Loading security/keymint/aidl/android/hardware/security/keymint/Tag.aidl +5 −4 Original line number Original line Diff line number Diff line Loading @@ -974,8 +974,8 @@ enum Tag { * time in milliseconds. This value is used when generating attestation or self signed * time in milliseconds. This value is used when generating attestation or self signed * certificates. ErrorCode::MISSING_NOT_BEFORE must be returned if this tag is not provided if * certificates. ErrorCode::MISSING_NOT_BEFORE must be returned if this tag is not provided if * this tag is not provided to generateKey or importKey. For importWrappedKey, there is no way * this tag is not provided to generateKey or importKey. For importWrappedKey, there is no way * to specify the value of this tag for the wrapped key, so a value of 0 must be used for * to specify the value of this tag for a wrapped asymmetric key, so a value of 0 is suggested * certificate generation. * for certificate generation. */ */ CERTIFICATE_NOT_BEFORE = TagType.DATE | 1008, CERTIFICATE_NOT_BEFORE = TagType.DATE | 1008, Loading @@ -983,8 +983,9 @@ enum Tag { * Tag::CERTIFICATE_NOT_AFTER the end of the validity of the certificate in UNIX epoch time in * Tag::CERTIFICATE_NOT_AFTER the end of the validity of the certificate in UNIX epoch time in * milliseconds. This value is used when generating attestation or self signed certificates. * milliseconds. This value is used when generating attestation or self signed certificates. * ErrorCode::MISSING_NOT_AFTER must be returned if this tag is not provided to generateKey or * ErrorCode::MISSING_NOT_AFTER must be returned if this tag is not provided to generateKey or * importKey. For importWrappedKey, there is no way to specify the value of this tag for the * importKey. For importWrappedKey, there is no way to specify the value of this tag for a * wrapped key, so a value of 253402300799000 is used for certificate generation. * wrapped asymmetric key, so a value of 253402300799000 is suggested for certificate * generation. */ */ CERTIFICATE_NOT_AFTER = TagType.DATE | 1009, CERTIFICATE_NOT_AFTER = TagType.DATE | 1009, Loading security/keymint/aidl/vts/functional/KeyMintTest.cpp +5 −5 Original line number Original line Diff line number Diff line Loading @@ -4123,13 +4123,13 @@ TEST_P(ImportKeyTest, EcdsaSuccess) { * when the EC_CURVE is not explicitly specified. * when the EC_CURVE is not explicitly specified. */ */ TEST_P(ImportKeyTest, EcdsaSuccessCurveNotSpecified) { TEST_P(ImportKeyTest, EcdsaSuccessCurveNotSpecified) { if (AidlVersion() < 4) { if (get_vsr_api_level() < __ANDROID_API_V__) { /* /* * The KeyMint spec before V4 was not clear as to whether EC_CURVE was optional on import of * The KeyMint spec was previously not clear as to whether EC_CURVE was optional on import * EC keys. However, this was not checked at the time so we can only be strict about * of EC keys. However, this was not checked at the time so we can only be strict about * checking this for implementations of KeyMint version 4 and above. * checking this for implementations at VSR-V or later. */ */ GTEST_SKIP() << "Skipping EC_CURVE on import only strict since KeyMint v4"; GTEST_SKIP() << "Skipping EC_CURVE on import only strict >= VSR-V"; } } ASSERT_EQ(ErrorCode::OK, ImportKey(AuthorizationSetBuilder() ASSERT_EQ(ErrorCode::OK, ImportKey(AuthorizationSetBuilder() Loading Loading
security/keymint/aidl/android/hardware/security/keymint/Tag.aidl +5 −4 Original line number Original line Diff line number Diff line Loading @@ -974,8 +974,8 @@ enum Tag { * time in milliseconds. This value is used when generating attestation or self signed * time in milliseconds. This value is used when generating attestation or self signed * certificates. ErrorCode::MISSING_NOT_BEFORE must be returned if this tag is not provided if * certificates. ErrorCode::MISSING_NOT_BEFORE must be returned if this tag is not provided if * this tag is not provided to generateKey or importKey. For importWrappedKey, there is no way * this tag is not provided to generateKey or importKey. For importWrappedKey, there is no way * to specify the value of this tag for the wrapped key, so a value of 0 must be used for * to specify the value of this tag for a wrapped asymmetric key, so a value of 0 is suggested * certificate generation. * for certificate generation. */ */ CERTIFICATE_NOT_BEFORE = TagType.DATE | 1008, CERTIFICATE_NOT_BEFORE = TagType.DATE | 1008, Loading @@ -983,8 +983,9 @@ enum Tag { * Tag::CERTIFICATE_NOT_AFTER the end of the validity of the certificate in UNIX epoch time in * Tag::CERTIFICATE_NOT_AFTER the end of the validity of the certificate in UNIX epoch time in * milliseconds. This value is used when generating attestation or self signed certificates. * milliseconds. This value is used when generating attestation or self signed certificates. * ErrorCode::MISSING_NOT_AFTER must be returned if this tag is not provided to generateKey or * ErrorCode::MISSING_NOT_AFTER must be returned if this tag is not provided to generateKey or * importKey. For importWrappedKey, there is no way to specify the value of this tag for the * importKey. For importWrappedKey, there is no way to specify the value of this tag for a * wrapped key, so a value of 253402300799000 is used for certificate generation. * wrapped asymmetric key, so a value of 253402300799000 is suggested for certificate * generation. */ */ CERTIFICATE_NOT_AFTER = TagType.DATE | 1009, CERTIFICATE_NOT_AFTER = TagType.DATE | 1009, Loading
security/keymint/aidl/vts/functional/KeyMintTest.cpp +5 −5 Original line number Original line Diff line number Diff line Loading @@ -4123,13 +4123,13 @@ TEST_P(ImportKeyTest, EcdsaSuccess) { * when the EC_CURVE is not explicitly specified. * when the EC_CURVE is not explicitly specified. */ */ TEST_P(ImportKeyTest, EcdsaSuccessCurveNotSpecified) { TEST_P(ImportKeyTest, EcdsaSuccessCurveNotSpecified) { if (AidlVersion() < 4) { if (get_vsr_api_level() < __ANDROID_API_V__) { /* /* * The KeyMint spec before V4 was not clear as to whether EC_CURVE was optional on import of * The KeyMint spec was previously not clear as to whether EC_CURVE was optional on import * EC keys. However, this was not checked at the time so we can only be strict about * of EC keys. However, this was not checked at the time so we can only be strict about * checking this for implementations of KeyMint version 4 and above. * checking this for implementations at VSR-V or later. */ */ GTEST_SKIP() << "Skipping EC_CURVE on import only strict since KeyMint v4"; GTEST_SKIP() << "Skipping EC_CURVE on import only strict >= VSR-V"; } } ASSERT_EQ(ErrorCode::OK, ImportKey(AuthorizationSetBuilder() ASSERT_EQ(ErrorCode::OK, ImportKey(AuthorizationSetBuilder() Loading
