Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit dd9d98c3 authored by Treehugger Robot's avatar Treehugger Robot Committed by Gerrit Code Review
Browse files

Merge "Move tag type comments where they belong."

parents 5fb746bc 09b5826c
Loading
Loading
Loading
Loading
+59 −60
Original line number Diff line number Diff line
@@ -46,7 +46,7 @@ enum Tag {
     *
     * Must be hardware-enforced.
     */
    PURPOSE = (2 << 28) | 1, /* TagType:ENUM_REP */
    PURPOSE = (2 << 28) /* TagType:ENUM_REP */ | 1,

    /**
     * Tag::ALGORITHM specifies the cryptographic algorithm with which the key is used.  This tag
@@ -55,7 +55,7 @@ enum Tag {
     *
     * Must be hardware-enforced.
     */
    ALGORITHM = (1 << 28) | 2, /* TagType:ENUM */
    ALGORITHM = (1 << 28) /* TagType:ENUM */ | 2,

    /**
     * Tag::KEY_SIZE pecifies the size, in bits, of the key, measuring in the normal way for the
@@ -67,7 +67,7 @@ enum Tag {
     *
     * Must be hardware-enforced.
     */
    KEY_SIZE = (3 << 28) | 3, /* TagType:UINT */
    KEY_SIZE = (3 << 28) /* TagType:UINT */ | 3,

    /**
     * Tag::BLOCK_MODE specifies the block cipher mode(s) with which the key may be used.  This tag
@@ -80,8 +80,8 @@ enum Tag {
     *
     * Must be hardware-enforced.
     */
    BLOCK_MODE = (2 << 28) | 4,
    /* BlockMode. */ /* TagType:ENUM_REP */
    BLOCK_MODE = (2 << 28) /* TagType:ENUM_REP */ | 4,


    /**
     * Tag::DIGEST specifies the digest algorithms that may be used with the key to perform signing
@@ -95,7 +95,7 @@ enum Tag {
     *
     * Must be hardware-enforced.
     */
    DIGEST = (2 << 28) | 5, /* TagType:ENUM_REP */
    DIGEST = (2 << 28) /* TagType:ENUM_REP */ | 5,

    /**
     * Tag::PADDING specifies the padding modes that may be used with the key.  This tag is relevant
@@ -123,7 +123,7 @@ enum Tag {
     *
     * Must be hardware-enforced.
     */
    PADDING = (2 << 28) | 6, /* TagType:ENUM_REP */
    PADDING = (2 << 28) /* TagType:ENUM_REP */ | 6,

    /**
     * Tag::CALLER_NONCE specifies that the caller can provide a nonce for nonce-requiring
@@ -136,7 +136,7 @@ enum Tag {
     *
     * Must be hardware-enforced.
     */
    CALLER_NONCE = (7 << 28) | 7, /* TagType:BOOL */
    CALLER_NONCE = (7 << 28) /* TagType:BOOL */ | 7,

    /**
     * Tag::MIN_MAC_LENGTH specifies the minimum length of MAC that can be requested or verified
@@ -149,7 +149,7 @@ enum Tag {
     *
     * Must be hardware-enforced.
     */
    MIN_MAC_LENGTH = (3 << 28) | 8, /* TagType:UINT */
    MIN_MAC_LENGTH = (3 << 28) /* TagType:UINT */ | 8,

    // Tag 9 reserved

@@ -160,7 +160,7 @@ enum Tag {
     *
     * Must be hardware-enforced.
     */
    EC_CURVE = (1 << 28) | 10, /* TagType:ENUM */
    EC_CURVE = (1 << 28) /* TagType:ENUM */ | 10,

    /**
     * Tag::RSA_PUBLIC_EXPONENT specifies the value of the public exponent for an RSA key pair.
@@ -174,7 +174,7 @@ enum Tag {
     *
     * Must be hardware-enforced.
     */
    RSA_PUBLIC_EXPONENT = (5 << 28) | 200, /* TagType:ULONG */
    RSA_PUBLIC_EXPONENT = (5 << 28) /* TagType:ULONG */ | 200,

