Cross Reference: /hardware/libhardware/include/hardware/keymaster

History log of /hardware/libhardware/include/hardware/keymaster_defs.h
Revision	Date	Author	Comments (<<< Hide modified files) (Show modified files >>>)
81b7b5f68ce27b146933e93dc601e9e6de27473a	20-Mar-2017	Bartosz Fabianowski <bartfab@google.com>	Add manufacturer and model to device ID attestation Discussions have shown that in addition to brand, device and product, we should also allow devices to attest their manufacturer and model. Bug: 36433192 Test: GTS com.google.android.gts.security.DeviceIdAttestationHostTest Change-Id: I126003420a93241e04bf18ee7ff8e6aefa5599a8 /hardware/libhardware/include/hardware/keymaster_defs.h
38925770ef26c6adaa8b4d343c642f1ed8f9bdd3	25-Jan-2017	Frank Salim <franksalim@google.com>	Revert "Add new purpose to the HAL layer." This reverts commit ee2f29de40a45a3d4660aacf02bca99f1aa134f5. Reason for revert: Remove partial support for wrapped key import Change-Id: Iefb57c910a3d05fa9e2c9660c2ac236c2ecc9cc0 /hardware/libhardware/include/hardware/keymaster_defs.h
9d2f5b911e758b372abccf10ff25c926929a217a	23-Jan-2017	Bartosz Fabianowski <bartfab@google.com>	Add device id attestation tags This syncs the keymaster defs with the Keymaster 3.0 HAL definition after the addition of device id attestation. Bug: 34597337 Test: CTS CtsKeystoreTestCases and GTS DeviceIdAttestationHostTest Change-Id: I75a4b7cca6da83b239fba97964415788dbcd8862 /hardware/libhardware/include/hardware/keymaster_defs.h
ee2f29de40a45a3d4660aacf02bca99f1aa134f5	04-Jan-2017	Crystal Qin <crystalyq@google.com>	Add new purpose to the HAL layer. Test: There will be a CTS test CL. Change-Id: Ic623b7be8949fe0adb3706958a9be59f267057c4 /hardware/libhardware/include/hardware/keymaster_defs.h
0b885c10323743e86f9dc620e443bf53c77b47cd	06-Oct-2016	Tucker Sylvestro <tuckeris@google.com>	Treat all tags as unsigned when comparing them am: 28a872eb79 am: 8f1436275a Change-Id: I2b3f571ed02470ab6b1e46f7d239fbd767c68225
28a872eb797716868770a2115a6ef55f2178df6d	05-Oct-2016	Tucker Sylvestro <tuckeris@google.com>	Treat all tags as unsigned when comparing them All tags are presumed to be unsigned, but some of them have signed representations that are negative. This caused problems in AuthorizationSet.Deduplicate, where TAG_APPLICATION_DATA (signed rep of -1879047492) was being sorted before TAG_INVALID (0), which was presumed to always be first in the list. BUG: 30701680 Change-Id: I67047cee21fd7617248022a4674779fe80d5ddfd /hardware/libhardware/include/hardware/keymaster_defs.h
3696685df4a57bb1cf6ef3a0e99c0ea7a2368ff3	01-Jun-2016	Janis Danisevskis <jdanis@google.com>	add error code KM_ERROR_ATTESTATION_APPLICATION_ID_MISSING This error code is required by keystore. Bug: 22914603 Change-Id: Icda276cb6b6faf2c0bb0c98a3c5700612a92e51b /hardware/libhardware/include/hardware/keymaster_defs.h
b62995e42e434d328a5f41dd3844e06df24323a9	20-May-2016	Janis Danisevskis <jdanis@google.com>	add tag KM_TAG_ATTESTATION_APPLICATION_ID This tag is used by keystore for denoting key attestation applications IDs Bug: 22914603 Change-Id: Ie92352686123e0172ca0df20f54059a4c92c319c /hardware/libhardware/include/hardware/keymaster_defs.h
