Merge "Fix fmq_test when HIDL is not supported" into main
diff --git a/audio/aidl/common/include/Utils.h b/audio/aidl/common/include/Utils.h
index ef312d5..a1008a4 100644
--- a/audio/aidl/common/include/Utils.h
+++ b/audio/aidl/common/include/Utils.h
@@ -174,6 +174,12 @@
return result;
}
+template <typename E, typename U = std::underlying_type_t<E>,
+ typename = std::enable_if_t<is_bit_position_enum<E>::value>>
+constexpr bool isAnyBitPositionFlagSet(U mask, std::initializer_list<E> flags) {
+ return (mask & makeBitPositionFlagMask<E>(flags)) != 0;
+}
+
constexpr int32_t frameCountFromDurationUs(long durationUs, int32_t sampleRateHz) {
return (static_cast<long long>(durationUs) * sampleRateHz) / 1000000LL;
}
diff --git a/audio/aidl/vts/VtsHalAudioCoreModuleTargetTest.cpp b/audio/aidl/vts/VtsHalAudioCoreModuleTargetTest.cpp
index 7373073..4a7bfbd 100644
--- a/audio/aidl/vts/VtsHalAudioCoreModuleTargetTest.cpp
+++ b/audio/aidl/vts/VtsHalAudioCoreModuleTargetTest.cpp
@@ -56,6 +56,7 @@
using namespace android;
using aidl::android::hardware::audio::common::AudioOffloadMetadata;
using aidl::android::hardware::audio::common::getChannelCount;
+using aidl::android::hardware::audio::common::isAnyBitPositionFlagSet;
using aidl::android::hardware::audio::common::isBitPositionFlagSet;
using aidl::android::hardware::audio::common::isTelephonyDeviceType;
using aidl::android::hardware::audio::common::isValidAudioMode;
@@ -85,6 +86,7 @@
using aidl::android::media::audio::common::AudioDeviceType;
using aidl::android::media::audio::common::AudioDualMonoMode;
using aidl::android::media::audio::common::AudioFormatType;
+using aidl::android::media::audio::common::AudioInputFlags;
using aidl::android::media::audio::common::AudioIoFlags;
using aidl::android::media::audio::common::AudioLatencyMode;
using aidl::android::media::audio::common::AudioMMapPolicy;
@@ -1749,8 +1751,13 @@
for (const auto& port : ports) {
// Virtual devices may not require external hardware and thus can always be connected.
if (port.ext.get<AudioPortExt::device>().device.type.connection ==
- AudioDeviceDescription::CONNECTION_VIRTUAL)
+ AudioDeviceDescription::CONNECTION_VIRTUAL ||
+ // SCO devices are handled at low level by DSP, may not be able to check actual
+ // connection.
+ port.ext.get<AudioPortExt::device>().device.type.connection ==
+ AudioDeviceDescription::CONNECTION_BT_SCO) {
continue;
+ }
AudioPort portWithData = GenerateUniqueDeviceAddress(port), connectedPort;
ScopedAStatus status = module->connectExternalDevice(portWithData, &connectedPort);
EXPECT_STATUS(EX_ILLEGAL_STATE, status) << "static port " << portWithData.toString();
@@ -3780,6 +3787,19 @@
}
for (const auto& portConfig : allPortConfigs) {
SCOPED_TRACE(portConfig.toString());
+ // Certain types of ports can not be used without special preconditions.
+ if ((IOTraits<Stream>::is_input &&
+ isAnyBitPositionFlagSet(
+ portConfig.flags.value().template get<AudioIoFlags::Tag::input>(),
+ {AudioInputFlags::MMAP_NOIRQ, AudioInputFlags::VOIP_TX,
+ AudioInputFlags::HW_HOTWORD})) ||
+ (!IOTraits<Stream>::is_input &&
+ isAnyBitPositionFlagSet(
+ portConfig.flags.value().template get<AudioIoFlags::Tag::output>(),
+ {AudioOutputFlags::MMAP_NOIRQ, AudioOutputFlags::VOIP_RX,
+ AudioOutputFlags::COMPRESS_OFFLOAD, AudioOutputFlags::INCALL_MUSIC}))) {
+ continue;
+ }
const bool isNonBlocking =
IOTraits<Stream>::is_input
? false
diff --git a/audio/aidl/vts/VtsHalDynamicsProcessingTest.cpp b/audio/aidl/vts/VtsHalDynamicsProcessingTest.cpp
index 3f7a76d..69ab91b 100644
--- a/audio/aidl/vts/VtsHalDynamicsProcessingTest.cpp
+++ b/audio/aidl/vts/VtsHalDynamicsProcessingTest.cpp
@@ -559,7 +559,7 @@
::android::internal::ToString(std::get<INPUT_GAIN_PARAM>(info.param));
std::string name = "Implementor_" + descriptor.common.implementor + "_name_" +
descriptor.common.name + "_UUID_" +
- descriptor.common.id.uuid.toString() + "_inputGains_" + gains;
+ toString(descriptor.common.id.uuid) + "_inputGains_" + gains;
std::replace_if(
name.begin(), name.end(), [](const char c) { return !std::isalnum(c); }, '_');
return name;
@@ -652,7 +652,7 @@
std::to_string(std::get<LIMITER_ENGINE_IN_USE>(info.param));
std::string name = "Implementor_" + descriptor.common.implementor + "_name_" +
descriptor.common.name + "_UUID_" +
- descriptor.common.id.uuid.toString() + "_limiterConfig_" +
+ toString(descriptor.common.id.uuid) + "_limiterConfig_" +
cfg.toString() + "_engineSetting_" + engineLimiterInUse;
std::replace_if(
name.begin(), name.end(), [](const char c) { return !std::isalnum(c); }, '_');
@@ -726,7 +726,7 @@
std::string name = "Implementor_" + descriptor.common.implementor + "_name_" +
descriptor.common.name + "_UUID_" +
- descriptor.common.id.uuid.toString() + "_" + channelConfig +
+ toString(descriptor.common.id.uuid) + "_" + channelConfig +
"_engineInUse_" + engineInUse;
std::replace_if(
name.begin(), name.end(), [](const char c) { return !std::isalnum(c); }, '_');
@@ -868,7 +868,7 @@
std::string stageInUse = std::to_string(std::get<EQ_BAND_STAGE_IN_USE>(info.param));
std::string name = "Implementor_" + descriptor.common.implementor + "_name_" +
descriptor.common.name + "_UUID_" +
- descriptor.common.id.uuid.toString() + "_bands_" + bands +
+ toString(descriptor.common.id.uuid) + "_bands_" + bands +
"_stageInUse_" + stageInUse;
std::replace_if(
name.begin(), name.end(), [](const char c) { return !std::isalnum(c); }, '_');
@@ -986,7 +986,7 @@
std::string stageInUse = std::to_string(std::get<MBC_BAND_STAGE_IN_USE>(info.param));
std::string name = "Implementor_" + descriptor.common.implementor + "_name_" +
descriptor.common.name + "_UUID_" +
- descriptor.common.id.uuid.toString() + "_bands_" + mbcBands +
+ toString(descriptor.common.id.uuid) + "_bands_" + mbcBands +
"_stageInUse_" + stageInUse;
std::replace_if(
name.begin(), name.end(), [](const char c) { return !std::isalnum(c); }, '_');
diff --git a/audio/aidl/vts/VtsHalEnvironmentalReverbTargetTest.cpp b/audio/aidl/vts/VtsHalEnvironmentalReverbTargetTest.cpp
index 765c377..f641fa5 100644
--- a/audio/aidl/vts/VtsHalEnvironmentalReverbTargetTest.cpp
+++ b/audio/aidl/vts/VtsHalEnvironmentalReverbTargetTest.cpp
@@ -249,7 +249,7 @@
std::string name = "Implementor_" + descriptor.common.implementor + "_name_" +
descriptor.common.name + "_UUID_" +
- descriptor.common.id.uuid.toString() + "_roomHfLevel" + roomHfLevel;
+ toString(descriptor.common.id.uuid) + "_roomHfLevel" + roomHfLevel;
std::replace_if(
name.begin(), name.end(), [](const char c) { return !std::isalnum(c); }, '_');
return name;
@@ -289,7 +289,7 @@
std::string name = "Implementor_" + descriptor.common.implementor + "_name_" +
descriptor.common.name + "_UUID_" +
- descriptor.common.id.uuid.toString() + "_decayTime" + decayTime;
+ toString(descriptor.common.id.uuid) + "_decayTime" + decayTime;
std::replace_if(
name.begin(), name.end(), [](const char c) { return !std::isalnum(c); }, '_');
return name;
@@ -329,8 +329,7 @@
std::string name = "Implementor_" + descriptor.common.implementor + "_name_" +
descriptor.common.name + "_UUID_" +
- descriptor.common.id.uuid.toString() + "_decayHfRatio" +
- decayHfRatio;
+ toString(descriptor.common.id.uuid) + "_decayHfRatio" + decayHfRatio;
std::replace_if(
name.begin(), name.end(), [](const char c) { return !std::isalnum(c); }, '_');
return name;
@@ -370,7 +369,7 @@
std::string name = "Implementor_" + descriptor.common.implementor + "_name_" +
descriptor.common.name + "_UUID_" +
- descriptor.common.id.uuid.toString() + "_level" + level;
+ toString(descriptor.common.id.uuid) + "_level" + level;
std::replace_if(
name.begin(), name.end(), [](const char c) { return !std::isalnum(c); }, '_');
return name;
@@ -410,7 +409,7 @@
std::string name = "Implementor_" + descriptor.common.implementor + "_name_" +
descriptor.common.name + "_UUID_" +
- descriptor.common.id.uuid.toString() + "_delay" + delay;
+ toString(descriptor.common.id.uuid) + "_delay" + delay;
std::replace_if(
name.begin(), name.end(), [](const char c) { return !std::isalnum(c); }, '_');
return name;
@@ -450,7 +449,7 @@
std::string name = "Implementor_" + descriptor.common.implementor + "_name_" +
descriptor.common.name + "_UUID_" +
- descriptor.common.id.uuid.toString() + "_diffusion" + diffusion;
+ toString(descriptor.common.id.uuid) + "_diffusion" + diffusion;