    // Tag 201 reserved

@@ -185,7 +185,7 @@ enum Tag {
     *
     * Must be hardware-enforced.
     */
    INCLUDE_UNIQUE_ID = (7 << 28) | 202, /* TagType:BOOL */
    INCLUDE_UNIQUE_ID = (7 << 28) /* TagType:BOOL */ | 202,

    /**
     * TODO(seleneh) this tag needs to be deleted from all codes.
@@ -202,7 +202,7 @@ enum Tag {
     *
     * Must be hardware-enforced.
     */
    BLOB_USAGE_REQUIREMENTS = (1 << 28) | 301, /* TagType:ENUM */
    BLOB_USAGE_REQUIREMENTS = (1 << 28) /* TagType:ENUM */ | 301,

    /**
     * Tag::BOOTLOADER_ONLY specifies only the bootloader can use the key.
@@ -212,7 +212,7 @@ enum Tag {
     *
     * Must be hardware-enforced.
     */
    BOOTLOADER_ONLY = (7 << 28) | 302, /* TagType:BOOL */
    BOOTLOADER_ONLY = (7 << 28) /* TagType:BOOL */ | 302,

    /**
     * Tag::ROLLBACK_RESISTANCE specifies that the key has rollback resistance, meaning that when
@@ -227,16 +227,16 @@ enum Tag {
     *
     * Must be hardwared-enforced.
     */
    ROLLBACK_RESISTANCE = (7 << 28) | 303, /* TagType:BOOL */
    ROLLBACK_RESISTANCE = (7 << 28) /* TagType:BOOL */ | 303,

    // Reserved for future use.
    HARDWARE_TYPE = (1 << 28) | 304, /* TagType:ENUM */
    HARDWARE_TYPE = (1 << 28) /* TagType:ENUM */ | 304,

    /**
     * Keys tagged with EARLY_BOOT_ONLY may only be used, or created, during early boot, until
     * IKeyMintDevice::earlyBootEnded() is called.
     */
    EARLY_BOOT_ONLY = (7 << 28) | 305, /* TagType:BOOL */
    EARLY_BOOT_ONLY = (7 << 28) /* TagType:BOOL */ | 305,

    /**
     * Tag::ACTIVE_DATETIME specifies the date and time at which the key becomes active, in
@@ -245,8 +245,7 @@ enum Tag {
     *
     * Need not be hardware-enforced.
     */
    ACTIVE_DATETIME = (6 << 28) | 400,
    /* Start of validity. */ /* TagType:DATE */
    ACTIVE_DATETIME = (6 << 28) /* TagType:DATE */ | 400,

    /**
     * Tag::ORIGINATION_EXPIRE_DATETIME specifies the date and time at which the key expires for
@@ -258,7 +257,7 @@ enum Tag {
     *
     * Need not be hardware-enforced.
     */
    ORIGINATION_EXPIRE_DATETIME = (6 << 28) | 401, /* TagType:DATE */
    ORIGINATION_EXPIRE_DATETIME = (6 << 28) /* TagType:DATE */ | 401,

    /**
     * Tag::USAGE_EXPIRE_DATETIME specifies the date and time at which the key expires for
@@ -270,7 +269,7 @@ enum Tag {
     *
     * Need not be hardware-enforced.
     */
    USAGE_EXPIRE_DATETIME = (6 << 28) | 402, /* TagType:DATE */
    USAGE_EXPIRE_DATETIME = (6 << 28) /* TagType:DATE */ | 402,

    /**
     * TODO(seleneh) this tag need to be deleted.
@@ -295,7 +294,7 @@ enum Tag {
     *
     * Must be hardware-enforced.
     */
    MIN_SECONDS_BETWEEN_OPS = (3 << 28) | 403, /* TagType:UINT */
    MIN_SECONDS_BETWEEN_OPS = (3 << 28) /* TagType:UINT */ | 403,