e366efd5bb89b2e7556055c5287c4e81e8820785	20-Mar-2016	Shawn Willden <swillden@google.com>	Zero length in keymaster_free_param_set. Change-Id: I0b9999e4c148d70369549cbd2fcdbbff7321a587 /hardware/libhardware/include/hardware/keymaster_defs.h
aeb15d64fc331476150622fc693222e3d920b9ec	19-Mar-2016	Shawn Willden <swillden@google.com>	Add keymaster_security_level_t for attestation. Change-Id: Iffa71e3c285d35c2feafd04e8153306f086a3118 /hardware/libhardware/include/hardware/keymaster_defs.h
3080276974953e4c61716a71760831f392a75986	10-Mar-2016	Shawn Willden <swillden@google.com>	Remove agree_key and add configure to keymaster2. Key agreement (ECDH) has been punted from the N release, and a configuration method has been added to support version binding. Change-Id: Ia4aeee1bd7ab88cda3b9faa653470e608aa55942 /hardware/libhardware/include/hardware/keymaster_defs.h
7fd11186a6731402fd5a33b26da9edf738dd750b	03-Feb-2016	Shawn Willden <swillden@google.com>	Add KM_TAG_ATTESTATION_CHALLENGE. Bug: 22914603 Change-Id: Ibf1341f47ab3cecd4a8e3099b819c5cac0d81b17 /hardware/libhardware/include/hardware/keymaster_defs.h
ef01d9796740b44d098ea1de355cb62af4f52cb5	29-Jan-2016	Shawn Willden <swillden@google.com>	Merge "Add KM_TAG_ALLOW_WHILE_ON_BODY." am: f704e8a939 am: b9733d9bff * commit 'b9733d9bff225ae0b16feeb64283b123225af465': Add KM_TAG_ALLOW_WHILE_ON_BODY.
71ca0109becc23c7cfe49c57cbcb56e142667771	26-Jan-2016	Shawn Willden <swillden@google.com>	Add KM_TAG_ALLOW_WHILE_ON_BODY. Change-Id: I39ca0eee8be46a6acc65e975aad81d2f2c2aa5b8 /hardware/libhardware/include/hardware/keymaster_defs.h
1227f460cee2745a790b42611aee4dce82d2d4d6	25-Jan-2016	Shawn Willden <swillden@google.com>	Merge "Add keymaster2 HAL." am: 0c5612db38 am: 7b4766882d * commit '7b4766882d1a11a4b87570e7f0b83c5116a64f07': Add keymaster2 HAL.
cf30fe17fd6e367b43884a3091939fe6aa0ab603	22-Dec-2015	Shawn Willden <swillden@google.com>	Add keymaster2 HAL. Change-Id: Ibfcda30f33077f61e74701fa026983f9e72e140e /hardware/libhardware/include/hardware/keymaster_defs.h
20e4f8ea3b175ee4d73ef12cbc28d00185f16fc5	23-Nov-2015	Shawn Willden <swillden@google.com>	Merge "ECIES: adding ECIES-KEM" am: 3aa7935ef2 am: 7adb2d457c am: 2eef78d355 * commit '2eef78d355c62f3e1b5ec626a080a7e3f91257c9': ECIES: adding ECIES-KEM
40d59c8155ba3e47126993d96031ea088e45b22d	03-Apr-2015	Thai Duong <thaidn@google.com>	ECIES: adding ECIES-KEM Change-Id: Iea5877eba0a9b13610d3d1b33d04b5657edc3550 /hardware/libhardware/include/hardware/keymaster_defs.h
a3c0ae16ac1a9f7a8fced4b196d138cefa9462a5	12-Aug-2015	Chad Brubaker <cbrubaker@google.com>	Fix benign unsigned overflow On the last check of the conditional param_count-- causes an unsigned wrap around. This isn't incorrect but does lead to a false positive with fsanitize unsigned-integer-overflow Change-Id: If3eb7a9e248d0404a434de2ead70e8c099e84ddf /hardware/libhardware/include/hardware/keymaster_defs.h
