From 08a7e43e78b7b2715f0153e812297e98245916b3 Mon Sep 17 00:00:00 2001 From: Shawn Willden Date: Fri, 11 Dec 2020 13:05:27 +0000 Subject: [PATCH] Revert^2 "Move keymint to android.hardware.security." 1ffcdebadd7229af65c575dc1271084b17fe42d7 Bug: 175345910 Bug: 171429297 Exempt-From-Owner-Approval: re-landing topic with no changes in this CL. Change-Id: I691cad252f188b54a8076589d9955774d74d4729 --- .../compatibility_matrix.current.xml | 2 +- .../hardware/keymint/IKeyMintDevice.aidl | 33 ------ .../android.hardware.keymint@1.0-service.rc | 3 - {keymint => security/keymint}/aidl/Android.bp | 4 +- {keymint => security/keymint}/aidl/OWNERS | 0 .../hardware/security}/keymint/Algorithm.aidl | 2 +- .../security}/keymint/BeginResult.aidl | 6 +- .../hardware/security}/keymint/BlockMode.aidl | 2 +- .../hardware/security}/keymint/ByteArray.aidl | 2 +- .../security}/keymint/Certificate.aidl | 2 +- .../hardware/security}/keymint/Digest.aidl | 2 +- .../hardware/security}/keymint/EcCurve.aidl | 2 +- .../hardware/security}/keymint/ErrorCode.aidl | 2 +- .../security}/keymint/HardwareAuthToken.aidl | 6 +- .../keymint/HardwareAuthenticatorType.aidl | 2 +- .../security/keymint/IKeyMintDevice.aidl | 33 ++++++ .../security}/keymint/IKeyMintOperation.aidl | 6 +- .../security}/keymint/KeyCharacteristics.aidl | 6 +- .../keymint/KeyDerivationFunction.aidl | 2 +- .../hardware/security}/keymint/KeyFormat.aidl | 2 +- .../keymint/KeyMintHardwareInfo.aidl | 4 +- .../hardware/security}/keymint/KeyOrigin.aidl | 2 +- .../security}/keymint/KeyParameter.aidl | 4 +- .../security}/keymint/KeyParameterArray.aidl | 4 +- .../security}/keymint/KeyPurpose.aidl | 2 +- .../security}/keymint/PaddingMode.aidl | 2 +- .../security}/keymint/SecurityLevel.aidl | 2 +- .../hardware/security}/keymint/Tag.aidl | 2 +- .../hardware/security}/keymint/TagType.aidl | 2 +- .../hardware/security}/keymint/Timestamp.aidl | 2 +- .../security}/keymint/VerificationToken.aidl | 6 +- .../hardware/security}/keymint/Algorithm.aidl | 3 +- .../security}/keymint/BeginResult.aidl | 8 +- .../hardware/security}/keymint/BlockMode.aidl | 3 +- .../hardware/security}/keymint/ByteArray.aidl | 3 +- .../security}/keymint/Certificate.aidl | 2 +- .../hardware/security}/keymint/Digest.aidl | 3 +- .../hardware/security}/keymint/EcCurve.aidl | 3 +- .../hardware/security}/keymint/ErrorCode.aidl | 3 +- .../security}/keymint/HardwareAuthToken.aidl | 7 +- .../keymint/HardwareAuthenticatorType.aidl | 2 +- .../security}/keymint/IKeyMintDevice.aidl | 26 ++--- .../security}/keymint/IKeyMintOperation.aidl | 12 +- .../security}/keymint/KeyCharacteristics.aidl | 4 +- .../keymint/KeyDerivationFunction.aidl | 2 +- .../hardware/security}/keymint/KeyFormat.aidl | 3 +- .../keymint/KeyMintHardwareInfo.aidl | 6 +- .../hardware/security}/keymint/KeyOrigin.aidl | 3 +- .../security}/keymint/KeyParameter.aidl | 25 ++--- .../security}/keymint/KeyParameterArray.aidl | 4 +- .../security}/keymint/KeyPurpose.aidl | 2 +- .../security}/keymint/PaddingMode.aidl | 2 +- .../security}/keymint/SecurityLevel.aidl | 2 +- .../hardware/security}/keymint/Tag.aidl | 4 +- .../hardware/security}/keymint/TagType.aidl | 2 +- .../hardware/security}/keymint/Timestamp.aidl | 2 +- .../security}/keymint/VerificationToken.aidl | 13 +-- .../keymint}/aidl/default/Android.bp | 12 +- ...droid.hardware.security.keymint-service.rc | 3 + ...roid.hardware.security.keymint-service.xml | 2 +- .../keymint}/aidl/default/service.cpp | 16 +-- .../keymint}/aidl/vts/functional/Android.bp | 22 ++-- .../aidl/vts/functional/AndroidTest.xml | 0 .../vts/functional/KeyMintAidlTestBase.cpp | 13 +-- .../aidl/vts/functional/KeyMintAidlTestBase.h | 16 +-- .../aidl/vts/functional/KeyMintTest.cpp | 41 +++---- .../vts/functional/VerificationTokenTest.cpp | 10 +- .../keymint}/support/Android.bp | 4 +- {keymint => security/keymint}/support/OWNERS | 0 .../keymint}/support/attestation_record.cpp | 21 ++-- .../keymint}/support/authorization_set.cpp | 39 +++---- .../keymint_support}/attestation_record.h | 22 ++-- .../keymint_support}/authorization_set.h | 23 ++-- .../keymint_support}/key_param_output.h | 42 +++---- .../include/keymint_support}/keymint_tags.h | 104 +++--------------- .../include/keymint_support}/keymint_utils.h | 10 +- .../include/keymint_support}/openssl_utils.h | 22 ++-- .../keymint}/support/key_param_output.cpp | 14 +-- .../keymint}/support/keymint_utils.cpp | 6 +- 79 files changed, 294 insertions(+), 448 deletions(-) delete mode 100644 keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/IKeyMintDevice.aidl delete mode 100644 keymint/aidl/default/android.hardware.keymint@1.0-service.rc rename {keymint => security/keymint}/aidl/Android.bp (76%) rename {keymint => security/keymint}/aidl/OWNERS (100%) rename {keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware => security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security}/keymint/Algorithm.aidl (96%) rename {keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware => security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security}/keymint/BeginResult.aidl (86%) rename {keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware => security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security}/keymint/BlockMode.aidl (96%) rename {keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware => security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security}/keymint/ByteArray.aidl (96%) rename {keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware => security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security}/keymint/Certificate.aidl (96%) rename {keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware => security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security}/keymint/Digest.aidl (96%) rename {keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware => security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security}/keymint/EcCurve.aidl (96%) rename {keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware => security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security}/keymint/ErrorCode.aidl (98%) rename {keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware => security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security}/keymint/HardwareAuthToken.aidl (86%) rename {keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware => security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security}/keymint/HardwareAuthenticatorType.aidl (96%) create mode 100644 security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/IKeyMintDevice.aidl rename {keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware => security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security}/keymint/IKeyMintOperation.aidl (56%) rename {keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware => security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security}/keymint/KeyCharacteristics.aidl (85%) rename {keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware => security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security}/keymint/KeyDerivationFunction.aidl (96%) rename {keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware => security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security}/keymint/KeyFormat.aidl (96%) rename {keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware => security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security}/keymint/KeyMintHardwareInfo.aidl (91%) rename {keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware => security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security}/keymint/KeyOrigin.aidl (96%) rename {keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware => security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security}/keymint/KeyParameter.aidl (92%) rename {keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware => security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security}/keymint/KeyParameterArray.aidl (91%) rename {keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware => security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security}/keymint/KeyPurpose.aidl (96%) rename {keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware => security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security}/keymint/PaddingMode.aidl (96%) rename {keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware => security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security}/keymint/SecurityLevel.aidl (96%) rename {keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware => security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security}/keymint/Tag.aidl (98%) rename {keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware => security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security}/keymint/TagType.aidl (96%) rename {keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware => security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security}/keymint/Timestamp.aidl (96%) rename {keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware => security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security}/keymint/VerificationToken.aidl (87%) rename {keymint/aidl/android/hardware => security/keymint/aidl/android/hardware/security}/keymint/Algorithm.aidl (95%) rename {keymint/aidl/android/hardware => security/keymint/aidl/android/hardware/security}/keymint/BeginResult.aidl (87%) rename {keymint/aidl/android/hardware => security/keymint/aidl/android/hardware/security}/keymint/BlockMode.aidl (96%) rename {keymint/aidl/android/hardware => security/keymint/aidl/android/hardware/security}/keymint/ByteArray.aidl (94%) rename {keymint/aidl/android/hardware => security/keymint/aidl/android/hardware/security}/keymint/Certificate.aidl (95%) rename {keymint/aidl/android/hardware => security/keymint/aidl/android/hardware/security}/keymint/Digest.aidl (95%) rename {keymint/aidl/android/hardware => security/keymint/aidl/android/hardware/security}/keymint/EcCurve.aidl (94%) rename {keymint/aidl/android/hardware => security/keymint/aidl/android/hardware/security}/keymint/ErrorCode.aidl (98%) rename {keymint/aidl/android/hardware => security/keymint/aidl/android/hardware/security}/keymint/HardwareAuthToken.aidl (95%) rename {keymint/aidl/android/hardware => security/keymint/aidl/android/hardware/security}/keymint/HardwareAuthenticatorType.aidl (96%) rename {keymint/aidl/android/hardware => security/keymint/aidl/android/hardware/security}/keymint/IKeyMintDevice.aidl (98%) rename {keymint/aidl/android/hardware => security/keymint/aidl/android/hardware/security}/keymint/IKeyMintOperation.aidl (97%) rename {keymint/aidl/android/hardware => security/keymint/aidl/android/hardware/security}/keymint/KeyCharacteristics.aidl (94%) rename {keymint/aidl/android/hardware => security/keymint/aidl/android/hardware/security}/keymint/KeyDerivationFunction.aidl (96%) rename {keymint/aidl/android/hardware => security/keymint/aidl/android/hardware/security}/keymint/KeyFormat.aidl (95%) rename {keymint/aidl/android/hardware => security/keymint/aidl/android/hardware/security}/keymint/KeyMintHardwareInfo.aidl (94%) rename {keymint/aidl/android/hardware => security/keymint/aidl/android/hardware/security}/keymint/KeyOrigin.aidl (97%) rename {keymint/aidl/android/hardware => security/keymint/aidl/android/hardware/security}/keymint/KeyParameter.aidl (70%) rename {keymint/aidl/android/hardware => security/keymint/aidl/android/hardware/security}/keymint/KeyParameterArray.aidl (90%) rename {keymint/aidl/android/hardware => security/keymint/aidl/android/hardware/security}/keymint/KeyPurpose.aidl (96%) rename {keymint/aidl/android/hardware => security/keymint/aidl/android/hardware/security}/keymint/PaddingMode.aidl (96%) rename {keymint/aidl/android/hardware => security/keymint/aidl/android/hardware/security}/keymint/SecurityLevel.aidl (95%) rename {keymint/aidl/android/hardware => security/keymint/aidl/android/hardware/security}/keymint/Tag.aidl (99%) rename {keymint/aidl/android/hardware => security/keymint/aidl/android/hardware/security}/keymint/TagType.aidl (97%) rename {keymint/aidl/android/hardware => security/keymint/aidl/android/hardware/security}/keymint/Timestamp.aidl (96%) rename {keymint/aidl/android/hardware => security/keymint/aidl/android/hardware/security}/keymint/VerificationToken.aidl (79%) rename {keymint => security/keymint}/aidl/default/Android.bp (58%) create mode 100644 security/keymint/aidl/default/android.hardware.security.keymint-service.rc rename keymint/aidl/default/android.hardware.keymint@1.0-service.xml => security/keymint/aidl/default/android.hardware.security.keymint-service.xml (70%) rename {keymint => security/keymint}/aidl/default/service.cpp (68%) rename {keymint => security/keymint}/aidl/vts/functional/Android.bp (77%) rename {keymint => security/keymint}/aidl/vts/functional/AndroidTest.xml (100%) rename {keymint => security/keymint}/aidl/vts/functional/KeyMintAidlTestBase.cpp (99%) rename {keymint => security/keymint}/aidl/vts/functional/KeyMintAidlTestBase.h (96%) rename keymint/aidl/vts/functional/keyMint1Test.cpp => security/keymint/aidl/vts/functional/KeyMintTest.cpp (99%) rename {keymint => security/keymint}/aidl/vts/functional/VerificationTokenTest.cpp (97%) rename {keymint => security/keymint}/support/Android.bp (92%) rename {keymint => security/keymint}/support/OWNERS (100%) rename {keymint => security/keymint}/support/attestation_record.cpp (97%) rename {keymint => security/keymint}/support/authorization_set.cpp (93%) rename {keymint/support/include/keymintSupport => security/keymint/support/include/keymint_support}/attestation_record.h (84%) rename {keymint/support/include/keymintSupport => security/keymint/support/include/keymint_support}/authorization_set.h (95%) rename {keymint/support/include/keymintSupport => security/keymint/support/include/keymint_support}/key_param_output.h (72%) rename {keymint/support/include/keymintSupport => security/keymint/support/include/keymint_support}/keymint_tags.h (81%) rename {keymint/support/include/keymintSupport => security/keymint/support/include/keymint_support}/keymint_utils.h (88%) rename {keymint/support/include/keymintSupport => security/keymint/support/include/keymint_support}/openssl_utils.h (75%) rename {keymint => security/keymint}/support/key_param_output.cpp (90%) rename {keymint => security/keymint}/support/keymint_utils.cpp (96%) diff --git a/compatibility_matrices/compatibility_matrix.current.xml b/compatibility_matrices/compatibility_matrix.current.xml index 1957f8c794..e9df02f420 100644 --- a/compatibility_matrices/compatibility_matrix.current.xml +++ b/compatibility_matrices/compatibility_matrix.current.xml @@ -299,7 +299,7 @@ - android.hardware.keymint + android.hardware.security.keymint IKeyMintDevice default diff --git a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/IKeyMintDevice.aidl b/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/IKeyMintDevice.aidl deleted file mode 100644 index 1616622927..0000000000 --- a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/IKeyMintDevice.aidl +++ /dev/null @@ -1,33 +0,0 @@ -/////////////////////////////////////////////////////////////////////////////// -// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. // -/////////////////////////////////////////////////////////////////////////////// - -// This