    /**
     * Tag::MAX_USES_PER_BOOT specifies the maximum number of times that a key may be used between
@@ -315,14 +314,14 @@ enum Tag {
     *
     * Must be hardware-enforced.
     */
    MAX_USES_PER_BOOT = (3 << 28) | 404, /* TagType:UINT */
    MAX_USES_PER_BOOT = (3 << 28) /* TagType:UINT */ | 404,

    /**
     * Tag::USER_ID specifies the ID of the Android user that is permitted to use the key.
     *
     * Must not be hardware-enforced.
     */
    USER_ID = (3 << 28) | 501, /* TagType:UINT */
    USER_ID = (3 << 28) /* TagType:UINT */ | 501,

    /**
     * Tag::USER_SECURE_ID specifies that a key may only be used under a particular secure user
@@ -355,7 +354,7 @@ enum Tag {
     *
     * Must be hardware-enforced.
     */
    USER_SECURE_ID = (10 << 28) | 502, /* TagType:ULONG_REP */
    USER_SECURE_ID = (10 << 28) /* TagType:ULONG_REP */ | 502,

    /**
     * Tag::NO_AUTH_REQUIRED specifies that no authentication is required to use this key.  This tag
@@ -363,7 +362,7 @@ enum Tag {
     *
     * Must be hardware-enforced.
     */
    NO_AUTH_REQUIRED = (7 << 28) | 503, /* TagType:BOOL */
    NO_AUTH_REQUIRED = (7 << 28) /* TagType:BOOL */ | 503,

    /**
     * Tag::USER_AUTH_TYPE specifies the types of user authenticators that may be used to authorize
@@ -382,7 +381,7 @@ enum Tag {
     *
     * Must be hardware-enforced.
     */
    USER_AUTH_TYPE = (1 << 28) | 504, /* TagType:ENUM */
    USER_AUTH_TYPE = (1 << 28) /* TagType:ENUM */ | 504,

    /**
     * Tag::AUTH_TIMEOUT specifies the time in seconds for which the key is authorized for use,
@@ -396,7 +395,7 @@ enum Tag {
     *
     * Must be hardware-enforced.
     */
    AUTH_TIMEOUT = (3 << 28) | 505, /* TagType:UINT */
    AUTH_TIMEOUT = (3 << 28) /* TagType:UINT */ | 505,

    /**
     * Tag::ALLOW_WHILE_ON_BODY specifies that the key may be used after authentication timeout if
@@ -404,7 +403,7 @@ enum Tag {
     *
     * Cannot be hardware-enforced.
     */
    ALLOW_WHILE_ON_BODY = (7 << 28) | 506, /* TagType:BOOL */
    ALLOW_WHILE_ON_BODY = (7 << 28) /* TagType:BOOL */ | 506,

    /**
     * TRUSTED_USER_PRESENCE_REQUIRED is an optional feature that specifies that this key must be
@@ -451,7 +450,7 @@ enum Tag {
     *
     * Must be hardware-enforced.
     */
    TRUSTED_USER_PRESENCE_REQUIRED = (7 << 28) | 507, /* TagType:BOOL */
    TRUSTED_USER_PRESENCE_REQUIRED = (7 << 28) /* TagType:BOOL */ | 507,

    /** Tag::TRUSTED_CONFIRMATION_REQUIRED is only applicable to keys with KeyPurpose SIGN, and
     *  specifies that this key must not be usable unless the user provides confirmation of the data
@@ -464,7 +463,7 @@ enum Tag {
     *
     * Must be hardware-enforced.
     */
    TRUSTED_CONFIRMATION_REQUIRED = (7 << 28) | 508, /* TagType:BOOL */
    TRUSTED_CONFIRMATION_REQUIRED = (7 << 28) /* TagType:BOOL */ | 508,

    /**
     * Tag::UNLOCKED_DEVICE_REQUIRED specifies that the key may only be used when the device is
@@ -472,7 +471,7 @@ enum Tag {
     *
     * Must be software-enforced.
     */
    UNLOCKED_DEVICE_REQUIRED = (7 << 28) | 509, /* TagType:BOOL */
    UNLOCKED_DEVICE_REQUIRED = (7 << 28) /* TagType:BOOL */ | 509,