70335f3d30cf32a6f0352b75430aa6474821399d	08-Jul-2015	Shawn Willden <swillden@google.com>	Correct keymaster1 documentation. Bug: 22291207 Change-Id: I130d2ab2110321dc2228d41a154750da3a3f0b75 /hardware/libhardware/include/hardware/keymaster_defs.h
a3f0ab55a73d4c21de9f34ec21f27a2609b568fd	08-Jul-2015	Shawn Willden <swillden@google.com>	Add KM_TAG_MIN_MAC_LENGTH. This allows the binding of minimum length for MACs or tags to HMAC keys and AEAD symmetric keys. Later attempts to use these keys with a shorter MAC or tag specification (provided to begin() with KM_TAG_MAC_LENGTH) will fail with KM_ERROR_INVALID_MAC_LENGTH. Bug: 22337277 Change-Id: Ic5292ce01bdd6ecde25aad115e4b407aadc85f23 /hardware/libhardware/include/hardware/keymaster_defs.h
fe6bcfa71d7f79029b5b44d5fe8d7f8a80a967b2	24-Jun-2015	Shawn Willden <swillden@google.com>	Revert "Revert "Rename keymaster tag types to clarify that integers are unsigned."" This reverts commit 1fb6c227deb04b66dc0fe947a7ebb027dde0ecda. Change-Id: Iccc8a7ff40a694b1e4420a5de4b847e62289ff42 /hardware/libhardware/include/hardware/keymaster_defs.h
1fb6c227deb04b66dc0fe947a7ebb027dde0ecda	24-Jun-2015	Shawn Willden <swillden@google.com>	Revert "Rename keymaster tag types to clarify that integers are unsigned." This reverts commit 335920edaec77b77eac09f7966c337cbed93aa17. Change-Id: Ib65f744b93ad2b62d5848dcf743397124a08911b /hardware/libhardware/include/hardware/keymaster_defs.h
335920edaec77b77eac09f7966c337cbed93aa17	24-Jun-2015	Shawn Willden <swillden@google.com>	Rename keymaster tag types to clarify that integers are unsigned. Bug: 22008538 Change-Id: I699a0f03aaf0f9f49a78b310763364fc2fb34c90 /hardware/libhardware/include/hardware/keymaster_defs.h
396d6cbce987deac076ac1a636d3f7282ec9338d	18-Jun-2015	Shawn Willden <swillden@google.com>	Add new error codes for rate-limit and max-use failures. Bug: 21607106 Change-Id: I2e5515efe51b84200ade8c4c4cc5db3800d4b658 /hardware/libhardware/include/hardware/keymaster_defs.h
7ac0c0f5ad1a7f5cc317b8f8d356edbb7f02ed24	18-Jun-2015	Shawn Willden <swillden@google.com>	Update comments on now-unsed user ID and app ID tags. I'd just remove them but Trusty keymaster has been generating keys with KM_TAG_ALL_USERS and KM_TAG_ALL_APPLICATIONS, so removing them without breaking those keys is tricky. Plus I think they may come back. Bug: 21845167 Change-Id: I3b807e3e4bee64eba72b7fa6f1ee1929c4ca9dd0 /hardware/libhardware/include/hardware/keymaster_defs.h
da89dde9787dfbd8c053119ab52d9e671106b18e	18-Jun-2015	Shawn Willden <swillden@google.com>	Remove KM_TAG_AEAD_TAG. Bug: 19919114 Change-Id: I06fdd0f9b8e247587d800031d3367078423baa50 /hardware/libhardware/include/hardware/keymaster_defs.h
7eaa15ffa65239e8f4f23d21ff1a6ed66ed9a13f	03-Jun-2015	Shawn Willden <swillden@google.com>	Fix extern "C" guards. Change-Id: Ibc8e023e3712903dbcbfac5fc64223e32775fe40 /hardware/libhardware/include/hardware/keymaster_defs.h
4144c64818fcb88905bc2632e3747be3681a1405	01-Jun-2015	Shawn Willden <swillden@google.com>	Remove KM_TAG_CHUNK_LENGTH and add KM_TAG_AEAD_TAG Bug: 19919114 Change-Id: I384f3d2fee2f68279c6518d9ac0a79e29bed0e52 /hardware/libhardware/include/hardware/keymaster_defs.h