std::replace_if(
name.begin(), name.end(), [](const char c) { return !std::isalnum(c); }, '_');
return name;
@@ -490,7 +489,7 @@
std::string name = "Implementor_" + descriptor.common.implementor + "_name_" +
descriptor.common.name + "_UUID_" +
- descriptor.common.id.uuid.toString() + "_density" + density;
+ toString(descriptor.common.id.uuid) + "_density" + density;
std::replace_if(
name.begin(), name.end(), [](const char c) { return !std::isalnum(c); }, '_');
return name;
@@ -527,7 +526,7 @@
std::string name = "Implementor_" + descriptor.common.implementor + "_name_" +
descriptor.common.name + "_UUID_" +
- descriptor.common.id.uuid.toString() + "_bypass" + bypass;
+ toString(descriptor.common.id.uuid) + "_bypass" + bypass;
std::replace_if(
name.begin(), name.end(), [](const char c) { return !std::isalnum(c); }, '_');
return name;
diff --git a/audio/aidl/vts/VtsHalHapticGeneratorTargetTest.cpp b/audio/aidl/vts/VtsHalHapticGeneratorTargetTest.cpp
index d312111..48e59dc 100644
--- a/audio/aidl/vts/VtsHalHapticGeneratorTargetTest.cpp
+++ b/audio/aidl/vts/VtsHalHapticGeneratorTargetTest.cpp
@@ -225,7 +225,7 @@
std::to_string(std::get<PARAM_VIBRATION_INFORMATION_MAX_AMPLITUDE>(info.param));
std::string name = "Implementor_" + descriptor.common.implementor + "_name_" +
descriptor.common.name + "_UUID_" +
- descriptor.common.id.uuid.toString() + "_hapticScaleId" +
+ toString(descriptor.common.id.uuid) + "_hapticScaleId" +
hapticScaleID + "_hapticScaleVibScale" + hapticScaleVibScale +
"_resonantFrequency" + resonantFrequency + "_qFactor" + qFactor +
"_maxAmplitude" + maxAmplitude;
@@ -422,7 +422,7 @@
auto descriptor = std::get<PARAM_INSTANCE_NAME>(info.param).second;
std::string name = "Implementor_" + descriptor.common.implementor + "_name_" +
descriptor.common.name + "_UUID_" +
- descriptor.common.id.uuid.toString();
+ toString(descriptor.common.id.uuid);
std::replace_if(
name.begin(), name.end(), [](const char c) { return !std::isalnum(c); }, '_');
return name;
diff --git a/bluetooth/aidl/vts/Android.bp b/bluetooth/aidl/vts/Android.bp
index ade3bef..c69ced4 100644
--- a/bluetooth/aidl/vts/Android.bp
+++ b/bluetooth/aidl/vts/Android.bp
@@ -28,6 +28,7 @@
static_libs: [
"android.hardware.bluetooth-V1-ndk",
"libbluetooth_hci_pdl",
+ "libbluetooth_log",
],
test_config: "VtsHalBluetoothTargetTest.xml",
test_suites: [
diff --git a/camera/device/default/ExternalCameraDeviceSession.cpp b/camera/device/default/ExternalCameraDeviceSession.cpp
index 126b782..91196d4 100644
--- a/camera/device/default/ExternalCameraDeviceSession.cpp
+++ b/camera/device/default/ExternalCameraDeviceSession.cpp
@@ -538,6 +538,19 @@
return Status::INTERNAL_ERROR;
}
+ if (request.outputBuffers.empty()) {
+ ALOGE("%s: No output buffers provided.", __FUNCTION__);
+ return Status::ILLEGAL_ARGUMENT;
+ }
+
+ for (auto& outputBuf : request.outputBuffers) {
+ if (outputBuf.streamId == -1 || mStreamMap.find(outputBuf.streamId) == mStreamMap.end()) {
+ ALOGE("%s: Invalid streamId in CaptureRequest.outputBuffers: %d", __FUNCTION__,
+ outputBuf.streamId);
+ return Status::ILLEGAL_ARGUMENT;
+ }
+ }
+
const camera_metadata_t* rawSettings = nullptr;
bool converted;
CameraMetadata settingsFmq; // settings from FMQ
@@ -572,8 +585,6 @@
return Status::ILLEGAL_ARGUMENT;
}
- std::vector<buffer_handle_t*> allBufPtrs;
- std::vector<int> allFences;
size_t numOutputBufs = request.outputBuffers.size();
if (numOutputBufs == 0) {
@@ -629,11 +640,6 @@
}
}
- status = importRequestLocked(request, allBufPtrs, allFences);
- if (status != Status::OK) {
- return status;
- }
-
nsecs_t shutterTs = 0;
std::unique_ptr<V4L2Frame> frameIn = dequeueV4l2FrameLocked(&shutterTs);
if (frameIn == nullptr) {
@@ -656,8 +662,8 @@
halBuf.height = stream.height;
halBuf.format = stream.format;
halBuf.usage = stream.usage;
- halBuf.bufPtr = allBufPtrs[i];
- halBuf.acquireFence = allFences[i];
+ halBuf.bufPtr = nullptr; // threadloop will request buffer from cameraservice
+ halBuf.acquireFence = 0; // threadloop will request fence from cameraservice
halBuf.fenceTimeout = false;
}
{
@@ -1351,56 +1357,6 @@
return false;
}
-Status ExternalCameraDeviceSession::importRequestLocked(const CaptureRequest& request,
- std::vector<buffer_handle_t*>& allBufPtrs,
- std::vector<int>& allFences) {
- return importRequestLockedImpl(request, allBufPtrs, allFences);
-}
-
-Status ExternalCameraDeviceSession::importRequestLockedImpl(
- const CaptureRequest& request, std::vector<buffer_handle_t*>& allBufPtrs,
- std::vector<int>& allFences) {
- size_t numOutputBufs = request.outputBuffers.size();
- size_t numBufs = numOutputBufs;
- // Validate all I/O buffers
- std::vector<buffer_handle_t> allBufs;
- std::vector<uint64_t> allBufIds;
- allBufs.resize(numBufs);
- allBufIds.resize(numBufs);
- allBufPtrs.resize(numBufs);
- allFences.resize(numBufs);
- std::vector<int32_t> streamIds(numBufs);
-
- for (size_t i = 0; i < numOutputBufs; i++) {
- allBufs[i] = ::android::makeFromAidl(request.outputBuffers[i].buffer);
- allBufIds[i] = request.outputBuffers[i].bufferId;
- allBufPtrs[i] = &allBufs[i];
- streamIds[i] = request.outputBuffers[i].streamId;
- }
-
- {
- Mutex::Autolock _l(mCbsLock);
- for (size_t i = 0; i < numBufs; i++) {
- Status st = importBufferLocked(streamIds[i], allBufIds[i], allBufs[i], &allBufPtrs[i]);
- if (st != Status::OK) {
- // Detailed error logs printed in importBuffer
- return st;
- }
- }
- }
-
- // All buffers are imported. Now validate output buffer acquire fences
- for (size_t i = 0; i < numOutputBufs; i++) {
- if (!sHandleImporter.importFence(
- ::android::makeFromAidl(request.outputBuffers[i].acquireFence), allFences[i])) {
- ALOGE("%s: output buffer %zu acquire fence is invalid", __FUNCTION__, i);
- cleanupInflightFences(allFences, i);
- return Status::INTERNAL_ERROR;
- }
- }
- return Status::OK;
-}
-
Status ExternalCameraDeviceSession::importBuffer(int32_t streamId, uint64_t bufId,
buffer_handle_t buf,
/*out*/ buffer_handle_t** outBufPtr) {
@@ -1770,8 +1726,8 @@
result.outputBuffers[i].bufferId = req->buffers[i].bufferId;
result.outputBuffers[i].status = BufferStatus::ERROR;
if (req->buffers[i].acquireFence >= 0) {
- native_handle_t* handle = native_handle_create(/*numFds*/ 1, /*numInts*/ 0);
- handle->data[0] = req->buffers[i].acquireFence;
+ // numFds = 0 for error
+ native_handle_t* handle = native_handle_create(/*numFds*/ 0, /*numInts*/ 0);
result.outputBuffers[i].releaseFence = android::dupToAidl(handle);
native_handle_delete(handle);
}
@@ -2005,9 +1961,16 @@
std::chrono::milliseconds timeout = std::chrono::milliseconds(kReqProcTimeoutMs);
auto st = mRequestDoneCond.wait_for(lk, timeout);
if (st == std::cv_status::timeout) {
+ mRequestingBuffer = false;
ALOGE("%s: wait for buffer request finish timeout!", __FUNCTION__);
return -1;
}
+
+ if (mPendingReturnBufferReqs.empty()) {
+ mRequestingBuffer = false;
+ ALOGE("%s: cameraservice did not return any buffers!", __FUNCTION__);
+ return -1;
+ }
}
mRequestingBuffer = false;
*outBufReqs = std::move(mPendingReturnBufferReqs);
@@ -2057,6 +2020,8 @@
if (!ret.isOk()) {
ALOGE("%s: Transaction error: %d:%d", __FUNCTION__, ret.getExceptionCode(),
ret.getServiceSpecificError());
+ mBufferReqs.clear();
+ mRequestDoneCond.notify_one();
return false;
}
@@ -2065,17 +2030,24 @@
if (bufRets.size() != mHalBufferReqs.size()) {
ALOGE("%s: expect %zu buffer requests returned, only got %zu", __FUNCTION__,
mHalBufferReqs.size(), bufRets.size());
+ mBufferReqs.clear();
+ lk.unlock();
+ mRequestDoneCond.notify_one();
return false;
}
auto parent = mParent.lock();
if (parent == nullptr) {
ALOGE("%s: session has been disconnected!", __FUNCTION__);
+ mBufferReqs.clear();
+ lk.unlock();
+ mRequestDoneCond.notify_one();
return false;
}
std::vector<int> importedFences;
importedFences.resize(bufRets.size());
+ bool hasError = false;
for (size_t i = 0; i < bufRets.size(); i++) {
int streamId = bufRets[i].streamId;
switch (bufRets[i].val.getTag()) {
@@ -2086,7 +2058,8 @@
bufRets[i].val.get<StreamBuffersVal::Tag::buffers>();
if (hBufs.size() != 1) {
ALOGE("%s: expect 1 buffer returned, got %zu!", __FUNCTION__, hBufs.size());
- return false;
+ hasError = true;
+ break;
}
const StreamBuffer& hBuf = hBufs[0];
@@ -2094,31 +2067,47 @@
// TODO: create a batch import API so we don't need to lock/unlock mCbsLock
// repeatedly?
