Age | Commit message (Collapse) | Author | Files | Lines |
|
Reload option is not needed anymore.
To be secure, remove all KEKs from dek store (also adek) after loading
preloaded adeks once. Loaded adeks are stored in key-manager so they're
useless.
Related test cases are added. (load preloaded app deks)
(TODO) To use key-manager initial value feature is highly considered
to store KEK private key more securely.
Change-Id: I2f6c645398277968cd7d480236d1802a07fa33df
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
|
|
Installer will be run as system (from user) so we cannot retrieve user
id from client credential(by key-manager).
Change-Id: I1e091bfc0b88fce418cd209a7a1adab021b6c0d2
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
|
|
For migrated web app, we need to more fields in cache e.g., IV and
is_migrated flag to handle it separately.
Because cipher algorithm, iv and key size could be different between old
secure storage, it depends on product implementation. So this
architecture needs more flexibility.
A lot of code changed because of the principle data structure is added
from the bottom.
Change-Id: Id6a10b9f707f4da25016dd928ab4049be619a610
Signed-off-by: Kyungwook Tak <k.tak@samsung.com>
|