4c19a3af3535eb3442ff7cc4235420baf16322b7	01-Jun-2015	Shawn Willden <swillden@google.com>	Fix block mode numbering (CTR got added as 4 rather than 3) Change-Id: I8c886c67ba081255ef18eb0f99ca1e6003fabb33 /hardware/libhardware/include/hardware/keymaster_defs.h
fb769fc3125d2939683f2f5bff2cf25816e5838c	11-May-2015	Shawn Willden <swillden@google.com>	Add KM_TAG_BOOTLOADER_ONLY. Change-Id: Ia507a1378487640683985dbce2e76679261900d3 (cherry picked from commit 3eed99a54b55a120c835de63b5872121b2fe98d1) /hardware/libhardware/include/hardware/keymaster_defs.h
9b31a49c3633895d9a2bf08ddb2ea73f8e8d0c64	11-May-2015	Shawn Willden <swillden@google.com>	Remove rescoping. Rescoping was never a very good solution to the problem of supporting multiple sets of authorizations for a given key material. For M we're removing it and in the future a better solution will be provided. Change-Id: I6f7585274487bd66e4d90e89014af41e9aa30411 (cherry picked from commit 7f10ab99fc63e99252d924b9e0bdfefef5374b40) /hardware/libhardware/include/hardware/keymaster_defs.h
4bdd7cbd47c7b89f6a47c3dbba648a3d95f9a45d	28-Apr-2015	Shawn Willden <swillden@google.com>	Add KM_ERROR_CALLER_NONCE_PROHIBITED error code. Bug: 20127433 Change-Id: I32eab62459003c526d3cf9ef108be7b2fd709960 /hardware/libhardware/include/hardware/keymaster_defs.h
d359b044830b292f492f8a8df5471f869e358399	13-Apr-2015	Shawn Willden <swillden@google.com>	Add KM_ORIGIN_UNKNOWN. This designates keys whose origin cannot be determined because the keymaster implementation is old and did not record it. Change-Id: I3c366d527ed211c59f6dc04ddb48f3e9b3a07c7d /hardware/libhardware/include/hardware/keymaster_defs.h
fe895d1bf7fa366f2ca0b0fdebb1be07339cbcd2	26-Feb-2015	Shawn Willden <swillden@google.com>	Make several key crypto parameters repeatable. Note that there's a pre-requisite to landing this CL: The Nexus 9 keystore.flounder.so must be modified to translate between new and old tag numbers when the TEE side is version 0. Bug: 19509156 Change-Id: Ic584d8a6bf5601f9754563b67b3cc6b3ca6b5ff9 /hardware/libhardware/include/hardware/keymaster_defs.h
8d6cf2594c9524205a6f5823378d1b983a1ad073	07-Apr-2015	Shawn Willden <swillden@google.com>	Simplify keymaster_key_origin_t. Change-Id: Iaba6156f238ea3bb1ad103b88ccea17344d296af /hardware/libhardware/include/hardware/keymaster_defs.h
cd640d125f389576f15af75101dd2b372e907aca	07-Apr-2015	Shawn Willden <swillden@google.com>	Reduce the list of keymaster key formats to the required set. Change-Id: I3a0830ab2066d4c16c084d19040ec98e520896d4 /hardware/libhardware/include/hardware/keymaster_defs.h
8412fdc42866b4d5c07370f06c2767a4cad5c23a	07-Apr-2015	Shawn Willden <swillden@google.com>	Reduce the list of keymaster padding modes to the required set. Change-Id: If04ffc8e92678f57e2b730f77c0fab195e1096c4 /hardware/libhardware/include/hardware/keymaster_defs.h
fe6c4f0633aa88c1cb84a46362cc74de1c4ddd1e	07-Apr-2015	Shawn Willden <swillden@google.com>	Reduce keymaster digest list to required set. Change-Id: Id5c660feb7e71ea76473523e3a86e1ba01f19c82 /hardware/libhardware/include/hardware/keymaster_defs.h
