Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_security / ca543112cd072bd85a9958c75c9ba5746f7731db / . / keystore2 / src / keymint_definitions.rs
blob: 2658a01e50db56e2e8f6f3413ed700eb4ae4a4e0 [file] [log] [blame]
Hasini Gunasinghe12486362020-07-24 18:40:20 +0000[diff] [blame]1// Copyright 2020, The Android Open Source Project
2//
3// Licensed under the Apache License, Version 2.0 (the "License");
4// you may not use this file except in compliance with the License.
5// You may obtain a copy of the License at
6//
7// http://www.apache.org/licenses/LICENSE-2.0
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12// See the License for the specific language governing permissions and
13// limitations under the License.
14
15#![allow(non_camel_case_types)]
16#![allow(missing_docs)]
17
18/// This is the current interface for the code to-be-generated from the keymint AIDL.
19/// The AIDL spec is at" hardware/interfaces/keymint
20#[repr(u32)]
21#[derive(PartialEq, Debug)]
22pub enum TagType {
23 INVALID = 0 << 28,
24 ENUM = 1 << 28,
25 ENUM_REP = 2 << 28,
26 UINT = 3 << 28,
27 UINT_REP = 4 << 28,
28 ULONG = 5 << 28,
29 DATE = 6 << 28,
30 BOOL = 7 << 28,
31 BIGNUM = 8 << 28,
32 BYTES = 9 << 28,
33 ULONG_REP = 10 << 28,
34}
35#[repr(u32)]
36#[derive(PartialEq, Debug, Copy, Clone)]
37pub enum Tag {
38 INVALID = TagType::INVALID as u32,
39 PURPOSE = TagType::ENUM_REP as u32 | 1,
40 ALGORITHM = TagType::ENUM as u32 | 2,
41 KEY_SIZE = TagType::UINT as u32 | 3,
42 BLOCK_MODE = TagType::ENUM_REP as u32 | 4,
43 DIGEST = TagType::ENUM_REP as u32 | 5,
44 PADDING = TagType::ENUM_REP as u32 | 6,
45 CALLER_NONCE = TagType::BOOL as u32 | 7,
46 MIN_MAC_LENGTH = TagType::UINT as u32 | 8,
47 EC_CURVE = TagType::ENUM as u32 | 10,
48 RSA_PUBLIC_EXPONENT = TagType::ULONG as u32 | 200,
49 INCLUDE_UNIQUE_ID = TagType::BOOL as u32 | 202,
50 BLOB_USAGE_REQUIREMENTS = TagType::ENUM as u32 | 301,
51 BOOTLOADER_ONLY = TagType::BOOL as u32 | 302,
52 ROLLBACK_RESISTANCE = TagType::BOOL as u32 | 303,
53 ACTIVE_DATETIME = TagType::DATE as u32 | 400,
54 ORIGINATION_EXPIRE_DATETIME = TagType::DATE as u32 | 401,
55 USAGE_EXPIRE_DATETIME = TagType::DATE as u32 | 402,
56 MIN_SECONDS_BETWEEN_OPS = TagType::UINT as u32 | 403,
57 MAX_USES_PER_BOOT = TagType::UINT as u32 | 404,
58 USER_ID = TagType::UINT as u32 | 501,
59 USER_SECURE_ID = TagType::ULONG_REP as u32 | 502,
60 NO_AUTH_REQUIRED = TagType::BOOL as u32 | 503,
61 USER_AUTH_TYPE = TagType::ENUM as u32 | 504,
62 AUTH_TIMEOUT = TagType::UINT as u32 | 505,
63 ALLOW_WHILE_ON_BODY = TagType::BOOL as u32 | 506,
64 TRUSTED_USER_PRESENCE_REQUIRED = TagType::BOOL as u32 | 507,
65 TRUSTED_CONFIRMATION_REQUIRED = TagType::BOOL as u32 | 508,
66 UNLOCKED_DEVICE_REQUIRED = TagType::BOOL as u32 | 509,
67 APPLICATION_ID = TagType::BYTES as u32 | 601,
68 APPLICATION_DATA = TagType::BYTES as u32 | 700,
69 CREATION_DATETIME = TagType::DATE as u32 | 701,