lk.unlock();
- Status s =
- parent->importBuffer(streamId, hBuf.bufferId, makeFromAidl(hBuf.buffer),
- /*out*/ &mBufferReqs[i].bufPtr);
+ native_handle_t* h = makeFromAidl(hBuf.buffer);
+ Status s = parent->importBuffer(streamId, hBuf.bufferId, h,
+ /*out*/ &mBufferReqs[i].bufPtr);
+ native_handle_delete(h);
lk.lock();
if (s != Status::OK) {
ALOGE("%s: stream %d import buffer failed!", __FUNCTION__, streamId);
cleanupInflightFences(importedFences, i - 1);
- return false;
+ hasError = true;
+ break;
}
- if (!sHandleImporter.importFence(makeFromAidl(hBuf.acquireFence),
- mBufferReqs[i].acquireFence)) {
+ h = makeFromAidl(hBuf.acquireFence);
+ if (!sHandleImporter.importFence(h, mBufferReqs[i].acquireFence)) {
ALOGE("%s: stream %d import fence failed!", __FUNCTION__, streamId);
cleanupInflightFences(importedFences, i - 1);
- return false;
+ native_handle_delete(h);
+ hasError = true;
+ break;
}
+ native_handle_delete(h);
importedFences[i] = mBufferReqs[i].acquireFence;
} break;
default:
ALOGE("%s: Unknown StreamBuffersVal!", __FUNCTION__);
- return false;
+ hasError = true;
+ break;
+ }
+ if (hasError) {
+ mBufferReqs.clear();
+ lk.unlock();
+ mRequestDoneCond.notify_one();
+ return true;
}
}
} else {
ALOGE("%s: requestStreamBuffers call failed!", __FUNCTION__);
+ mBufferReqs.clear();
+ lk.unlock();
+ mRequestDoneCond.notify_one();
+ return true;
}
mPendingReturnBufferReqs = std::move(mBufferReqs);
@@ -2823,6 +2812,11 @@
if (res != 0) {
// For some webcam, the first few V4L2 frames might be malformed...
ALOGE("%s: Convert V4L2 frame to YU12 failed! res %d", __FUNCTION__, res);
+
+ ATRACE_BEGIN("Wait for BufferRequest done");
+ res = waitForBufferRequestDone(&req->buffers);
+ ATRACE_END();
+
lk.unlock();
Status st = parent->processCaptureRequestError(req);
if (st != Status::OK) {
@@ -2838,9 +2832,15 @@
ATRACE_END();
if (res != 0) {
+ // HAL buffer management buffer request can fail
ALOGE("%s: wait for BufferRequest done failed! res %d", __FUNCTION__, res);
lk.unlock();
- return onDeviceError("%s: failed to process buffer request error!", __FUNCTION__);
+ Status st = parent->processCaptureRequestError(req);
+ if (st != Status::OK) {
+ return onDeviceError("%s: failed to process capture request error!", __FUNCTION__);
+ }
+ signalRequestDone();
+ return true;
}
ALOGV("%s processing new request", __FUNCTION__);
diff --git a/camera/device/default/ExternalCameraDeviceSession.h b/camera/device/default/ExternalCameraDeviceSession.h
index 736bfd1..795b589 100644
--- a/camera/device/default/ExternalCameraDeviceSession.h
+++ b/camera/device/default/ExternalCameraDeviceSession.h
@@ -266,15 +266,6 @@
const std::vector<SupportedV4L2Format>& supportedFormats,
const ExternalCameraConfig& cfg);
- // Validate and import request's output buffers and acquire fence
- Status importRequestLocked(const CaptureRequest& request,
- std::vector<buffer_handle_t*>& allBufPtrs,
- std::vector<int>& allFences);
-
- Status importRequestLockedImpl(const CaptureRequest& request,
- std::vector<buffer_handle_t*>& allBufPtrs,
- std::vector<int>& allFences);
-
Status importBufferLocked(int32_t streamId, uint64_t bufId, buffer_handle_t buf,
/*out*/ buffer_handle_t** outBufPtr);
static void cleanupInflightFences(std::vector<int>& allFences, size_t numFences);
diff --git a/camera/device/default/ExternalCameraOfflineSession.cpp b/camera/device/default/ExternalCameraOfflineSession.cpp
index 536fa47..2d4e2e0 100644
--- a/camera/device/default/ExternalCameraOfflineSession.cpp
+++ b/camera/device/default/ExternalCameraOfflineSession.cpp
@@ -111,6 +111,7 @@
native_handle_t* handle = native_handle_create(/*numFds*/ 1, /*numInts*/ 0);
handle->data[0] = req->buffers[i].acquireFence;
result.outputBuffers[i].releaseFence = android::dupToAidl(handle);
+ native_handle_delete(handle);
}
notifyError(req->frameNumber, req->buffers[i].streamId, ErrorCode::ERROR_BUFFER);
} else {
@@ -120,6 +121,7 @@
native_handle_t* handle = native_handle_create(/*numFds*/ 1, /*numInts*/ 0);
handle->data[0] = req->buffers[i].acquireFence;
outputBuffer.releaseFence = android::dupToAidl(handle);
+ native_handle_delete(handle);
}
}
}
@@ -248,6 +250,7 @@
native_handle_t* handle = native_handle_create(/*numFds*/ 1, /*numInts*/ 0);
handle->data[0] = req->buffers[i].acquireFence;
outputBuffer.releaseFence = dupToAidl(handle);
+ native_handle_delete(handle);
}
}
diff --git a/identity/aidl/default/Android.bp b/identity/aidl/default/Android.bp
index 7bc3c8d..a1045c3 100644
--- a/identity/aidl/default/Android.bp
+++ b/identity/aidl/default/Android.bp
@@ -36,7 +36,7 @@
],
static_libs: [
"libbase",
- "libcppbor_external",
+ "libcppbor",
"libcppcose_rkp",
"libutils",
"libsoft_attestation_cert",
@@ -102,7 +102,7 @@
],
static_libs: [
"libbase",
- "libcppbor_external",
+ "libcppbor",
"libcppcose_rkp",
"libutils",
"libsoft_attestation_cert",
@@ -146,7 +146,7 @@
],
static_libs: [
"libbase",
- "libcppbor_external",
+ "libcppbor",
"libcppcose_rkp",
"libutils",
"libsoft_attestation_cert",
diff --git a/identity/aidl/vts/Android.bp b/identity/aidl/vts/Android.bp
index 6f7ab54..8ff2382 100644
--- a/identity/aidl/vts/Android.bp
+++ b/identity/aidl/vts/Android.bp
@@ -42,7 +42,7 @@
"android.hardware.security.rkp-V3-cpp",
"android.hardware.security.rkp-V3-ndk",
"android.hardware.security.secureclock-V1-ndk",
- "libcppbor_external",
+ "libcppbor",
"libcppcose_rkp",
"libkeymaster_portable",
"libkeymint_vts_test_utils",
diff --git a/identity/support/Android.bp b/identity/support/Android.bp
index d62d055..cc0a684 100644
--- a/identity/support/Android.bp
+++ b/identity/support/Android.bp
@@ -36,7 +36,7 @@
"libpuresoftkeymasterdevice",
],
static_libs: [
- "libcppbor_external",
+ "libcppbor",
],
}
@@ -70,7 +70,7 @@
],
static_libs: [
"android.hardware.identity-support-lib",
- "libcppbor_external",
+ "libcppbor",
"libgmock",
],