c7deedad047c6e5833daeaa2a73f25b77ba0b9eb	07-Apr-2015	Shawn Willden <swillden@google.com>	Reduce keymaster block modes to the required set. Change-Id: I8f804978208e2c8701bd52dc79b5597a307b7e7a /hardware/libhardware/include/hardware/keymaster_defs.h
e9797a740c913cff9152f89d04fd6fb360dda048	07-Apr-2015	Shawn Willden <swillden@google.com>	Reduce keymaster algorithm list to the required set. Change-Id: Ibffddc5c3a5c728182f5ca7f6a76381413fc8645 /hardware/libhardware/include/hardware/keymaster_defs.h
4719acae0218b38226b6479a400efdcbb3593f21	14-Mar-2015	Shawn Willden <swillden@google.com>	Add KM_TAG_USER_SECURE_ID. This tag identifies the user authorized to use the key. Unlike KM_TAG_USER_ID, its value does not reference the Linux-side user ID, but a secure-world user ID, generated and managed by secure-world authentication apps. Bug: 19511945 Change-Id: I629ab2c47ee6d42de20a963ef283e330364c8ee7 /hardware/libhardware/include/hardware/keymaster_defs.h
c51d01ed029458e8809eeb9c16f9ed2dbe755be4	19-Mar-2015	Shawn Willden <swillden@google.com>	Use extern "C" rather than BEGIN/END_DECLS. For compatibility with Trusty. I'll probably revert this later after I find a proper fix for Trusty. Change-Id: I49b4ae55251398eec2a6633e09bbc468f16a4d14 /hardware/libhardware/include/hardware/keymaster_defs.h
c3ab05c3c40311cdae88eed35dc8884ecb5b1fd9	14-Mar-2015	Shawn Willden <swillden@google.com>	Add KM_TAG_AUTH_TOKEN and corresponding auth token structure. We may want to put the auth token structure elsewhere; it's consumed by keymaster but produced by other components. Bug: 19511945 Change-Id: Id9a22ad32137f3e0380c2812f790bbecab511d11 /hardware/libhardware/include/hardware/keymaster_defs.h
ed94111cce5b3b6fff9833f99ea80f4ab7b37c04	12-Mar-2015	Shawn Willden <swillden@google.com>	Add error codes. Change-Id: I78cac1887fd41dd426e7d125a5f9c54e73188983 /hardware/libhardware/include/hardware/keymaster_defs.h
67411d6f5116c52c1b82330b6cd096974636db36	04-Mar-2015	Shawn Willden <swillden@google.com>	Add keymaster_key_param_compare function. This provides a reasonable ordering for params. Change-Id: I1e3b403070d9e7621cc55c03ff9876ea3bbc699f /hardware/libhardware/include/hardware/keymaster_defs.h
fd4b4d5a9b692bbeedc310f3bc970d849035f43d	24-Feb-2015	Shawn Willden <swillden@google.com>	Separate keymaster0 and keymaster1 HALs. For now the keymaster1 HAL still includes all of the keymaster0 entry points, and soft_keymaster_device will continue to implement them. In the near future the keymaster0 entry points will be removed, as soon as we can ensure that keystore no longer needs them. Change-Id: I5c54282c12d1c4b8b22ed4929b6e6c724a94ede4 /hardware/libhardware/include/hardware/keymaster_defs.h
340d0b12c5446f1d8c38209780fb00c205289d37	21-Feb-2015	Alex Klyubin <klyubin@google.com>	Clarify the meaning of KM_TAG_MAC_LENGTH. Change-Id: I18478923059783e955613142a8d3352f98f5d7b0 /hardware/libhardware/include/hardware/keymaster_defs.h
0e5fca1ca4777f5f5d5fa8bd0de139e42077881b	18-Feb-2015	Shawn Willden <swillden@google.com>	Merge changes Id4bdfdcb,Ib94f3606 * changes: Added insecure (chunkless) AEAD option. Add additional param lists to update and finish.
