Merge commit 'd7cc04b275ea6d1cec863159327281b0ffbc8120' into HEAD
diff --git a/include/hardware/keymaster.h b/include/hardware/keymaster.h
index 40380ad..db66a74 100644
--- a/include/hardware/keymaster.h
+++ b/include/hardware/keymaster.h
@@ -534,8 +534,8 @@
* \param[in] params Additional parameters for the operation. This is typically used to provide
* client ID information, with tags KM_TAG_APPLICATION_ID and KM_TAG_APPLICATION_DATA. If the
* client information associated with the key is not provided, begin() will fail and return
- * KM_ERROR_INVALID_KEY_BLOB. Less commonly, \params can be used to provide AEAD additional
- * data and chunk size with KM_TAG_ADDITIONAL_DATA or KM_TAG_CHUNK_SIZE respectively.
+ * KM_ERROR_INVALID_KEY_BLOB. For operations that require a nonce or IV, this must contain a
+ * tag KM_TAG_NONCE. For AEAD operations KM_TAG_CHUNK_SIZE is specified here.
*
* \param[in] params_count The number of entries in \p params.
*
@@ -569,6 +569,11 @@
*
* \param[in] operation_handle The operation handle returned by begin().
*
+ * \param[in] params Additional parameters for the operation. For AEAD modes, this is used to
+ * specify KM_TAG_ADDITIONAL_DATA.
+ *
+ * \param[in] params_count Length of \p params.
+ *
* \param[in] input Data to be processed, per the parameters established in the call to begin().
* Note that update() may or may not consume all of the data provided. See \p data_consumed.
*
@@ -589,9 +594,10 @@
* *output may be either NULL or zero-length (so the caller should always free() it).
*/
keymaster_error_t (*update)(const struct keymaster_device* dev,
- keymaster_operation_handle_t operation_handle, const uint8_t* input,
- size_t input_length, size_t* input_consumed, uint8_t** output,
- size_t* output_length);
+ keymaster_operation_handle_t operation_handle,
+ const keymaster_key_param_t* params, size_t params_count,
+ const uint8_t* input, size_t input_length, size_t* input_consumed,
+ uint8_t** output, size_t* output_length);
/**
* Finalizes a cryptographic operation begun with begin() and invalidates operation_handle
@@ -602,6 +608,11 @@
* \param[in] operation_handle The operation handle returned by begin(). This handle will be
* invalidated.
*
+ * \param[in] params Additional parameters for the operation. For AEAD modes, this is used to
+ * specify KM_TAG_ADDITIONAL_DATA.
+ *
+ * \param[in] params_count Length of \p params.
+ *
* \param[in] signature The signature to be verified if the purpose specified in the begin()
* call was KM_PURPOSE_VERIFY.
*
@@ -617,6 +628,7 @@
*/
keymaster_error_t (*finish)(const struct keymaster_device* dev,
keymaster_operation_handle_t operation_handle,
+ const keymaster_key_param_t* params, size_t params_count,
const uint8_t* signature, size_t signature_length, uint8_t** output,
size_t* output_length);
diff --git a/include/hardware/keymaster_defs.h b/include/hardware/keymaster_defs.h
index 770c66e..9c6ad9d 100644
--- a/include/hardware/keymaster_defs.h
+++ b/include/hardware/keymaster_defs.h
@@ -102,15 +102,16 @@
*/
/* Crypto parameters */
- KM_TAG_PURPOSE = KM_ENUM_REP | 1, /* keymaster_purpose_t. */
- KM_TAG_ALGORITHM = KM_ENUM | 2, /* keymaster_algorithm_t. */
- KM_TAG_KEY_SIZE = KM_INT | 3, /* Key size in bits. */
- KM_TAG_BLOCK_MODE = KM_ENUM | 4, /* keymaster_block_mode_t. */
- KM_TAG_DIGEST = KM_ENUM | 5, /* keymaster_digest_t. */
- KM_TAG_MAC_LENGTH = KM_INT | 6, /* MAC length in bits. */
- KM_TAG_PADDING = KM_ENUM | 7, /* keymaster_padding_t. */
- KM_TAG_CHUNK_LENGTH = KM_INT | 8, /* AEAD mode minimum decryption chunk size, in bytes. */
- KM_TAG_CALLER_NONCE = KM_BOOL | 9, /* Allow caller to specify nonce or IV. */
+ KM_TAG_PURPOSE = KM_ENUM_REP | 1, /* keymaster_purpose_t. */
+ KM_TAG_ALGORITHM = KM_ENUM | 2, /* keymaster_algorithm_t. */
+ KM_TAG_KEY_SIZE = KM_INT | 3, /* Key size in bits. */
+ KM_TAG_BLOCK_MODE = KM_ENUM | 4, /* keymaster_block_mode_t. */
+ KM_TAG_DIGEST = KM_ENUM | 5, /* keymaster_digest_t. */
+ KM_TAG_MAC_LENGTH = KM_INT | 6, /* MAC length in bits. */
+ KM_TAG_PADDING = KM_ENUM | 7, /* keymaster_padding_t. */
+ KM_TAG_RETURN_UNAUTHED = KM_BOOL | 8, /* Allow AEAD decryption to return plaintext before it has
+ been authenticated. WARNING: Not recommended. */
+ KM_TAG_CALLER_NONCE = KM_BOOL | 9, /* Allow caller to specify nonce or IV. */
/* Other hardware-enforced. */
KM_TAG_RESCOPING_ADD = KM_ENUM_REP | 101, /* Tags authorized for addition via rescoping. */
@@ -173,9 +174,11 @@
KM_TAG_ROOT_OF_TRUST = KM_BYTES | 704, /* Root of trust ID. Empty array means usable by all
roots. */
- /* Tags used only to provide data to operations */
- KM_TAG_ADDITIONAL_DATA = KM_BYTES | 1000, /* Used to provide additional data for AEAD modes. */
+ /* Tags used only to provide data to or receive data from operations */
+ KM_TAG_ASSOCIATED_DATA = KM_BYTES | 1000, /* Used to provide associated data for AEAD modes. */
KM_TAG_NONCE = KM_BYTES | 1001, /* Nonce or Initialization Vector */
+ KM_TAG_CHUNK_LENGTH = KM_INT | 1002, /* AEAD mode chunk size, in bytes. 0 means no limit,
+ which requires KM_TAG_RETURN_UNAUTHED. */
} keymaster_tag_t;
/**