Merge "Add @deprecated and @return error annotations" into main am: b3229b6f86
Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/3420539
Change-Id: I6081a64923526a9d454ff15d1a53e3817454a28f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
diff --git a/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/IKeyMintDevice.aidl b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/IKeyMintDevice.aidl
index 2945dab..e6d2fdf 100644
--- a/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/IKeyMintDevice.aidl
+++ b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/IKeyMintDevice.aidl
@@ -45,6 +45,9 @@
void deleteAllKeys();
void destroyAttestationIds();
android.hardware.security.keymint.BeginResult begin(in android.hardware.security.keymint.KeyPurpose purpose, in byte[] keyBlob, in android.hardware.security.keymint.KeyParameter[] params, in @nullable android.hardware.security.keymint.HardwareAuthToken authToken);
+ /**
+ * @deprecated Method has never been used due to design limitations
+ */
void deviceLocked(in boolean passwordOnly, in @nullable android.hardware.security.secureclock.TimeStampToken timestampToken);
void earlyBootEnded();
byte[] convertStorageKeyToEphemeral(in byte[] storageKeyBlob);
diff --git a/security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl b/security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl
index b57dd8a..cafec70 100644
--- a/security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl
+++ b/security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl
@@ -826,6 +826,7 @@
*
* @param passwordOnly N/A due to the deprecation
* @param timestampToken N/A due to the deprecation
+ * @deprecated Method has never been used due to design limitations
*/
void deviceLocked(in boolean passwordOnly, in @nullable TimeStampToken timestampToken);
@@ -964,10 +965,11 @@
* IKeyMintDevice must ignore KeyParameters with tags not included in the following list:
*
* o Tag::MODULE_HASH: holds a hash that must be included in attestations in the moduleHash
- * field of the software enforced authorization list. If Tag::MODULE_HASH is included in more
- * than one setAdditionalAttestationInfo call, the implementation should compare the initial
- * KeyParamValue with the more recent one. If they differ, the implementation should fail with
- * ErrorCode::MODULE_HASH_ALREADY_SET. If they are the same, no action needs to be taken.
+ * field of the software enforced authorization list.
+ *
+ * @return error ErrorCode::MODULE_HASH_ALREADY_SET if this is not the first time
+ * setAdditionalAttestationInfo is called with Tag::MODULE_HASH, and the associated
+ * KeyParamValue of the current call doesn't match the KeyParamValue of the first call.
*/
void setAdditionalAttestationInfo(in KeyParameter[] info);
}