    /**
     * Tag::APPLICATION_ID.  When provided to generateKey or importKey, this tag specifies data
@@ -488,7 +487,7 @@ enum Tag {
     *
     * Must never appear in KeyCharacteristics.
     */
    APPLICATION_ID = (9 << 28) | 601, /* TagType:BYTES */
    APPLICATION_ID = (9 << 28) /* TagType:BYTES */ | 601,

    /*
     * Semantically unenforceable tags, either because they have no specific meaning or because
@@ -509,7 +508,7 @@ enum Tag {
     *
     * Must never appear in KeyCharacteristics.
     */
    APPLICATION_DATA = (9 << 28) | 700, /* TagType:BYTES */
    APPLICATION_DATA = (9 << 28) /* TagType:BYTES */ | 700,

    /**
     * Tag::CREATION_DATETIME specifies the date and time the key was created, in milliseconds since
@@ -518,7 +517,7 @@ enum Tag {
     * Tag::CREATED is informational only, and not enforced by anything.  Must be in the
     * software-enforced list, if provided.
     */
    CREATION_DATETIME = (6 << 28) | 701, /* TagType:DATE */
    CREATION_DATETIME = (6 << 28) /* TagType:DATE */ | 701,

    /**
     * Tag::ORIGIN specifies where the key was created, if known.  This tag must not be specified
@@ -527,7 +526,7 @@ enum Tag {
     *
     * Must be hardware-enforced.
     */
    ORIGIN = (1 << 28) | 702, /* TagType:ENUM */
    ORIGIN = (1 << 28) /* TagType:ENUM */ | 702,

    // 703 is unused.

@@ -539,7 +538,7 @@ enum Tag {
     *
     * Must never appear in KeyCharacteristics.
     */
    ROOT_OF_TRUST = (9 << 28) | 704, /* TagType:BYTES */
    ROOT_OF_TRUST = (9 << 28) /* TagType:BYTES */ | 704,

    /**
     * Tag::OS_VERSION specifies the system OS version with which the key may be used.  This tag is
@@ -562,7 +561,7 @@ enum Tag {
     *
     * Must be hardware-enforced.
     */
    OS_VERSION = (3 << 28) | 705, /* TagType:UINT */
    OS_VERSION = (3 << 28) /* TagType:UINT */ | 705,

    /**
     * Tag::OS_PATCHLEVEL specifies the system security patch level with which the key may be used.
@@ -583,7 +582,7 @@ enum Tag {
     *
     * Must be hardware-enforced.
     */
    OS_PATCHLEVEL = (3 << 28) | 706, /* TagType:UINT */
    OS_PATCHLEVEL = (3 << 28) /* TagType:UINT */ | 706,

    /**
     * Tag::UNIQUE_ID specifies a unique, time-based identifier.  This tag is never provided to or
@@ -617,7 +616,7 @@ enum Tag {
     *
     * Must be hardware-enforced.
     */
    UNIQUE_ID = (9 << 28) | 707, /* TagType:BYTES */
    UNIQUE_ID = (9 << 28) /* TagType:BYTES */ | 707,

    /**
     * Tag::ATTESTATION_CHALLENGE is used to deliver a "challenge" value to the attestKey() method,
@@ -626,7 +625,7 @@ enum Tag {
     *
     * Must never appear in KeyCharacteristics.
     */
    ATTESTATION_CHALLENGE = (9 << 28) | 708, /* TagType:BYTES */
    ATTESTATION_CHALLENGE = (9 << 28) /* TagType:BYTES */ | 708,

    /**
     * Tag::ATTESTATION_APPLICATION_ID identifies the set of applications which may use a key, used
@@ -652,7 +651,7 @@ enum Tag {
     *
     * Cannot be hardware-enforced.
     */
    ATTESTATION_APPLICATION_ID = (9 << 28) | 709, /* TagType:BYTES */
    ATTESTATION_APPLICATION_ID = (9 << 28) /* TagType:BYTES */ | 709,

