Merge "KeyMint HAL: clarify spec text" am: 17a0526b am: 57524602

     *   must return ErrorCode::INVALID_ARGUMENT.  The values 3 and 65537 must be supported.  It is

     *   must return ErrorCode::INVALID_ARGUMENT.  The values 3 and 65537 must be supported.  It is

     *   recommended to support all prime values up to 2^64.

     *   recommended to support all prime values up to 2^64.

     *

     *

     * o Tag::CERTIFICATE_NOT_BEFORE and Tag::CERTIFICATE_NOT_AFTER specify the valid date range for

     *   the returned X.509 certificate holding the public key. If omitted, generateKey must return

     *   ErrorCode::MISSING_NOT_BEFORE or ErrorCode::MISSING_NOT_AFTER.

     *

     * The following parameters are not necessary to generate a usable RSA key, but generateKey must

     * The following parameters are not necessary to generate a usable RSA key, but generateKey must

     * not return an error if they are omitted:

     * not return an error if they are omitted:

     *

     *

     * Tag::EC_CURVE must be provided to generate an ECDSA key.  If it is not provided, generateKey

     * Tag::EC_CURVE must be provided to generate an ECDSA key.  If it is not provided, generateKey

     * must return ErrorCode::UNSUPPORTED_KEY_SIZE. TEE IKeyMintDevice implementations must support

     * must return ErrorCode::UNSUPPORTED_KEY_SIZE. TEE IKeyMintDevice implementations must support

     * all curves.  StrongBox implementations must support P_256.

     * all curves.  StrongBox implementations must support P_256.

     * Tag::CERTIFICATE_NOT_BEFORE and Tag::CERTIFICATE_NOT_AFTER must be provided to specify the

     * valid date range for the returned X.509 certificate holding the public key. If omitted,

     * generateKey must return ErrorCode::MISSING_NOT_BEFORE or ErrorCode::MISSING_NOT_AFTER.

     *

     *

     * == AES Keys ==

     * == AES Keys ==

     *

     *

    /**

    /**

     * Tag::TRUSTED_CONFIRMATION_REQUIRED is only applicable to keys with KeyPurpose SIGN, and

     * Tag::TRUSTED_CONFIRMATION_REQUIRED is only applicable to keys with KeyPurpose SIGN, and

     * specifies that this key must not be usable unless the user provides confirmation of the data

     * specifies that this key must not be usable unless the user provides confirmation of the data

     *  to be signed.  Confirmation is proven to keyMint via an approval token.  See

     * to be signed.  Confirmation is proven to keyMint via an approval token.  See the authToken

     *  CONFIRMATION_TOKEN, as well as the ConfirmationUI HAL.

     * parameter of begin(), as well as the ConfirmationUI HAL.

     *

     *

     * If an attempt to use a key with this tag does not have a cryptographically valid

     * If an attempt to use a key with this tag does not have a cryptographically valid

     * CONFIRMATION_TOKEN provided to finish() or if the data provided to update()/finish() does not

     * token provided to finish() or if the data provided to update()/finish() does not

     * match the data described in the token, keyMint must return NO_USER_CONFIRMATION.

     * match the data described in the token, keyMint must return NO_USER_CONFIRMATION.

     *

     *

     * Must be hardware-enforced.

     * Must be hardware-enforced.

    /**

    /**

     * Tag::UNLOCKED_DEVICE_REQUIRED specifies that the key may only be used when the device is

     * Tag::UNLOCKED_DEVICE_REQUIRED specifies that the key may only be used when the device is

     * unlocked.

     * unlocked, as reported to KeyMint via authToken operation parameter and the

     * IKeyMintDevice::deviceLocked() method

     *

     *

     * Must be software-enforced.

     * Must be hardware-enforced (but is also keystore-enforced on a per-user basis: see the

     * deviceLocked() documentation).

     */

     */

    UNLOCKED_DEVICE_REQUIRED = TagType.BOOL | 509,

    UNLOCKED_DEVICE_REQUIRED = TagType.BOOL | 509,

     *

     *

     * STORAGE_KEY is used to denote that a key generated or imported is a key used for storage

     * STORAGE_KEY is used to denote that a key generated or imported is a key used for storage

     * encryption. Keys of this type can either be generated or imported or secure imported using

     * encryption. Keys of this type can either be generated or imported or secure imported using

     * keyMint. exportKey() can be used to re-wrap storage key with a per-boot ephemeral key

     * keyMint. The convertStorageKeyToEphemeral() method of IKeyMintDevice can be used to re-wrap

     * wrapped key once the key characteristics are enforced.

     * storage key with a per-boot ephemeral key wrapped key once the key characteristics are

     * enforced.

     *

     *

     * Keys with this tag cannot be used for any operation within keyMint.

     * Keys with this tag cannot be used for any operation within keyMint.

     * ErrorCode::INVALID_OPERATION is returned when a key with Tag::STORAGE_KEY is provided to

     * ErrorCode::INVALID_OPERATION is returned when a key with Tag::STORAGE_KEY is provided to

    RESET_SINCE_ID_ROTATION = TagType.BOOL | 1004,

    RESET_SINCE_ID_ROTATION = TagType.BOOL | 1004,

    /**

    /**

     * Tag::CONFIRMATION_TOKEN is used to deliver a cryptographic token proving that the user

     * OBSOLETE: Do not use. See the authToken parameter for IKeyMintDevice::begin and for

     * confirmed a signing request.  The content is a full-length HMAC-SHA256 value.  See the

     * IKeyMintOperation methods instead.

     * ConfirmationUI HAL for details of token computation.

     *

     *

     * Must never appear in KeyCharacteristics.

     * TODO(b/191738660): Delete when keystore1 is deleted.

     */

     */

    CONFIRMATION_TOKEN = TagType.BYTES | 1005,

    CONFIRMATION_TOKEN = TagType.BYTES | 1005,