test_suites: ["general-tests"],
diff --git a/security/authgraph/default/src/main.rs b/security/authgraph/default/src/main.rs
index 65ced75..0f6e05c 100644
--- a/security/authgraph/default/src/main.rs
+++ b/security/authgraph/default/src/main.rs
@@ -40,7 +40,7 @@
}
fn main() {
- if let Err(e) = inner_main() {
+ if let Err(HalServiceError(e)) = inner_main() {
panic!("HAL service failed: {:?}", e);
}
}
diff --git a/security/keymint/aidl/default/Android.bp b/security/keymint/aidl/default/Android.bp
index c707845..0cf53cf 100644
--- a/security/keymint/aidl/default/Android.bp
+++ b/security/keymint/aidl/default/Android.bp
@@ -30,7 +30,7 @@
"android.hardware.security.secureclock-V1-ndk",
"libbase",
"libbinder_ndk",
- "libcppbor_external",
+ "libcppbor",
"libcrypto",
"libkeymaster_portable",
"libkeymint",
@@ -115,5 +115,47 @@
"libkmr_wire",
],
srcs: ["ta/lib.rs"],
+}
+apex {
+ name: "com.android.hardware.keymint.rust_nonsecure",
+ manifest: "manifest.json",
+ file_contexts: "file_contexts",
+ key: "com.google.cf.apex.key",
+ certificate: ":com.android.hardware.certificate",
+ soc_specific: true,
+ updatable: false,
+ binaries: [
+ "android.hardware.security.keymint-service.nonsecure",
+ ],
+ prebuilts: [
+ "keymint_aidl_nonsecure_init_rc",
+ "keymint_aidl_nonsecure_vintf",
+ "android.hardware.hardware_keystore.xml", // permissions
+ ],
+}
+
+prebuilt_etc {
+ name: "keymint_aidl_nonsecure_init_rc",
+ filename_from_src: true,
+ vendor: true,
+ src: ":gen-keymint_aidl_nonsecure_init_rc",
+}
+
+genrule {
+ name: "gen-keymint_aidl_nonsecure_init_rc",
+ srcs: ["android.hardware.security.keymint-service.nonsecure.rc"],
+ out: ["android.hardware.security.keymint-service.nonsecure.apex.rc"],
+ cmd: "sed -E 's%/vendor/bin/%/apex/com.android.hardware.keymint/bin/%' $(in) > $(out)",
+}
+
+prebuilt_etc {
+ name: "keymint_aidl_nonsecure_vintf",
+ sub_dir: "vintf",
+ vendor: true,
+ srcs: [
+ "android.hardware.security.keymint-service.xml",
+ "android.hardware.security.sharedsecret-service.xml",
+ "android.hardware.security.secureclock-service.xml",
+ ],
}
diff --git a/security/keymint/aidl/default/file_contexts b/security/keymint/aidl/default/file_contexts
new file mode 100644
index 0000000..dce7e3c
--- /dev/null
+++ b/security/keymint/aidl/default/file_contexts
@@ -0,0 +1,3 @@
+(/.*)? u:object_r:vendor_file:s0
+/etc(/.*)? u:object_r:vendor_configs_file:s0
+/bin/hw/android\.hardware\.security\.keymint-service\.nonsecure u:object_r:hal_keymint_rust_exec:s0
diff --git a/security/keymint/aidl/default/manifest.json b/security/keymint/aidl/default/manifest.json
new file mode 100644
index 0000000..289943e
--- /dev/null
+++ b/security/keymint/aidl/default/manifest.json
@@ -0,0 +1,5 @@
+{
+ "name": "com.android.hardware.keymint",
+ "version": 1,
+ "vendorBootstrap": true
+}
diff --git a/security/keymint/aidl/vts/functional/Android.bp b/security/keymint/aidl/vts/functional/Android.bp
index 41b161d..7a135e1 100644
--- a/security/keymint/aidl/vts/functional/Android.bp
+++ b/security/keymint/aidl/vts/functional/Android.bp
@@ -45,7 +45,7 @@
"android.hardware.security.secureclock-V1-ndk",
"libavb_user",
"libavb",
- "libcppbor_external",
+ "libcppbor",
"libcppcose_rkp",
"libfs_mgr",
"libjsoncpp",
diff --git a/security/keymint/aidl/vts/performance/Android.bp b/security/keymint/aidl/vts/performance/Android.bp
index 7e3a3e5..6179c99 100644
--- a/security/keymint/aidl/vts/performance/Android.bp
+++ b/security/keymint/aidl/vts/performance/Android.bp
@@ -41,7 +41,7 @@
],
static_libs: [
"android.hardware.security.secureclock-V1-ndk",
- "libcppbor_external",
+ "libcppbor",
"libchrome",
],
}
diff --git a/security/keymint/support/Android.bp b/security/keymint/support/Android.bp
index 1a8695b..5c9efef 100644
--- a/security/keymint/support/Android.bp
+++ b/security/keymint/support/Android.bp
@@ -72,7 +72,7 @@
shared_libs: [
"libbase",
"libbinder_ndk",
- "libcppbor_external",
+ "libcppbor",
"libcppcose_rkp",
"libcrypto",
"libkeymaster_portable",
@@ -94,7 +94,7 @@
],
shared_libs: [
"libbase",
- "libcppbor_external",
+ "libcppbor",
"libcppcose_rkp",
"libcrypto",
"libjsoncpp",
diff --git a/security/rkp/aidl/vts/functional/Android.bp b/security/rkp/aidl/vts/functional/Android.bp
index 9c2b6e1..2cce8db 100644
--- a/security/rkp/aidl/vts/functional/Android.bp
+++ b/security/rkp/aidl/vts/functional/Android.bp
@@ -32,7 +32,7 @@
"libcrypto",
],
static_libs: [
- "libcppbor_external",
+ "libcppbor",
"libgmock_ndk",
"libkeymint_vts_test_utils",
],
diff --git a/security/sharedsecret/aidl/android/hardware/security/sharedsecret/ISharedSecret.aidl b/security/sharedsecret/aidl/android/hardware/security/sharedsecret/ISharedSecret.aidl
index eca8d87..b0dd284 100644
--- a/security/sharedsecret/aidl/android/hardware/security/sharedsecret/ISharedSecret.aidl
+++ b/security/sharedsecret/aidl/android/hardware/security/sharedsecret/ISharedSecret.aidl
@@ -81,14 +81,9 @@
* defined in the standard. The counter is prefixed and length L appended, as shown
* in the construction on page 12 of the standard. The label string is UTF-8 encoded.
*
- * ``K'' is a pre-established shared secret, set up during factory reset. The mechanism for
- * establishing this shared secret is implementation-defined.Any method of securely
- * establishing K that ensures that an attacker cannot obtain or derive its value is
- * acceptable.
- *
- * CRITICAL SECURITY REQUIREMENT: All keys created by a IKeymintDevice instance must
- * be cryptographically bound to the value of K, such that establishing a new K
- * permanently destroys them.
+ * ``K'' is a pre-established shared secret. The mechanism for establishing this shared
+ * secret is implementation-defined. Any method of securely establishing K that
+ * ensures that an attacker cannot obtain or derive its value is acceptable.
*
* ``||'' represents concatenation.
