Loading keymaster/4.0/IKeymasterDevice.hal +20 −2 Original line number Diff line number Diff line Loading @@ -274,6 +274,23 @@ interface IKeymasterDevice { * @param maskingKey The 32-byte value XOR'd with the transport key in the SecureWrappedKey * structure. * * @param unwrappingParams must contain any parameters needed to perform the unwrapping * operation. For example, if the wrapping key is an AES key the block and padding modes * must be specified in this argument. * * @param passwordSid specifies the password secure ID (SID) of the user that owns the key being * installed. If the authorization list in wrappedKeyData contains a Tag::USER_SECURE_ID * with a value that has the HardwareAuthenticatorType::PASSWORD bit set, the constructed * key must be bound to the SID value provided by this argument. If the wrappedKeyData * does not contain such a tag and value, this argument must be ignored. * * @param biometricSid specifies the biometric secure ID (SID) of the user that owns the key * being installed. If the authorization list in wrappedKeyData contains a * Tag::USER_SECURE_ID with a value that has the HardwareAuthenticatorType::FINGERPRINT * bit set, the constructed key must be bound to the SID value provided by this argument. * If the wrappedKeyData does not contain such a tag and value, this argument must be * ignored. * * @return error See the ErrorCode enum. * * @return keyBlob Opaque descriptor of the imported key. It is recommended that the keyBlob Loading @@ -281,7 +298,8 @@ interface IKeymasterDevice { * hardware. */ importWrappedKey(vec<uint8_t> wrappedKeyData, vec<uint8_t> wrappingKeyBlob, vec<uint8_t> maskingKey) vec<uint8_t> maskingKey, vec<KeyParameter> unwrappingParams, uint64_t passwordSid, uint64_t biometricSid) generates(ErrorCode error, vec<uint8_t> keyBlob, KeyCharacteristics keyCharacteristics); /** Loading keymaster/4.0/support/include/keymasterV4_0/Keymaster3.h +6 −2 Original line number Diff line number Diff line Loading @@ -74,8 +74,12 @@ class Keymaster3 : public Keymaster { Return<void> importKey(const hidl_vec<KeyParameter>& params, KeyFormat keyFormat, const hidl_vec<uint8_t>& keyData, importKey_cb _hidl_cb) override; Return<void> importWrappedKey(const hidl_vec<uint8_t>&, const hidl_vec<uint8_t>&, const hidl_vec<uint8_t>&, importWrappedKey_cb _hidl_cb) { Return<void> importWrappedKey(const hidl_vec<uint8_t>& /* wrappedKeyData */, const hidl_vec<uint8_t>& /* wrappingKeyBlob */, const hidl_vec<uint8_t>& /* maskingKey */, const hidl_vec<KeyParameter>& /* unwrappingParams */, uint64_t /* passwordSid */, uint64_t /* biometricSid */, importWrappedKey_cb _hidl_cb) { _hidl_cb(ErrorCode::UNIMPLEMENTED, {}, {}); return Void(); } Loading keymaster/4.0/support/include/keymasterV4_0/Keymaster4.h +4 −1 Original line number Diff line number Diff line Loading @@ -81,8 +81,11 @@ class Keymaster4 : public Keymaster { Return<void> importWrappedKey(const hidl_vec<uint8_t>& wrappedKeyData, const hidl_vec<uint8_t>& wrappingKeyBlob, const hidl_vec<uint8_t>& maskingKey, const hidl_vec<KeyParameter>& unwrappingParams, uint64_t passwordSid, uint64_t biometricSid, importWrappedKey_cb _hidl_cb) { return dev_->importWrappedKey(wrappedKeyData, wrappingKeyBlob, maskingKey, _hidl_cb); return dev_->importWrappedKey(wrappedKeyData, wrappingKeyBlob, maskingKey, unwrappingParams, passwordSid, biometricSid, _hidl_cb); } Return<void> exportKey(KeyFormat exportFormat, const hidl_vec<uint8_t>& keyBlob, Loading keymaster/4.0/vts/functional/KeymasterHidlTest.cpp +4 −1 Original line number Diff line number Diff line Loading @@ -137,11 +137,14 @@ ErrorCode KeymasterHidlTest::ImportKey(const AuthorizationSet& key_desc, KeyForm ErrorCode KeymasterHidlTest::ImportWrappedKey(string wrapped_key, string wrapping_key, const AuthorizationSet& wrapping_key_desc, string masking_key) { string masking_key, const AuthorizationSet& unwrapping_params) { ErrorCode error; ImportKey(wrapping_key_desc, KeyFormat::PKCS8, wrapping_key); EXPECT_TRUE(keymaster_ ->importWrappedKey(HidlBuf(wrapped_key), key_blob_, HidlBuf(masking_key), unwrapping_params.hidl_data(), 0 /* passwordSid */, 0 /* biometricSid */, [&](ErrorCode hidl_error, const HidlBuf& hidl_key_blob, const KeyCharacteristics& hidl_key_characteristics) { error = hidl_error; Loading keymaster/4.0/vts/functional/KeymasterHidlTest.h +2 −1 Original line number Diff line number Diff line Loading @@ -116,7 +116,8 @@ class KeymasterHidlTest : public ::testing::VtsHalHidlTargetTestBase { const string& key_material); ErrorCode ImportWrappedKey(string wrapped_key, string wrapping_key, const AuthorizationSet& wrapping_key_desc, string masking_key); const AuthorizationSet& wrapping_key_desc, string masking_key, const AuthorizationSet& unwrapping_params); ErrorCode ExportKey(KeyFormat format, const HidlBuf& key_blob, const HidlBuf& client_id, const HidlBuf& app_data, HidlBuf* key_material); Loading Loading