    /**
     * Tag::ATTESTATION_ID_BRAND provides the device's brand name, as returned by Build.BRAND in
@@ -665,7 +664,7 @@ enum Tag {
     *
     * Must never appear in KeyCharacteristics.
     */
    ATTESTATION_ID_BRAND = (9 << 28) | 710, /* TagType:BYTES */
    ATTESTATION_ID_BRAND = (9 << 28) /* TagType:BYTES */ | 710,

    /**
     * Tag::ATTESTATION_ID_DEVICE provides the device's device name, as returned by Build.DEVICE in
@@ -678,7 +677,7 @@ enum Tag {
     *
     * Must never appear in KeyCharacteristics.
     */
    ATTESTATION_ID_DEVICE = (9 << 28) | 711, /* TagType:BYTES */
    ATTESTATION_ID_DEVICE = (9 << 28) /* TagType:BYTES */ | 711,

    /**
     * Tag::ATTESTATION_ID_PRODUCT provides the device's product name, as returned by Build.PRODUCT
@@ -691,7 +690,7 @@ enum Tag {
     *
     * Must never appear in KeyCharacteristics.
     */
    ATTESTATION_ID_PRODUCT = (9 << 28) | 712, /* TagType:BYTES */
    ATTESTATION_ID_PRODUCT = (9 << 28) /* TagType:BYTES */ | 712,

    /**
     * Tag::ATTESTATION_ID_SERIAL the device's serial number.  This field must be set only when
@@ -703,7 +702,7 @@ enum Tag {
     *
     * Must never appear in KeyCharacteristics.
     */
    ATTESTATION_ID_SERIAL = (9 << 28) | 713, /* TagType:BYTES */
    ATTESTATION_ID_SERIAL = (9 << 28) /* TagType:BYTES */ | 713,

    /**
     * Tag::ATTESTATION_ID_IMEI provides the IMEIs for all radios on the device to attestKey().
@@ -715,7 +714,7 @@ enum Tag {
     *
     * Must never appear in KeyCharacteristics.
     */
    ATTESTATION_ID_IMEI = (9 << 28) | 714, /* TagType:BYTES */
    ATTESTATION_ID_IMEI = (9 << 28) /* TagType:BYTES */ | 714,

    /**
     * Tag::ATTESTATION_ID_MEID provides the MEIDs for all radios on the device to attestKey().
@@ -727,7 +726,7 @@ enum Tag {
     *
     * Must never appear in KeyCharacteristics.
     */
    ATTESTATION_ID_MEID = (9 << 28) | 715, /* TagType:BYTES */
    ATTESTATION_ID_MEID = (9 << 28) /* TagType:BYTES */ | 715,

    /**
     * Tag::ATTESTATION_ID_MANUFACTURER provides the device's manufacturer name, as returned by
@@ -740,7 +739,7 @@ enum Tag {
     *
     * Must never appear in KeyCharacteristics.
     */
    ATTESTATION_ID_MANUFACTURER = (9 << 28) | 716, /* TagType:BYTES */
    ATTESTATION_ID_MANUFACTURER = (9 << 28) /* TagType:BYTES */ | 716,

    /**
     * Tag::ATTESTATION_ID_MODEL provides the device's model name, as returned by Build.MODEL in
@@ -753,7 +752,7 @@ enum Tag {
     *
     * Must never appear in KeyCharacteristics.
     */
    ATTESTATION_ID_MODEL = (9 << 28) | 717, /* TagType:BYTES */
    ATTESTATION_ID_MODEL = (9 << 28) /* TagType:BYTES */ | 717,

    /**
     * Tag::VENDOR_PATCHLEVEL specifies the vendor image security patch level with which the key may
@@ -775,7 +774,7 @@ enum Tag {
     *
     * Must be hardware-enforced.
     */
    VENDOR_PATCHLEVEL = (3 << 28) | 718, /* TagType:UINT */
    VENDOR_PATCHLEVEL = (3 << 28) /* TagType:UINT */ | 718,