*
diff --git a/staging/security/see/hwcrypto/aidl/Android.bp b/staging/security/see/hwcrypto/aidl/Android.bp
new file mode 100644
index 0000000..3e7ee9e
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/Android.bp
@@ -0,0 +1,29 @@
+package {
+ // See: http://go/android-license-faq
+ // A large-scale-change added 'default_applicable_licenses' to import
+ // all of the 'license_kinds' from "hardware_interfaces_license"
+ // to get the below license kinds:
+ // SPDX-license-identifier-Apache-2.0
+ default_applicable_licenses: ["hardware_interfaces_license"],
+}
+
+aidl_interface {
+ name: "android.hardware.security.see",
+ unstable: false,
+ host_supported: true,
+ srcs: [
+ "android/hardware/security/see/hwcrypto/*.aidl",
+ "android/hardware/security/see/hwcrypto/types/*.aidl",
+ ],
+ backend: {
+ java: {
+ enabled: false,
+ },
+ cpp: {
+ enabled: false,
+ },
+ rust: {
+ enabled: true,
+ },
+ },
+}
diff --git a/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/CryptoOperation.aidl b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/CryptoOperation.aidl
new file mode 100644
index 0000000..0a7e7a2
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/CryptoOperation.aidl
@@ -0,0 +1,45 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.security.see.hwcrypto;
+union CryptoOperation {
+ android.hardware.security.see.hwcrypto.MemoryBufferParameter setMemoryBuffer;
+ android.hardware.security.see.hwcrypto.OperationParameters setOperationParameters;
+ android.hardware.security.see.hwcrypto.PatternParameters setPattern;
+ android.hardware.security.see.hwcrypto.types.OperationData copyData;
+ android.hardware.security.see.hwcrypto.types.OperationData aadInput;
+ android.hardware.security.see.hwcrypto.types.OperationData dataInput;
+ android.hardware.security.see.hwcrypto.types.OperationData dataOutput;
+ @nullable android.hardware.security.see.hwcrypto.types.Void finish;
+ @nullable android.hardware.security.see.hwcrypto.types.Void destroyContext;
+}
diff --git a/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/CryptoOperationErrorAdditionalInfo.aidl b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/CryptoOperationErrorAdditionalInfo.aidl
new file mode 100644
index 0000000..05780e1
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/CryptoOperationErrorAdditionalInfo.aidl
@@ -0,0 +1,37 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.security.see.hwcrypto;
+parcelable CryptoOperationErrorAdditionalInfo {
+ long failingCommandIndex;
+}
diff --git a/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/CryptoOperationResult.aidl b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/CryptoOperationResult.aidl
new file mode 100644
index 0000000..1088e27
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/CryptoOperationResult.aidl
@@ -0,0 +1,37 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.security.see.hwcrypto;
+parcelable CryptoOperationResult {
+ @nullable android.hardware.security.see.hwcrypto.ICryptoOperationContext context;
+}
diff --git a/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/CryptoOperationSet.aidl b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/CryptoOperationSet.aidl
new file mode 100644
index 0000000..f3b9b43
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/CryptoOperationSet.aidl
@@ -0,0 +1,38 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.security.see.hwcrypto;
+parcelable CryptoOperationSet {
+ @nullable android.hardware.security.see.hwcrypto.ICryptoOperationContext context;
+ android.hardware.security.see.hwcrypto.CryptoOperation[] operations;
+}
diff --git a/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/ICryptoOperationContext.aidl b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/ICryptoOperationContext.aidl
new file mode 100644
index 0000000..472215f
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/ICryptoOperationContext.aidl
@@ -0,0 +1,36 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.security.see.hwcrypto;
+interface ICryptoOperationContext {
+}
diff --git a/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/IHwCryptoOperations.aidl b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/IHwCryptoOperations.aidl
new file mode 100644
index 0000000..5c26cc2
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/IHwCryptoOperations.aidl
@@ -0,0 +1,37 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.security.see.hwcrypto;
+interface IHwCryptoOperations {
+ android.hardware.security.see.hwcrypto.CryptoOperationResult[] processCommandList(inout android.hardware.security.see.hwcrypto.CryptoOperationSet[] operations, out android.hardware.security.see.hwcrypto.CryptoOperationErrorAdditionalInfo additionalErrorInfo);
+}
diff --git a/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/IOpaqueKey.aidl b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/IOpaqueKey.aidl
new file mode 100644
index 0000000..9cbf272
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/IOpaqueKey.aidl
@@ -0,0 +1,39 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.security.see.hwcrypto;
+interface IOpaqueKey {
+ byte[] exportWrappedKey(in android.hardware.security.see.hwcrypto.IOpaqueKey wrappingKey);
+ android.hardware.security.see.hwcrypto.KeyPolicy getKeyPolicy();
+ byte[] getPublicKey();
+}
diff --git a/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/KeyPolicy.aidl b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/KeyPolicy.aidl
new file mode 100644
index 0000000..0e3896e
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/KeyPolicy.aidl
@@ -0,0 +1,41 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.security.see.hwcrypto;
+parcelable KeyPolicy {
+ android.hardware.security.see.hwcrypto.types.KeyUse usage;
+ android.hardware.security.see.hwcrypto.types.KeyLifetime keyLifetime = android.hardware.security.see.hwcrypto.types.KeyLifetime.EPHEMERAL;
+ android.hardware.security.see.hwcrypto.types.KeyPermissions[] keyPermissions;
+ boolean keyManagementKey;
+ android.hardware.security.see.hwcrypto.types.KeyType keyType = android.hardware.security.see.hwcrypto.types.KeyType.AES_256_GCM;
+}
diff --git a/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/MemoryBufferParameter.aidl b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/MemoryBufferParameter.aidl
new file mode 100644
index 0000000..d88d5c8
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/MemoryBufferParameter.aidl
@@ -0,0 +1,42 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.security.see.hwcrypto;
+parcelable MemoryBufferParameter {
+ android.hardware.security.see.hwcrypto.MemoryBufferParameter.MemoryBuffer bufferHandle;
+ int sizeBytes;
+ union MemoryBuffer {
+ ParcelFileDescriptor input;
+ ParcelFileDescriptor output;
+ }
+}
diff --git a/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/OperationParameters.aidl b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/OperationParameters.aidl
new file mode 100644
index 0000000..f35fe45
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/OperationParameters.aidl
@@ -0,0 +1,37 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.security.see.hwcrypto;
+union OperationParameters {
+ android.hardware.security.see.hwcrypto.types.SymmetricAuthOperationParameters symmetricAuthCrypto;
+}
diff --git a/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/PatternParameters.aidl b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/PatternParameters.aidl
new file mode 100644
index 0000000..0fd1ee7
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/PatternParameters.aidl
@@ -0,0 +1,38 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.security.see.hwcrypto;
+parcelable PatternParameters {
+ long numberBlocksProcess;
+ long numberBlocksCopy;
+}
diff --git a/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/AesGcmMode.aidl b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/AesGcmMode.aidl
new file mode 100644
index 0000000..4084abb
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/AesGcmMode.aidl
@@ -0,0 +1,40 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.security.see.hwcrypto.types;
+union AesGcmMode {
+ android.hardware.security.see.hwcrypto.types.AesGcmMode.AesGcmModeParameters gcmTag16;
+ parcelable AesGcmModeParameters {
+ byte[12] nonce;
+ }
+}
diff --git a/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/HalErrorCode.aidl b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/HalErrorCode.aidl
new file mode 100644
index 0000000..cd8b3c6
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/HalErrorCode.aidl
@@ -0,0 +1,44 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.security.see.hwcrypto.types;
+parcelable HalErrorCode {
+ const int NO_ERROR = 0;
+ const int GENERIC_ERROR = (-1) /* -1 */;
+ const int BAD_STATE = (-2) /* -2 */;
+ const int UNSUPPORTED = (-3) /* -3 */;
+ const int SERIALIZATION_ERROR = (-4) /* -4 */;
+ const int ALLOCATION_ERROR = (-5) /* -5 */;
+ const int INVALID_KEY = (-6) /* -6 */;
+ const int BAD_PARAMETER = (-7) /* -7 */;
+}
diff --git a/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/KeyLifetime.aidl b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/KeyLifetime.aidl
new file mode 100644
index 0000000..db5964c
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/KeyLifetime.aidl
@@ -0,0 +1,40 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.security.see.hwcrypto.types;
+@Backing(type="byte")
+enum KeyLifetime {
+ EPHEMERAL,
+ HARDWARE,
+ PORTABLE,
+}
diff --git a/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/KeyPermissions.aidl b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/KeyPermissions.aidl
new file mode 100644
index 0000000..ea3a173
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/KeyPermissions.aidl
@@ -0,0 +1,39 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.security.see.hwcrypto.types;
+enum KeyPermissions {
+ ALLOW_EPHEMERAL_KEY_WRAPPING,
+ ALLOW_HARDWARE_KEY_WRAPPING,
+ ALLOW_PORTABLE_KEY_WRAPPING,
+}
diff --git a/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/KeyType.aidl b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/KeyType.aidl
new file mode 100644
index 0000000..59b83c4
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/KeyType.aidl
@@ -0,0 +1,55 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.security.see.hwcrypto.types;
+enum KeyType {
+ AES_128_CBC_NO_PADDING,
+ AES_128_CBC_PKCS7_PADDING,
+ AES_128_CTR,
+ AES_128_GCM,
+ AES_128_CMAC,
+ AES_256_CBC_NO_PADDING,
+ AES_256_CBC_PKCS7_PADDING,
+ AES_256_CTR,
+ AES_256_GCM,
+ AES_256_CMAC,
+ HMAC_SHA256,
+ HMAC_SHA512,
+ RSA2048_PSS_SHA256,
+ RSA2048_PKCS1_5_SHA256,
+ ECC_NIST_P256_SIGN_NO_PADDING,
+ ECC_NIST_P256_SIGN_SHA256,
+ ECC_NIST_P521_SIGN_NO_PADDING,
+ ECC_NIST_P521_SIGN_SHA512,
+ ECC_ED25519_SIGN,
+}
diff --git a/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/KeyUse.aidl b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/KeyUse.aidl
new file mode 100644
index 0000000..e888bdf
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/KeyUse.aidl
@@ -0,0 +1,43 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.security.see.hwcrypto.types;
+@Backing(type="int")
+enum KeyUse {
+ ENCRYPT = 1,
+ DECRYPT = 2,
+ ENCRYPT_DECRYPT = (ENCRYPT | DECRYPT) /* 3 */,
+ SIGN = 4,
+ DERIVE = 8,
+ WRAP = 16,
+}
diff --git a/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/MemoryBufferReference.aidl b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/MemoryBufferReference.aidl
new file mode 100644
index 0000000..eaa8dd7
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/MemoryBufferReference.aidl
@@ -0,0 +1,38 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.security.see.hwcrypto.types;
+parcelable MemoryBufferReference {
+ int startOffset;
+ int sizeBytes;
+}
diff --git a/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/OperationData.aidl b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/OperationData.aidl
new file mode 100644
index 0000000..aad3ac1
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/OperationData.aidl
@@ -0,0 +1,38 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.security.see.hwcrypto.types;
+union OperationData {
+ android.hardware.security.see.hwcrypto.types.MemoryBufferReference memoryBufferReference;
+ byte[] dataBuffer;
+}
diff --git a/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/OperationType.aidl b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/OperationType.aidl
new file mode 100644
index 0000000..ca8b3eb
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/OperationType.aidl
@@ -0,0 +1,38 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.security.see.hwcrypto.types;
+enum OperationType {
+ READ,
+ WRITE,
+}
diff --git a/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/SymmetricAuthCryptoParameters.aidl b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/SymmetricAuthCryptoParameters.aidl
new file mode 100644
index 0000000..d3d1763
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/SymmetricAuthCryptoParameters.aidl
@@ -0,0 +1,37 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.security.see.hwcrypto.types;
+union SymmetricAuthCryptoParameters {
+ android.hardware.security.see.hwcrypto.types.AesGcmMode aes;
+}
diff --git a/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/SymmetricAuthOperationParameters.aidl b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/SymmetricAuthOperationParameters.aidl
new file mode 100644
index 0000000..8a8ef09
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/SymmetricAuthOperationParameters.aidl
@@ -0,0 +1,39 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.security.see.hwcrypto.types;
+parcelable SymmetricAuthOperationParameters {
+ android.hardware.security.see.hwcrypto.IOpaqueKey key;
+ android.hardware.security.see.hwcrypto.types.SymmetricOperation direction;
+ android.hardware.security.see.hwcrypto.types.SymmetricAuthCryptoParameters parameters;
+}
diff --git a/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/SymmetricOperation.aidl b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/SymmetricOperation.aidl
new file mode 100644
index 0000000..1a17525
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/SymmetricOperation.aidl
@@ -0,0 +1,38 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.security.see.hwcrypto.types;
+enum SymmetricOperation {
+ ENCRYPT,
+ DECRYPT,
+}
diff --git a/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/Void.aidl b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/Void.aidl
new file mode 100644
index 0000000..b37848b
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/aidl_api/android.hardware.security.see/current/android/hardware/security/see/hwcrypto/types/Void.aidl
@@ -0,0 +1,36 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+///////////////////////////////////////////////////////////////////////////////
+// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. //
+///////////////////////////////////////////////////////////////////////////////
+
+// This file is a snapshot of an AIDL file. Do not edit it manually. There are
+// two cases:
+// 1). this is a frozen version file - do not edit this in any case.
