Merge changes I2e5515ef,I3b807e3e
* changes:
Add new error codes for rate-limit and max-use failures.
Update comments on now-unsed user ID and app ID tags.
diff --git a/include/hardware/keymaster_defs.h b/include/hardware/keymaster_defs.h
index d1dd326..1e6f03a 100644
--- a/include/hardware/keymaster_defs.h
+++ b/include/hardware/keymaster_defs.h
@@ -84,9 +84,8 @@
boot. */
/* User authentication */
- KM_TAG_ALL_USERS = KM_BOOL | 500, /* If key is usable by all users. */
- KM_TAG_USER_ID = KM_INT | 501, /* ID of authorized user. Disallowed if
- KM_TAG_ALL_USERS is present. */
+ KM_TAG_ALL_USERS = KM_BOOL | 500, /* Reserved for future use -- ignore */
+ KM_TAG_USER_ID = KM_INT | 501, /* Reserved for future use -- ignore */
KM_TAG_USER_SECURE_ID = KM_LONG_REP | 502, /* Secure ID of authorized user or authenticator(s).
Disallowed if KM_TAG_ALL_USERS or
KM_TAG_NO_AUTH_REQUIRED is present. */
@@ -103,9 +102,8 @@
device is powered off. */
/* Application access control */
- KM_TAG_ALL_APPLICATIONS = KM_BOOL | 600, /* If key is usable by all applications. */
- KM_TAG_APPLICATION_ID = KM_BYTES | 601, /* ID of authorized application. Disallowed if
- KM_TAG_ALL_APPLICATIONS is present. */
+ KM_TAG_ALL_APPLICATIONS = KM_BOOL | 600, /* Reserved for future use -- ignore */
+ KM_TAG_APPLICATION_ID = KM_BYTES | 601, /* Reserved for fugure use -- ignore */
/*
* Semantically unenforceable tags, either because they have no specific meaning or because
@@ -335,7 +333,9 @@
KM_ERROR_MISSING_NONCE = -51,
KM_ERROR_INVALID_NONCE = -52,
KM_ERROR_MISSING_MAC_LENGTH = -53,
+ KM_ERROR_KEY_RATE_LIMIT_EXCEEDED = -54,
KM_ERROR_CALLER_NONCE_PROHIBITED = -55,
+ KM_ERROR_KEY_MAX_OPS_EXCEEDED = -56,
KM_ERROR_UNIMPLEMENTED = -100,
KM_ERROR_VERSION_MISMATCH = -101,