \| blob \| history
keystore/java/android/security/keystore/AndroidKeyStoreSecretKeyFactorySpi.java		diff \| blob \| history
keystore/java/android/security/keystore/AndroidKeyStoreSignatureSpiBase.java		diff \| blob \| history
keystore/java/android/security/keystore/AndroidKeyStoreSpi.java		diff \| blob \| history
keystore/java/android/security/keystore/KeyGenParameterSpec.java		diff \| blob \| history
keystore/java/android/security/keystore/KeyStoreCryptoOperationUtils.java		diff \| blob \| history
keystore/tests/src/android/security/keystore/AndroidKeyPairGeneratorTest.java		diff \| blob \| history
keystore/tests/src/android/security/keystore/AndroidKeyStoreTest.java		diff \| blob \| history

frameworks/base

RSS Atom

About OSDN

Find Software

Develop Software

Help