70 ORIGIN = TagType::ENUM as u32 | 702,
71 ROOT_OF_TRUST = TagType::BYTES as u32 | 704,
72 OS_VERSION = TagType::UINT as u32 | 705,
73 OS_PATCHLEVEL = TagType::UINT as u32 | 706,
74 UNIQUE_ID = TagType::BYTES as u32 | 707,
75 ATTESTATION_CHALLENGE = TagType::BYTES as u32 | 708,
76 ATTESTATION_APPLICATION_ID = TagType::BYTES as u32 | 709,
77 ATTESTATION_ID_BRAND = TagType::BYTES as u32 | 710,
78 ATTESTATION_ID_DEVICE = TagType::BYTES as u32 | 711,
79 ATTESTATION_ID_PRODUCT = TagType::BYTES as u32 | 712,
80 ATTESTATION_ID_SERIAL = TagType::BYTES as u32 | 713,
81 ATTESTATION_ID_IMEI = TagType::BYTES as u32 | 714,
82 ATTESTATION_ID_MEID = TagType::BYTES as u32 | 715,
83 ATTESTATION_ID_MANUFACTURER = TagType::BYTES as u32 | 716,
84 ATTESTATION_ID_MODEL = TagType::BYTES as u32 | 717,
85 VENDOR_PATCHLEVEL = TagType::UINT as u32 | 718,
86 BOOT_PATCHLEVEL = TagType::UINT as u32 | 719,
87 ASSOCIATED_DATA = TagType::BYTES as u32 | 1000,
88 NONCE = TagType::BYTES as u32 | 1001,
89 MAC_LENGTH = TagType::UINT as u32 | 1003,
90 RESET_SINCE_ID_ROTATION = TagType::BOOL as u32 | 1004,
91 CONFIRMATION_TOKEN = TagType::BYTES as u32 | 1005,
92}
93#[repr(u32)]
94#[derive(PartialEq, Debug, Copy, Clone)]
95pub enum Algorithm {
96 RSA = 1,
97 EC = 3,
98 AES = 32,
99 TRIPLE_DES = 33,
100 HMAC = 128,
101}
102#[repr(u32)]
103#[derive(PartialEq, Debug, Copy, Clone)]
104pub enum BlockMode {
105 ECB = 1,
106 CBC = 2,
107 CTR = 3,
108 GCM = 32,
109}
110#[repr(u32)]
111#[derive(PartialEq, Debug, Copy, Clone)]
112pub enum PaddingMode {
113 NONE = 1,
114 RSA_OAEP = 2,
115 RSA_PSS = 3,
116 RSA_PKCS1_1_5_ENCRYPT = 4,
117 RSA_PKCS1_1_5_SIGN = 5,
118 PKCS7 = 64,
119}
120#[repr(u32)]
121#[derive(PartialEq, Debug, Copy, Clone)]
122pub enum Digest {
123 NONE = 0,
124 MD5 = 1,
125 SHA1 = 2,
126 SHA_2_224 = 3,
127 SHA_2_256 = 4,
128 SHA_2_384 = 5,
129 SHA_2_512 = 6,
130}
131#[repr(u32)]
132#[derive(PartialEq, Debug, Copy, Clone)]
133pub enum EcCurve {
134 P_224 = 0,
135 P_256 = 1,
136 P_384 = 2,
137 P_521 = 3,
138}
139#[repr(u32)]
140#[derive(PartialEq, Debug, Copy, Clone)]
141pub enum KeyOrigin {
142 GENERATED = 0,
143 DERIVED = 1,
144 IMPORTED = 2,
145 UNKNOWN = 3,
146 SECURELY_IMPORTED = 4,
147}
148#[repr(u32)]
149#[derive(PartialEq, Debug, Copy, Clone)]
150pub enum KeyBlobUsageRequirements {
151 STANDALONE = 0,
152 REQUIRES_FILE_SYSTEM = 1,
153}
154#[repr(u32)]
155#[derive(PartialEq, Debug, Copy, Clone)]
156pub enum KeyPurpose {
157 ENCRYPT = 0,
158 DECRYPT = 1,
159 SIGN = 2,
160 VERIFY = 3,
161 WRAP_KEY = 5,
162}
163#[repr(u32)]
164#[derive(PartialEq, Debug, Copy, Clone)]
165pub enum HardwareAuthenticatorType {
166 NONE = 0,
167 PASSWORD = 1,
168 FINGERPRINT = 1 << 1,
169 ANY = (0xFFFFFFFF as u32) as u32,
170}
171#[repr(u32)]
172#[derive(PartialEq, Debug, Copy, Clone)]
173pub enum SecurityLevel {
174 SOFTWARE = 0,
175 TRUSTED_ENVIRONMENT = 1,
176 STRONGBOX = 2,
177}