+// 2). this is a 'current' file. If you make a backwards compatible change to
+// the interface (from the latest frozen version), the build system will
+// prompt you to update this file with `m <name>-update-api`.
+//
+// You must not make a backward incompatible change to any AIDL file built
+// with the aidl_interface module type with versions property set. The module
+// type is used to build AIDL files in a way that they can be used across
+// independently updatable components of the system. If a device is shipped
+// with such a backward incompatible change, it has a high risk of breaking
+// later when a module using the interface is updated, e.g., Mainline modules.
+
+package android.hardware.security.see.hwcrypto.types;
+parcelable Void {
+}
diff --git a/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/CryptoOperation.aidl b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/CryptoOperation.aidl
new file mode 100644
index 0000000..2fdbc78
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/CryptoOperation.aidl
@@ -0,0 +1,88 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.security.see.hwcrypto;
+
+import android.hardware.security.see.hwcrypto.MemoryBufferParameter;
+import android.hardware.security.see.hwcrypto.OperationParameters;
+import android.hardware.security.see.hwcrypto.PatternParameters;
+import android.hardware.security.see.hwcrypto.types.OperationData;
+import android.hardware.security.see.hwcrypto.types.Void;
+
+/*
+ * Type that describes the different operations that can be performed along with its required
+ * parameters. It will be used to construct a vector of operation that are executed sequentially.
+ */
+union CryptoOperation {
+ /*
+ * Sets a memory buffer to operate on. References to positions of this memory buffer can be used
+ * when setting the parameters for <code>UpdateAad</code>, <code>UpdateData</code>,
+ * <code>Finish</code> and <code>CopyData</code>.
+ */
+ MemoryBufferParameter setMemoryBuffer;
+
+ /*
+ * Sets the parameters for the current operation, for more info on specific parameters see
+ * <code>OperationParameters</code>.
+ */
+ OperationParameters setOperationParameters;
+
+ /*
+ * Sets the pattern for a decrypt type operation. A pattern is used to describe that the Input
+ * data provided is not completely encrypted, but that it has some blocks encrypted followed by
+ * some blocks in the clear. Currently it shall only be supported for cbcs mode as defined on
+ * IEC 23001-7:2016.
+ */
+ PatternParameters setPattern;
+
+ /*
+ * Copies data from input to output.
+ */
+ OperationData copyData;
+
+ /*
+ * Adds additional authenticated data. This type is only valid after a
+ * <code>SetOperationParameters</code> of type <code>SymmetricAuthOperationParameters</code>.
+ */
+ OperationData aadInput;
+
+ /*
+ * Adds data to the operation for processing. This type is only valid after a
+ * <code>SetOperationParameters</code> and it will trigger the operation, so output buffers
+ * need to be set first.
+ */
+ OperationData dataInput;
+
+ /*
+ * Adds output buffers to store results form the operation. This type is only valid after a
+ * <code>SetOperationParameters</code> and it needs to be done before calling
+ * <code>DataInput</code>
+ */
+ OperationData dataOutput;
+
+ /*
+ * Finalizes a cryptographic operation in flight. Because operations are initiated with a call
+ * to <code>SetOperationParameters</code>, a <code>finish</code> element is only valid after a
+ * <code>SetOperationParameters</code> element.
+ */
+ @nullable Void finish;
+
+ /*
+ * Specifies that we do not want to continue using this context anymore. The result of this
+ * call is that all resources are freed after finishing operating on the set of commands and no
+ * context is returned to the caller.
+ */
+ @nullable Void destroyContext;
+}
diff --git a/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/CryptoOperationErrorAdditionalInfo.aidl b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/CryptoOperationErrorAdditionalInfo.aidl
new file mode 100644
index 0000000..f3ac8ea
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/CryptoOperationErrorAdditionalInfo.aidl
@@ -0,0 +1,27 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.security.see.hwcrypto;
+
+/*
+ * Type that provides more information about failures when processing a list of commands.
+ */
+parcelable CryptoOperationErrorAdditionalInfo {
+ /*
+ * Index indicating the first step of <code>CryptoOperationSet::operations</code> that failed
+ * when executing a set of commands. No more commands would have been executed after this.
+ */
+ long failingCommandIndex;
+}
diff --git a/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/CryptoOperationResult.aidl b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/CryptoOperationResult.aidl
new file mode 100644
index 0000000..07c2983
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/CryptoOperationResult.aidl
@@ -0,0 +1,29 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.security.see.hwcrypto;
+
+import android.hardware.security.see.hwcrypto.ICryptoOperationContext;
+
+/*
+ * Type that describes the result of a set of crypto operations.
+ */
+parcelable CryptoOperationResult {
+ /*
+ * Token that can be passed on a CryptoOperationSet to issue more operations on the same context
+ * on future calls.
+ */
+ @nullable ICryptoOperationContext context;
+}
diff --git a/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/CryptoOperationSet.aidl b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/CryptoOperationSet.aidl
new file mode 100644
index 0000000..9aff1e8
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/CryptoOperationSet.aidl
@@ -0,0 +1,35 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.security.see.hwcrypto;
+
+import android.hardware.security.see.hwcrypto.CryptoOperation;
+import android.hardware.security.see.hwcrypto.ICryptoOperationContext;
+
+/*
+ * Type that describes a set of crypto operations to execute
+ */
+parcelable CryptoOperationSet {
+ /*
+ * Token to be used to issue the operations. If NULL, a new context will be created and
+ * returned.
+ */
+ @nullable ICryptoOperationContext context;
+
+ /*
+ * Set of operations to execute.
+ */
+ CryptoOperation[] operations;
+}
diff --git a/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/ICryptoOperationContext.aidl b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/ICryptoOperationContext.aidl
new file mode 100644
index 0000000..68d0c03
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/ICryptoOperationContext.aidl
@@ -0,0 +1,25 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.security.see.hwcrypto;
+
+/*
+ * Token that can be used to execute more commands when passed as an input on a
+ * <code>CryptoOperationSet::context</code> parcelable. It represents an operation being executed
+ * and is valid until a <code>CryptoOperation::Finish</code> is issued using the token. The
+ * operation in progress context includes any memory buffer previously mapped by a
+ * <code>CryptoOperation::SetMemoryBuffer</code> call.