    /**
     * Tag::BOOT_PATCHLEVEL specifies the boot image (kernel) security patch level with which the
@@ -795,7 +794,7 @@ enum Tag {
     *
     * Must be hardware-enforced.
     */
    BOOT_PATCHLEVEL = (3 << 28) | 719, /* TagType:UINT */
    BOOT_PATCHLEVEL = (3 << 28) /* TagType:UINT */ | 719,

    /**
     * DEVICE_UNIQUE_ATTESTATION is an argument to IKeyMintDevice::attestKey().  It indicates that
@@ -811,7 +810,7 @@ enum Tag {
     * IKeyMintDevice implementations that support device-unique attestation MUST add the
     * DEVICE_UNIQUE_ATTESTATION tag to device-unique attestations.
     */
    DEVICE_UNIQUE_ATTESTATION = (7 << 28) | 720, /* TagType:BOOL */
    DEVICE_UNIQUE_ATTESTATION = (7 << 28) /* TagType:BOOL */ | 720,

    /**
     * IDENTITY_CREDENTIAL_KEY is never used by IKeyMintDevice, is not a valid argument to key
@@ -819,7 +818,7 @@ enum Tag {
     * attestation.  It is used in attestations produced by the IIdentityCredential HAL when that
     * HAL attests to Credential Keys.  IIdentityCredential produces KeyMint-style attestations.
     */
    IDENTITY_CREDENTIAL_KEY = (7 << 28) | 721, /* TagType:BOOL */
    IDENTITY_CREDENTIAL_KEY = (7 << 28) /* TagType:BOOL */ | 721,

    /**
     * To prevent keys from being compromised if an attacker acquires read access to system / kernel
@@ -836,7 +835,7 @@ enum Tag {
     * ErrorCode::INVALID_OPERATION is returned when a key with Tag::STORAGE_KEY is provided to
     * begin().
     */
    STORAGE_KEY = (7 << 28) | 722, /* TagType:BOOL */
    STORAGE_KEY = (7 << 28) /* TagType:BOOL */ | 722,

    /**
     * Tag::ASSOCIATED_DATA Provides "associated data" for AES-GCM encryption or decryption.  This
@@ -845,7 +844,7 @@ enum Tag {
     *
     * Must never appear KeyCharacteristics.
     */
    ASSOCIATED_DATA = (9 << 28) | 1000, /* TagType:BYTES */
    ASSOCIATED_DATA = (9 << 28) /* TagType:BYTES */ | 1000,

    /**
     * Tag::NONCE is used to provide or return a nonce or Initialization Vector (IV) for AES-GCM,
@@ -860,7 +859,7 @@ enum Tag {
     *
     * Must never appear in KeyCharacteristics.
     */
    NONCE = (9 << 28) | 1001, /* TagType:BYTES */
    NONCE = (9 << 28) /* TagType:BYTES */ | 1001,

    /**
     * Tag::MAC_LENGTH provides the requested length of a MAC or GCM authentication tag, in bits.
@@ -871,7 +870,7 @@ enum Tag {
     *
     * Must never appear in KeyCharacteristics.
     */
    MAC_LENGTH = (3 << 28) | 1003, /* TagType:UINT */
    MAC_LENGTH = (3 << 28) /* TagType:UINT */ | 1003,

    /**
     * Tag::RESET_SINCE_ID_ROTATION specifies whether the device has been factory reset since the
@@ -879,7 +878,7 @@ enum Tag {
     *
     * Must never appear in KeyCharacteristics.
     */
    RESET_SINCE_ID_ROTATION = (7 << 28) | 1004, /* TagType:BOOL */
    RESET_SINCE_ID_ROTATION = (7 << 28) /* TagType:BOOL */ | 1004,

    /**
     * Tag::CONFIRMATION_TOKEN is used to deliver a cryptographic token proving that the user
@@ -888,5 +887,5 @@ enum Tag {
     *
     * Must never appear in KeyCharacteristics.
     */
    CONFIRMATION_TOKEN = (9 << 28) | 1005, /* TagType:BYTES */
    CONFIRMATION_TOKEN = (9 << 28) /* TagType:BYTES */ | 1005,
}