Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 744a3711 authored by Shawn Willden's avatar Shawn Willden Committed by Steven Moreland
Browse files

Correct IKeymasterDevice documentation. 

Bug: 129931913
Bug: 130144003
Test: ./update-makefiles.sh (checks hashes)
Change-Id: Ia8101f8410a728b28653416300c1a3eb480eb469
parent 8e0b1c09

current.txt

+1 −1
Original line number Diff line number Diff line
@@ -475,4 +475,4 @@ d8e7717e8187dd7453d4142f8f331e7c325e7a6f9e8d44ac0d52b3be502bfe83 android.hardwar 
b53ac9d61c24efb16a2d63a861cef20680f6d57adb244a03b9778c675550628b android.hardware.secure_element@1.1::ISecureElementHalCallback



# ABI preserving changes to HALs during Android R

# none yet
 
b69a7615c508acf5c5201efd1bfa3262167874fc3594e2db5a3ff93addd8ac75 android.hardware.keymaster@4.0::IKeymasterDevice

keymaster/4.0/IKeymasterDevice.hal

+7 −9
Original line number Diff line number Diff line
@@ -624,7 +624,7 @@ interface IKeymasterDevice { 
    /**

     * Exports a public key, returning the key in the specified format.

     *

     * @parm keyFormat The format used for export.  See KeyFormat in types.hal.

     * @parm keyFormat The format used for export.  Must be KeyFormat::X509.

     *

     * @param keyBlob The opaque descriptor returned by generateKey() or importKey().  The

     *        referenced key must be asymmetric.
@@ -639,7 +639,7 @@ interface IKeymasterDevice { 
     *        value, it must be computationally infeasible for the secure hardware to obtain the key

     *        material.

     *

     * @return keyMaterial The public key material in PKCS#8 format.

     * @return keyMaterial The public key material in X.509 format.

     */

    exportKey(KeyFormat keyFormat, vec<uint8_t> keyBlob, vec<uint8_t> clientId,

              vec<uint8_t> appData) generates (ErrorCode error, vec<uint8_t> keyMaterial);
@@ -1005,13 +1005,11 @@ interface IKeymasterDevice { 
     *

     * -- EC Keys --

     *

     * EC key operations must specify exactly one padding mode in inParams.  If unspecified or

     * specified more than once, begin() must return ErrorCode::UNSUPPORTED_PADDING_MODE.

     *

     * Private key operations (KeyPurpose::SIGN) need authorization of digest and padding, which

     * means that the key authorizations must contain the specified values.  If not, begin() must

     * return ErrorCode::INCOMPATIBLE_DIGEST.  Public key operations (KeyPurpose::VERIFY) are

     * permitted with unauthorized digest or padding.

     * EC private key operations must specify exactly one digest in inParams.  If unspecified or

     * specified more than once, begin() must return ErrorCode::UNSUPPORTED_DIGEST.  For private key

     * operations, (KeyPurpose::SIGN), if the specified digest is not in the key's authorization

     * list, begin() must return ErrorCode::INCOMPATIBLE_DIGEST.  Public key operations

     * (KeyPurpose::VERIFY) are permitted with unauthorized digest.

     *

     * -- AES Keys --

     *