+ */
+interface ICryptoOperationContext {}
diff --git a/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/IHwCryptoOperations.aidl b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/IHwCryptoOperations.aidl
new file mode 100644
index 0000000..4d394ed
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/IHwCryptoOperations.aidl
@@ -0,0 +1,44 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.security.see.hwcrypto;
+
+import android.hardware.security.see.hwcrypto.CryptoOperationErrorAdditionalInfo;
+import android.hardware.security.see.hwcrypto.CryptoOperationResult;
+import android.hardware.security.see.hwcrypto.CryptoOperationSet;
+
+/*
+ * Interface used that provides cryptographic services, including the generation and use of
+ * cryptographic keys. Interactions with this interface are done through a command-base API,
+ * which allow callers to execute a large set of operations on a single call.
+ */
+interface IHwCryptoOperations {
+ /*
+ * processCommandList() - Executes a list of cryptographic commands in order
+ *
+ * @operations:
+ * Parameter containing 1 or more set of commands to execute. Additionally, each set can
+ * also contain a context on which the commands will be executed.
+ * @additionalErrorInfo:
+ * Structure containing additional info when errors are encountered. Only valid if the
+ * function failed its execution.
+ * Return:
+ * CryptoOperationResult[] on success, which can contain a context to continue executing
+ * each of the provided operations sets, service specific error based on
+ * <code>HalErrorCode</code> otherwise.
+ */
+ CryptoOperationResult[] processCommandList(inout CryptoOperationSet[] operations,
+ out CryptoOperationErrorAdditionalInfo additionalErrorInfo);
+}
diff --git a/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/IOpaqueKey.aidl b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/IOpaqueKey.aidl
new file mode 100644
index 0000000..0d0f613
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/IOpaqueKey.aidl
@@ -0,0 +1,55 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.security.see.hwcrypto;
+
+import android.hardware.security.see.hwcrypto.KeyPolicy;
+import android.hardware.security.see.hwcrypto.types.OperationType;
+
+interface IOpaqueKey {
+ /*
+ * exportWrappedKey() - Exports this key as a wrapped (encrypted) blob.
+ *
+ * @wrapping_key:
+ * wrapping key. It needs to be an opaque key and its policy needs to indicate that it can
+ * be used for key wrapping.
+ *
+ * Return:
+ * Wrapped key blob as a byte array on success. Format of the blob is opaque to the service
+ * but has to match the command accepted by
+ * <code>IHwCryptoKeyGeneration::importWrappedKey</code>, service specific error based on
+ * <code>HalErrorCode</code> otherwise.
+ */
+ byte[] exportWrappedKey(in IOpaqueKey wrappingKey);
+
+ /*
+ * getKeyPolicy() - Returns the key policy.
+ *
+ * Return:
+ * A <code>KeyPolicy</code> on success, service specific error based on
+ * <code>HalErrorCode</code> otherwise.
+ */
+ KeyPolicy getKeyPolicy();
+
+ /*
+ * getPublicKey() - Returns the public key portion of this OpaqueKey. This operation is only
+ * valid for asymmetric keys
+ *
+ * Return:
+ * public key as a byte array on success, service specific error based on
+ * <code>HalErrorCode</code> otherwise. Format used for the returned public key is COSE.
+ */
+ byte[] getPublicKey();
+}
diff --git a/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/KeyPolicy.aidl b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/KeyPolicy.aidl
new file mode 100644
index 0000000..9266bfa
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/KeyPolicy.aidl
@@ -0,0 +1,53 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.security.see.hwcrypto;
+
+import android.hardware.security.see.hwcrypto.types.KeyLifetime;
+import android.hardware.security.see.hwcrypto.types.KeyPermissions;
+import android.hardware.security.see.hwcrypto.types.KeyType;
+import android.hardware.security.see.hwcrypto.types.KeyUse;
+
+/*
+ * Parcelable that specified how a key can be used.
+ */
+parcelable KeyPolicy {
+ /*
+ * Enum specifying the operations the key can perform (encryption, decryption, etc.).
+ */
+ KeyUse usage;
+
+ /*
+ * Enum that describes the key lifetime characteristics. See the docstring on
+ * <code>KeyLifetime</code> for more details.
+ */
+ KeyLifetime keyLifetime = KeyLifetime.EPHEMERAL;
+
+ /*
+ * Additional permissions of the key (e.g. key types allowed to wrap the key, boot binding,
+ * etc.). See the docstring on <code>KeyPermissions</code> for more details.
+ */
+ KeyPermissions[] keyPermissions;
+
+ /*
+ * Key can be used to wrap or derive other keys.
+ */
+ boolean keyManagementKey;
+
+ /*
+ * Enum that specifies the key type.
+ */
+ KeyType keyType = KeyType.AES_256_GCM;
+}
diff --git a/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/MemoryBufferParameter.aidl b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/MemoryBufferParameter.aidl
new file mode 100644
index 0000000..c5a6a5c
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/MemoryBufferParameter.aidl
@@ -0,0 +1,36 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.security.see.hwcrypto;
+
+/*
+ * Parcelable representing a memory buffer.
+ */
+parcelable MemoryBufferParameter {
+ union MemoryBuffer {
+ ParcelFileDescriptor input;
+ ParcelFileDescriptor output;
+ }
+
+ /*
+ * Handle used to access this memory area.
+ */
+ MemoryBuffer bufferHandle;
+
+ /*
+ * Total size of the memory buffer.
+ */
+ int sizeBytes;
+}
diff --git a/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/OperationParameters.aidl b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/OperationParameters.aidl
new file mode 100644
index 0000000..bf1f055
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/OperationParameters.aidl
@@ -0,0 +1,28 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.security.see.hwcrypto;
+
+import android.hardware.security.see.hwcrypto.types.SymmetricAuthOperationParameters;
+
+/*
+ * Type that describes the parameters for the different operations that can be performed.
+ */
+union OperationParameters {
+ /*
+ * Parameters for authenticated symmetric cryptography (AES GCM).
+ */
+ SymmetricAuthOperationParameters symmetricAuthCrypto;
+}
diff --git a/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/PatternParameters.aidl b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/PatternParameters.aidl
new file mode 100644
index 0000000..3f62abe
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/PatternParameters.aidl
@@ -0,0 +1,35 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.security.see.hwcrypto;
+
+/*
+ * Parcelable that specifies a pattern to process data.
+ */
+parcelable PatternParameters {
+ /*
+ * Number of blocks that will be processed. The size of the block matches the size of the
+ * cipher used (e.g. for AES this parameter indicates the number of 16 bytes blocks to be
+ * processed).
+ */
+ long numberBlocksProcess;
+
+ /*
+ * Number of blocks that will be copied. The size of the block matches the size of the cipher
+ * used to process the encrypted areas (e.g. for AES this parameter indicates the number of 16
+ * bytes blocks to be copied).
+ */
+ long numberBlocksCopy;
+}
diff --git a/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/AesGcmMode.aidl b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/AesGcmMode.aidl
new file mode 100644
index 0000000..4025553
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/AesGcmMode.aidl
@@ -0,0 +1,33 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.security.see.hwcrypto.types;
+
+/*
+ * Type used for the parameters needed to run an authenticated AES operation (GCM).
+ */
+union AesGcmMode {
+ parcelable AesGcmModeParameters {
+ /*
+ * Galois Counter Mode nonce. Only 12-bytes nonce are supported.
+ */
+ byte[12] nonce;
+ }
+
+ /*
+ * Galois Counter Mode with an authentication Tag that has a length of 16 bytes.
+ */
+ AesGcmModeParameters gcmTag16;
+}
diff --git a/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/HalErrorCode.aidl b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/HalErrorCode.aidl
new file mode 100644
index 0000000..e8e8539
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/HalErrorCode.aidl
@@ -0,0 +1,45 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.security.see.hwcrypto.types;
+
+/*
+ * Service error codes. Will be returned as service specific errors.
+ */
+parcelable HalErrorCode {
+ /* Success */
+ const int NO_ERROR = 0;
+
+ /* Generic error */
+ const int GENERIC_ERROR = -1;
+
+ /* Desired operation cannot be performed because of the server current state */
+ const int BAD_STATE = -2;
+
+ /* Operation or parameters are not supported by the server */
+ const int UNSUPPORTED = -3;
+
+ /* Error encountered when parsing parameters */
+ const int SERIALIZATION_ERROR = -4;
+
+ /* Server ran out of memory when performing operation */
+ const int ALLOCATION_ERROR = -5;
+
+ /* Provided key is not compatible with the operation */
+ const int INVALID_KEY = -6;
+
+ /* Bad parameter supplied for the desired operation */
+ const int BAD_PARAMETER = -7;
+}
diff --git a/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/KeyLifetime.aidl b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/KeyLifetime.aidl
new file mode 100644
index 0000000..9958a0b
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/KeyLifetime.aidl
@@ -0,0 +1,41 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.security.see.hwcrypto.types;
+
+/*
+ * Enum that gives more information about the lifetime characteristics of the key. They are
+ * represented as a bitmask to allow us to internally combine them on a single property to describe
+ * a set of allowed lifetimes.
+ */
+@Backing(type="byte")
+enum KeyLifetime {
+ /*
+ * Hardware keys with limited validity (until key is erased or power cycle occurs).
+ */
+ EPHEMERAL,
+
+ /*
+ * Key only lives or was derived from a key that only lives in hardware. This key cannot be
+ * retrieved in the clear.
+ */
+ HARDWARE,
+
+ /*
+ * Key could have been at some point of its lifetime in the clear on a software component.