keymaster/4.0/IKeymasterDevice.hal +20 −2 Original line number Diff line number Diff line Loading @@ -274,6 +274,23 @@ interface IKeymasterDevice { * @param maskingKey The 32-byte value XOR'd with the transport key in the SecureWrappedKey * structure. * * @param unwrappingParams must contain any parameters needed to perform the unwrapping * operation. For example, if the wrapping key is an AES key the block and padding modes * must be specified in this argument. * * @param passwordSid specifies the password secure ID (SID) of the user that owns the key being * installed. If the authorization list in wrappedKeyData contains a Tag::USER_SECURE_ID * with a value that has the HardwareAuthenticatorType::PASSWORD bit set, the constructed * key must be bound to the SID value provided by this argument. If the wrappedKeyData * does not contain such a tag and value, this argument must be ignored. * * @param biometricSid specifies the biometric secure ID (SID) of the user that owns the key * being installed. If the authorization list in wrappedKeyData contains a * Tag::USER_SECURE_ID with a value that has the HardwareAuthenticatorType::FINGERPRINT * bit set, the constructed key must be bound to the SID value provided by this argument. * If the wrappedKeyData does not contain such a tag and value, this argument must be * ignored. * * @return error See the ErrorCode enum. * * @return keyBlob Opaque descriptor of the imported key. It is recommended that the keyBlob Loading @@ -281,7 +298,8 @@ interface IKeymasterDevice { * hardware. */ importWrappedKey(vec<uint8_t> wrappedKeyData, vec<uint8_t> wrappingKeyBlob, vec<uint8_t> maskingKey) vec<uint8_t> maskingKey, vec<KeyParameter> unwrappingParams, uint64_t passwordSid, uint64_t biometricSid) generates(ErrorCode error, vec<uint8_t> keyBlob, KeyCharacteristics keyCharacteristics); /** Loading
keymaster/4.0/support/include/keymasterV4_0/Keymaster3.h +6 −2 Original line number Diff line number Diff line Loading @@ -74,8 +74,12 @@ class Keymaster3 : public Keymaster { Return<void> importKey(const hidl_vec<KeyParameter>& params, KeyFormat keyFormat, const hidl_vec<uint8_t>& keyData, importKey_cb _hidl_cb) override; Return<void> importWrappedKey(const hidl_vec<uint8_t>&, const hidl_vec<uint8_t>&, const hidl_vec<uint8_t>&, importWrappedKey_cb _hidl_cb) { Return<void> importWrappedKey(const hidl_vec<uint8_t>& /* wrappedKeyData */, const hidl_vec<uint8_t>& /* wrappingKeyBlob */, const hidl_vec<uint8_t>& /* maskingKey */, const hidl_vec<KeyParameter>& /* unwrappingParams */, uint64_t /* passwordSid */, uint64_t /* biometricSid */, importWrappedKey_cb _hidl_cb) { _hidl_cb(ErrorCode::UNIMPLEMENTED, {}, {}); return Void(); } Loading
keymaster/4.0/support/include/keymasterV4_0/Keymaster4.h +4 −1 Original line number Diff line number Diff line Loading @@ -81,8 +81,11 @@ class Keymaster4 : public Keymaster { Return<void> importWrappedKey(const hidl_vec<uint8_t>& wrappedKeyData, const hidl_vec<uint8_t>& wrappingKeyBlob, const hidl_vec<uint8_t>& maskingKey, const hidl_vec<KeyParameter>& unwrappingParams, uint64_t passwordSid, uint64_t biometricSid, importWrappedKey_cb _hidl_cb) { return dev_->importWrappedKey(wrappedKeyData, wrappingKeyBlob, maskingKey, _hidl_cb); return dev_->importWrappedKey(wrappedKeyData, wrappingKeyBlob, maskingKey, unwrappingParams, passwordSid, biometricSid, _hidl_cb); } Return<void> exportKey(KeyFormat exportFormat, const hidl_vec<uint8_t>& keyBlob, Loading
keymaster/4.0/vts/functional/KeymasterHidlTest.cpp +4 −1 Original line number Diff line number Diff line Loading @@ -137,11 +137,14 @@ ErrorCode KeymasterHidlTest::ImportKey(const AuthorizationSet& key_desc, KeyForm ErrorCode KeymasterHidlTest::ImportWrappedKey(string wrapped_key, string wrapping_key, const AuthorizationSet& wrapping_key_desc, string masking_key) { string masking_key, const AuthorizationSet& unwrapping_params) { ErrorCode error; ImportKey(wrapping_key_desc, KeyFormat::PKCS8, wrapping_key); EXPECT_TRUE(keymaster_ ->importWrappedKey(HidlBuf(wrapped_key), key_blob_, HidlBuf(masking_key), unwrapping_params.hidl_data(), 0 /* passwordSid */, 0 /* biometricSid */, [&](ErrorCode hidl_error, const HidlBuf& hidl_key_blob, const KeyCharacteristics& hidl_key_characteristics) { error = hidl_error; Loading
keymaster/4.0/vts/functional/KeymasterHidlTest.h +2 −1 Original line number Diff line number Diff line Loading @@ -116,7 +116,8 @@ class KeymasterHidlTest : public ::testing::VtsHalHidlTargetTestBase { const string& key_material); ErrorCode ImportWrappedKey(string wrapped_key, string wrapping_key, const AuthorizationSet& wrapping_key_desc, string masking_key); const AuthorizationSet& wrapping_key_desc, string masking_key, const AuthorizationSet& unwrapping_params); ErrorCode ExportKey(KeyFormat format, const HidlBuf& key_blob, const HidlBuf& client_id, const HidlBuf& app_data, HidlBuf* key_material); Loading
