Loading security/keymint/aidl/android/hardware/security/keymint/KeyCreationResult.aidl +14 −2 Original line number Diff line number Diff line Loading @@ -125,9 +125,9 @@ parcelable KeyCreationResult { * straightforward translation of the KeyMint tag/value parameter lists to ASN.1. * * KeyDescription ::= SEQUENCE { * attestationVersion INTEGER, # Value 300 * attestationVersion INTEGER, # Value 400 * attestationSecurityLevel SecurityLevel, # See below * keyMintVersion INTEGER, # Value 300 * keyMintVersion INTEGER, # Value 400 * keymintSecurityLevel SecurityLevel, # See below * attestationChallenge OCTET_STRING, # Tag::ATTESTATION_CHALLENGE from attestParams * uniqueId OCTET_STRING, # Empty unless key has Tag::INCLUDE_UNIQUE_ID Loading Loading @@ -158,6 +158,17 @@ parcelable KeyCreationResult { * Failed (3), * } * * # Modules contains version info about APEX modules that have been updated after the last OTA. * # Note that the Modules information is DER-encoded before being hashed, which requires a * # specific ordering (lexicographic by encoded value) for the constituent Module entries. This * # ensures that the ordering of Module entries is predictable and that the resulting SHA-256 * # hash value is identical for the same set of modules. * Modules ::= SET OF Module * Module ::= SEQUENCE { * packageName OCTET_STRING, * version INTEGER, # As determined at boot time * } * * -- Note that the AuthorizationList SEQUENCE is also used in IKeyMintDevice::importWrappedKey * -- as a way of describing the authorizations associated with a key that is being securely * -- imported. As such, it includes the ability to describe tags that are only relevant for Loading Loading @@ -210,6 +221,7 @@ parcelable KeyCreationResult { * bootPatchLevel [719] EXPLICIT INTEGER OPTIONAL, * deviceUniqueAttestation [720] EXPLICIT NULL OPTIONAL, * attestationIdSecondImei [723] EXPLICIT OCTET_STRING OPTIONAL, * moduleHash [724] EXPLICIT OCTET_STRING OPTIONAL, -- SHA-256 hash of DER-encoded `Modules` * } */ Certificate[] certificateChain; Loading Loading
security/keymint/aidl/android/hardware/security/keymint/KeyCreationResult.aidl +14 −2 Original line number Diff line number Diff line Loading @@ -125,9 +125,9 @@ parcelable KeyCreationResult { * straightforward translation of the KeyMint tag/value parameter lists to ASN.1. * * KeyDescription ::= SEQUENCE { * attestationVersion INTEGER, # Value 300 * attestationVersion INTEGER, # Value 400 * attestationSecurityLevel SecurityLevel, # See below * keyMintVersion INTEGER, # Value 300 * keyMintVersion INTEGER, # Value 400 * keymintSecurityLevel SecurityLevel, # See below * attestationChallenge OCTET_STRING, # Tag::ATTESTATION_CHALLENGE from attestParams * uniqueId OCTET_STRING, # Empty unless key has Tag::INCLUDE_UNIQUE_ID Loading Loading @@ -158,6 +158,17 @@ parcelable KeyCreationResult { * Failed (3), * } * * # Modules contains version info about APEX modules that have been updated after the last OTA. * # Note that the Modules information is DER-encoded before being hashed, which requires a * # specific ordering (lexicographic by encoded value) for the constituent Module entries. This * # ensures that the ordering of Module entries is predictable and that the resulting SHA-256 * # hash value is identical for the same set of modules. * Modules ::= SET OF Module * Module ::= SEQUENCE { * packageName OCTET_STRING, * version INTEGER, # As determined at boot time * } * * -- Note that the AuthorizationList SEQUENCE is also used in IKeyMintDevice::importWrappedKey * -- as a way of describing the authorizations associated with a key that is being securely * -- imported. As such, it includes the ability to describe tags that are only relevant for Loading Loading @@ -210,6 +221,7 @@ parcelable KeyCreationResult { * bootPatchLevel [719] EXPLICIT INTEGER OPTIONAL, * deviceUniqueAttestation [720] EXPLICIT NULL OPTIONAL, * attestationIdSecondImei [723] EXPLICIT OCTET_STRING OPTIONAL, * moduleHash [724] EXPLICIT OCTET_STRING OPTIONAL, -- SHA-256 hash of DER-encoded `Modules` * } */ Certificate[] certificateChain; Loading
