Evolution-x/hardware_interfaces
1
0
Fork 0
mirror of https://github.com/Evolution-X/hardware_interfaces synced 2026-02-01 22:04:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge "Add getKeyCharacteristics method to KeyMint"

Browse Source
This commit is contained in:
Paul Crowley
2021-04-30 21:06:14 +00:00
committed by Gerrit Code Review
parent b76d8e27fb dadb18dd29
commit 8b25958b75
2 changed files with 25 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/IKeyMintDevice.aidl
View File

@@ -48,5 +48,6 @@ interface IKeyMintDevice {
void deviceLocked(in boolean passwordOnly, in @nullable android.hardware.security.secureclock.TimeStampToken timestampToken);
void earlyBootEnded();
byte[] convertStorageKeyToEphemeral(in byte[] storageKeyBlob);
android.hardware.security.keymint.KeyCharacteristics[] getKeyCharacteristics(in byte[] keyBlob, in byte[] appId, in byte[] appData);
const int AUTH_TOKEN_MAC_LENGTH = 32;
}

25
security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl
View File

@@ -20,6 +20,7 @@ import android.hardware.security.keymint.AttestationKey;
import android.hardware.security.keymint.BeginResult;
import android.hardware.security.keymint.HardwareAuthToken;
import android.hardware.security.keymint.IKeyMintOperation;
import android.hardware.security.keymint.KeyCharacteristics;
import android.hardware.security.keymint.KeyCreationResult;
import android.hardware.security.keymint.KeyFormat;
import android.hardware.security.keymint.KeyMintHardwareInfo;
@@ -782,7 +783,7 @@ interface IKeyMintDevice {
*/
void earlyBootEnded();
/*
/**
* Called by the client to get a wrapped per-boot ephemeral key from a wrapped storage key.
* Clients will then use the returned per-boot ephemeral key in place of the wrapped storage
* key. Whenever the hardware is presented with a per-boot ephemeral key for an operation, it
@@ -802,4 +803,26 @@ interface IKeyMintDevice {
* place of the input storageKeyBlob
*/
byte[] convertStorageKeyToEphemeral(in byte[] storageKeyBlob);
/**
* Returns parameters associated with the provided key. This should match the
* KeyCharacteristics present in the KeyCreationResult returned by generateKey(),
* importKey(), or importWrappedKey().
*
* @param keyBlob The opaque descriptor returned by generateKey, importKey or importWrappedKey.
*
* @param appId An opaque byte string identifying the client. This value must match the
* Tag::APPLICATION_ID data provided during key generation/import. Without the correct
* value, it must be computationally infeasible for the secure hardware to obtain the
* key material.
*
* @param appData An opaque byte string provided by the application. This value must match the
* Tag::APPLICATION_DATA data provided during key generation/import. Without the
* correct value, it must be computationally infeasible for the secure hardware to
* obtain the key material.
*
* @return Characteristics of the generated key. See KeyCreationResult for details.
*/
KeyCharacteristics[] getKeyCharacteristics(
in byte[] keyBlob, in byte[] appId, in byte[] appData);
}