892ae44c5f805f6ac64e6e756964c79998411742	18-Feb-2015	Shawn Willden <swillden@google.com>	Merge "Rename KM_TAG_ADDITIONAL_DATA to KM_TAG_ASSOCIATED_DATA"
f883b988e7fa3b750c5a4b0ed8b53ce999ca3842	13-Feb-2015	Chad Brubaker <cbrubaker@google.com>	Add explicit values to keymaster_key_format_t Change-Id: I4113286396b16ca687fbd8bc38b2f16063fc1024 /hardware/libhardware/include/hardware/keymaster_defs.h
79d79346843e03e390ccc61787959ab9e59edf0f	10-Feb-2015	Shawn Willden <swillden@google.com>	Added insecure (chunkless) AEAD option. Also moved chunk length specification to operation parameter rather than keygen parameter. Change-Id: Id4bdfdcb1c7b64b3f22b4027e037e37c2860ec39 /hardware/libhardware/include/hardware/keymaster_defs.h
67ba9e8144ba65ef6fe55bf8211530f2a55b320c	07-Feb-2015	Shawn Willden <swillden@google.com>	Rename KM_TAG_ADDITIONAL_DATA to KM_TAG_ASSOCIATED_DATA Change-Id: Ieddd706ee205100719f7e2f9e18b3d9b07c37669 /hardware/libhardware/include/hardware/keymaster_defs.h
e1b7636ca1c60b766a195ad20b3e2957f1edb375	03-Feb-2015	Shawn Willden <swillden@google.com>	Add raw key format, for symmetric key import. Change-Id: I38700cdafcf1f244584d6e88f8d9540c70a7de56 /hardware/libhardware/include/hardware/keymaster_defs.h
f7745ac27e45cb3935f66d7b26ce46e952032893	03-Feb-2015	Shawn Willden <swillden@google.com>	Remove "required" label from DSA algorithm. Change-Id: I088e6094ec56f434356d11ab2032b1a5b1223334 /hardware/libhardware/include/hardware/keymaster_defs.h
41e91e9fa3ac011ade869238f3ce0b3f3ce1e025	30-Jan-2015	Shawn Willden <swillden@google.com>	Add tag to allow caller-specified nonce. Change-Id: I7c3c5bd5f26a4d465554c998f673e0ee2ab8b86e /hardware/libhardware/include/hardware/keymaster_defs.h
6b424bea8074c997745b3758f8fde0ef925e3218	26-Jan-2015	Shawn Willden <swillden@google.com>	Rename KM_ERROR_UNSUPPORTED_TAG_LENGTH to KM_ERROR_UNSUPPORTED_MAC_LENGTH. Change-Id: I514a136b5cbdb1ab1df67d44a22d68a09427a711 /hardware/libhardware/include/hardware/keymaster_defs.h
dc0007bdb41f4ed49bc7a6e30908967cea503bf7	23-Jan-2015	Shawn Willden <swillden@google.com>	Change per-boot tag and remove rescope auth timeout tag. Change the boolean KM_TAG_SINGLE_USE_PER_BOOT to an integer-valued KM_TAG_USES_PER_BOOT. This makes it more flexible without changing implementation complexity. Remove KM_TAG_RESCOPE_AUTH_TIMEOUT because there's no clear use case and it seems unnecessarily complex. Change-Id: Iad1512f5cc80f517e5ea7622288179c162bed2ad /hardware/libhardware/include/hardware/keymaster_defs.h
9d645a003b0d77462a5f9696a238aacc32580f07	12-Jun-2014	Shawn Willden <swillden@google.com>	Define keymaster HAL v0.4. Change-Id: I040412443bbbe25bce3d44759d710b78eac36caa /hardware/libhardware/include/hardware/keymaster_defs.h