+ */
+ PORTABLE,
+
+}
diff --git a/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/KeyPermissions.aidl b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/KeyPermissions.aidl
new file mode 100644
index 0000000..a1e4f21
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/KeyPermissions.aidl
@@ -0,0 +1,38 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.security.see.hwcrypto.types;
+
+/*
+ * Additional characteristics and permissions of the key.
+ */
+enum KeyPermissions {
+ /*
+ * Key can be wrapped by an ephemeral key.
+ */
+ ALLOW_EPHEMERAL_KEY_WRAPPING,
+
+ /*
+ * Key can be wrapped by a hardware key. Notice that ephemeral keys cannot be wrapped by
+ * hardware keys.
+ */
+ ALLOW_HARDWARE_KEY_WRAPPING,
+
+ /*
+ * Key can be wrapped by a portable key. Notice that neither ephemeral keys nor hardware keys
+ * can be wrapped by portable keys.
+ */
+ ALLOW_PORTABLE_KEY_WRAPPING,
+}
diff --git a/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/KeyType.aidl b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/KeyType.aidl
new file mode 100644
index 0000000..3cf4670
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/KeyType.aidl
@@ -0,0 +1,43 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.security.see.hwcrypto.types;
+
+/*
+ * Enum describing all supported key types. Key types are strongly bound to the algorithm to
+ * prevent reusing the same key on different algorithms (e.g. using the same key for 2 different AES
+ * 128 Cipher modes).
+ */
+enum KeyType {
+ AES_128_CBC_NO_PADDING,
+ AES_128_CBC_PKCS7_PADDING,
+ AES_128_CTR,
+ AES_128_GCM,
+ AES_128_CMAC,
+ AES_256_CBC_NO_PADDING,
+ AES_256_CBC_PKCS7_PADDING,
+ AES_256_CTR,
+ AES_256_GCM,
+ AES_256_CMAC,
+ HMAC_SHA256,
+ HMAC_SHA512,
+ RSA2048_PSS_SHA256,
+ RSA2048_PKCS1_5_SHA256,
+ ECC_NIST_P256_SIGN_NO_PADDING,
+ ECC_NIST_P256_SIGN_SHA256,
+ ECC_NIST_P521_SIGN_NO_PADDING,
+ ECC_NIST_P521_SIGN_SHA512,
+ ECC_ED25519_SIGN,
+}
diff --git a/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/KeyUse.aidl b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/KeyUse.aidl
new file mode 100644
index 0000000..76bfd62
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/KeyUse.aidl
@@ -0,0 +1,29 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.security.see.hwcrypto.types;
+
+/*
+ * Enum describing the allowed operations that can be performed with the given key.
+ */
+@Backing(type="int")
+enum KeyUse {
+ ENCRYPT = 1,
+ DECRYPT = 2,
+ ENCRYPT_DECRYPT = ENCRYPT | DECRYPT,
+ SIGN = 4,
+ DERIVE = 8,
+ WRAP = 16,
+}
diff --git a/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/MemoryBufferReference.aidl b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/MemoryBufferReference.aidl
new file mode 100644
index 0000000..5b90d9c
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/MemoryBufferReference.aidl
@@ -0,0 +1,32 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.security.see.hwcrypto.types;
+
+/*
+ * Structure representing a section of a memory buffer.
+ */
+parcelable MemoryBufferReference {
+ /*
+ * Start of the memory buffer section measured from the start of the memory buffer set for this
+ * operation.
+ */
+ int startOffset;
+
+ /*
+ * Total size of the memory buffer section.
+ */
+ int sizeBytes;
+}
diff --git a/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/OperationData.aidl b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/OperationData.aidl
new file mode 100644
index 0000000..642d05e
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/OperationData.aidl
@@ -0,0 +1,33 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.security.see.hwcrypto.types;
+
+import android.hardware.security.see.hwcrypto.types.MemoryBufferReference;
+
+/*
+ * Union holding buffers to be used by the cryptographic operation.
+ */
+union OperationData {
+ /*
+ * Reference (offset, size) to the active operations' MemoryBuffer.
+ */
+ MemoryBufferReference memoryBufferReference;
+
+ /*
+ * Vector of data to use for the operation.
+ */
+ byte[] dataBuffer;
+}
diff --git a/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/OperationType.aidl b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/OperationType.aidl
new file mode 100644
index 0000000..76878a3
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/OperationType.aidl
@@ -0,0 +1,24 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.security.see.hwcrypto.types;
+
+/*
+ * Enum describing the different types of operations allowed on a buffer.
+ */
+enum OperationType {
+ READ,
+ WRITE,
+}
diff --git a/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/SymmetricAuthCryptoParameters.aidl b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/SymmetricAuthCryptoParameters.aidl
new file mode 100644
index 0000000..278e48d
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/SymmetricAuthCryptoParameters.aidl
@@ -0,0 +1,28 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.security.see.hwcrypto.types;
+
+import android.hardware.security.see.hwcrypto.types.AesGcmMode;
+
+/*
+ * Data needed to perform authenticated symmetric cryptographic operations.
+ */
+union SymmetricAuthCryptoParameters {
+ /*
+ * AES (Advanced Encryption Standard) GCM parameters.
+ */
+ AesGcmMode aes;
+}
diff --git a/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/SymmetricAuthOperationParameters.aidl b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/SymmetricAuthOperationParameters.aidl
new file mode 100644
index 0000000..46568c3
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/SymmetricAuthOperationParameters.aidl
@@ -0,0 +1,41 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.security.see.hwcrypto.types;
+
+import android.hardware.security.see.hwcrypto.IOpaqueKey;
+import android.hardware.security.see.hwcrypto.types.SymmetricAuthCryptoParameters;
+import android.hardware.security.see.hwcrypto.types.SymmetricOperation;
+
+/*
+ * Parameters needed to perform an authenticated symmetric cryptographic operation. Currently only
+ * AES-GCM is supported.
+ */
+parcelable SymmetricAuthOperationParameters {
+ /*
+ * Key to be used on the operation.
+ */
+ IOpaqueKey key;
+
+ /*
+ * Encryption or Decryption.
+ */
+ SymmetricOperation direction;
+
+ /*
+ * Parameters that specify the desired authenticated cryptographic operation.
+ */
+ SymmetricAuthCryptoParameters parameters;
+}
diff --git a/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/SymmetricOperation.aidl b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/SymmetricOperation.aidl
new file mode 100644
index 0000000..2717472
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/SymmetricOperation.aidl
@@ -0,0 +1,21 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.security.see.hwcrypto.types;
+
+/*
+ * Enum describing the type of symmetric operation desired.
+ */
+enum SymmetricOperation { ENCRYPT, DECRYPT }
diff --git a/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/Void.aidl b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/Void.aidl
new file mode 100644
index 0000000..f9f608d
--- /dev/null
+++ b/staging/security/see/hwcrypto/aidl/android/hardware/security/see/hwcrypto/types/Void.aidl
@@ -0,0 +1,18 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.hardware.security.see.hwcrypto.types;
+
+parcelable Void {}
diff --git a/tv/tuner/aidl/vts/functional/VtsHalTvTunerTargetTest.h b/tv/tuner/aidl/vts/functional/VtsHalTvTunerTargetTest.h
index 8ad6ee0..491a79b 100644
--- a/tv/tuner/aidl/vts/functional/VtsHalTvTunerTargetTest.h
+++ b/tv/tuner/aidl/vts/functional/VtsHalTvTunerTargetTest.h
@@ -17,6 +17,7 @@
#pragma once
#include <android/binder_manager.h>
+#include <cutils/properties.h>
#include "DemuxTests.h"
#include "DescramblerTests.h"
@@ -29,6 +30,17 @@
namespace {
bool initConfiguration() {
+ std::array<char, PROPERTY_VALUE_MAX> variant;
+ auto res = property_get("ro.vendor.vts_tuner_configuration_variant", variant.data(), "");
+ if (res <= 0) {
+ ALOGE("[vts] failed to read system property ro.vendor.vts_tuner_configuration_variant");
+ return false;
+ }
+ string configFilePath = "/vendor/etc/tuner_vts_config_aidl_V1";
+ if (variant.size() != 0) {
+ configFilePath = configFilePath + "." + variant.data();
+ }
+ configFilePath = configFilePath + ".xml";
TunerTestingConfigAidlReader1_0::setConfigFilePath(configFilePath);
if (!TunerTestingConfigAidlReader1_0::checkConfigFileExists()) {
return false;
diff --git a/tv/tuner/aidl/vts/functional/VtsHalTvTunerTestConfigurations.h b/tv/tuner/aidl/vts/functional/VtsHalTvTunerTestConfigurations.h
index ff94639..29d2f18 100644
--- a/tv/tuner/aidl/vts/functional/VtsHalTvTunerTestConfigurations.h
+++ b/tv/tuner/aidl/vts/functional/VtsHalTvTunerTestConfigurations.h
@@ -52,8 +52,6 @@
const int32_t FMQ_SIZE_4M = 0x400000;
const int32_t FMQ_SIZE_16M = 0x1000000;
-const string configFilePath = "/vendor/etc/tuner_vts_config_aidl_V1.xml";
-
#define FILTER_MAIN_TYPE_BIT_COUNT 5
#define STATUS_CHECK_INTERVAL_MS 100L