file is a snapshot of an AIDL interface (or parcelable). Do not try to -// edit this file. It looks like you are doing that because you have modified -// an AIDL interface in a backward-incompatible way, e.g., deleting a function -// from an interface or a field from a parcelable and it broke the build. That -// breakage is intended. -// -// You must not make a backward incompatible changes to the AIDL files built -// with the aidl_interface module type with versions property set. The module -// type is used to build AIDL files in a way that they can be used across -// independently updatable components of the system. If a device is shipped -// with such a backward incompatible change, it has a high risk of breaking -// later when a module using the interface is updated, e.g., Mainline modules. - -package android.hardware.keymint; -@VintfStability -interface IKeyMintDevice { - android.hardware.keymint.KeyMintHardwareInfo getHardwareInfo(); - android.hardware.keymint.VerificationToken verifyAuthorization(in long challenge, in android.hardware.keymint.HardwareAuthToken token); - void addRngEntropy(in byte[] data); - void generateKey(in android.hardware.keymint.KeyParameter[] keyParams, out android.hardware.keymint.ByteArray generatedKeyBlob, out android.hardware.keymint.KeyCharacteristics generatedKeyCharacteristics, out android.hardware.keymint.Certificate[] outCertChain); - void importKey(in android.hardware.keymint.KeyParameter[] inKeyParams, in android.hardware.keymint.KeyFormat inKeyFormat, in byte[] inKeyData, out android.hardware.keymint.ByteArray outImportedKeyBlob, out android.hardware.keymint.KeyCharacteristics outImportedKeyCharacteristics, out android.hardware.keymint.Certificate[] outCertChain); - void importWrappedKey(in byte[] inWrappedKeyData, in byte[] inWrappingKeyBlob, in byte[] inMaskingKey, in android.hardware.keymint.KeyParameter[] inUnwrappingParams, in long inPasswordSid, in long inBiometricSid, out android.hardware.keymint.ByteArray outImportedKeyBlob, out android.hardware.keymint.KeyCharacteristics outImportedKeyCharacteristics); - byte[] upgradeKey(in byte[] inKeyBlobToUpgrade, in android.hardware.keymint.KeyParameter[] inUpgradeParams); - void deleteKey(in byte[] inKeyBlob); - void deleteAllKeys(); - void destroyAttestationIds(); - android.hardware.keymint.BeginResult begin(in android.hardware.keymint.KeyPurpose inPurpose, in byte[] inKeyBlob, in android.hardware.keymint.KeyParameter[] inParams, in android.hardware.keymint.HardwareAuthToken inAuthToken); - const int AUTH_TOKEN_MAC_LENGTH = 32; -} diff --git a/keymint/aidl/default/android.hardware.keymint@1.0-service.rc b/keymint/aidl/default/android.hardware.keymint@1.0-service.rc deleted file mode 100644 index 92dce88449..0000000000 --- a/keymint/aidl/default/android.hardware.keymint@1.0-service.rc +++ /dev/null @@ -1,3 +0,0 @@ -service vendor.keymint-default /vendor/bin/hw/android.hardware.keymint@1.0-service - class early_hal - user nobody diff --git a/keymint/aidl/Android.bp b/security/keymint/aidl/Android.bp similarity index 76% rename from keymint/aidl/Android.bp rename to security/keymint/aidl/Android.bp index 0dae527d40..b5adac9558 100644 --- a/keymint/aidl/Android.bp +++ b/security/keymint/aidl/Android.bp @@ -1,8 +1,8 @@ aidl_interface { - name: "android.hardware.keymint", + name: "android.hardware.security.keymint", vendor_available: true, srcs: [ - "android/hardware/keymint/*.aidl", + "android/hardware/security/keymint/*.aidl", ], stability: "vintf", backend: { diff --git a/keymint/aidl/OWNERS b/security/keymint/aidl/OWNERS similarity index 100% rename from keymint/aidl/OWNERS rename to security/keymint/aidl/OWNERS diff --git a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/Algorithm.aidl b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/Algorithm.aidl similarity index 96% rename from keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/Algorithm.aidl rename to security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/Algorithm.aidl index f51a4128c8..46e0ae0f2f 100644 --- a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/Algorithm.aidl +++ b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/Algorithm.aidl @@ -15,7 +15,7 @@ // with such a backward incompatible change, it has a high risk of breaking // later when a module using the interface is updated, e.g., Mainline modules. -package android.hardware.keymint; +package android.hardware.security.keymint; @Backing(type="int") @VintfStability enum Algorithm { RSA = 1, diff --git a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/BeginResult.aidl b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/BeginResult.aidl similarity index 86% rename from keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/BeginResult.aidl rename to security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/BeginResult.aidl index 2f56be6721..ed96485a0d 100644 --- a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/BeginResult.aidl +++ b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/BeginResult.aidl @@ -15,10 +15,10 @@ // with such a backward incompatible change, it has a high risk of breaking // later when a module using the interface is updated, e.g., Mainline modules. -package android.hardware.keymint; +package android.hardware.security.keymint; @VintfStability parcelable BeginResult { long challenge; - android.hardware.keymint.KeyParameter[] params; - android.hardware.keymint.IKeyMintOperation operation; + android.hardware.security.keymint.KeyParameter[] params; + android.hardware.security.keymint.IKeyMintOperation operation; } diff --git a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/BlockMode.aidl b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/BlockMode.aidl similarity index 96% rename from keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/BlockMode.aidl rename to security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/BlockMode.aidl index 94de930d6e..dddc9d8d3c 100644 --- a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/BlockMode.aidl +++ b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/BlockMode.aidl @@ -15,7 +15,7 @@ // with such a backward incompatible change, it has a high risk of breaking // later when a module using the interface is updated, e.g., Mainline modules. -package android.hardware.keymint; +package android.hardware.security.keymint; @Backing(type="int") @VintfStability enum BlockMode { ECB = 1, diff --git a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/ByteArray.aidl b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/ByteArray.aidl similarity index 96% rename from keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/ByteArray.aidl rename to security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/ByteArray.aidl index 2dc22a970d..3d18a26cf7 100644 --- a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/ByteArray.aidl +++ b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/ByteArray.aidl @@ -15,7 +15,7 @@ // with such a backward incompatible change, it has a high risk of breaking // later when a module using the interface is updated, e.g., Mainline modules. -package android.hardware.keymint; +package android.hardware.security.keymint; @VintfStability parcelable ByteArray { byte[] data; diff --git a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/Certificate.aidl b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/Certificate.aidl similarity index 96% rename from keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/Certificate.aidl rename to security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/Certificate.aidl index ca55054d72..9e0f8dcff9 100644 --- a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/Certificate.aidl +++ b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/Certificate.aidl @@ -15,7 +15,7 @@ // with such a backward incompatible change, it has a high risk of breaking // later when a module using the interface is updated, e.g., Mainline modules. -package android.hardware.keymint; +package android.hardware.security.keymint; @VintfStability parcelable Certificate { byte[] encodedCertificate; diff --git a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/Digest.aidl b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/Digest.aidl similarity index 96% rename from keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/Digest.aidl rename to security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/Digest.aidl index cc4d2fdffa..8fc4d428db 100644 --- a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/Digest.aidl +++ b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/Digest.aidl @@ -15,7 +15,7 @@ // with such a backward incompatible change, it has a high risk of breaking // later when a module using the interface is updated, e.g., Mainline modules. -package android.hardware.keymint; +package android.hardware.security.keymint; @Backing(type="int") @VintfStability enum Digest { NONE = 0, diff --git a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/EcCurve.aidl b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/EcCurve.aidl similarity index 96% rename from keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/EcCurve.aidl rename to security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/EcCurve.aidl index 4e446ad275..7c3f2f38eb 100644 --- a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/EcCurve.aidl +++ b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/EcCurve.aidl @@ -15,7 +15,7 @@ // with such a backward incompatible change, it has a high risk of breaking // later when a module using the interface is updated, e.g., Mainline modules. -package android.hardware.keymint; +package android.hardware.security.keymint; @Backing(type="int") @VintfStability enum EcCurve { P_224 = 0, diff --git a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/ErrorCode.aidl b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/ErrorCode.aidl similarity index 98% rename from keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/ErrorCode.aidl rename to security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/ErrorCode.aidl index 2679243f34..cdcb08d5c7 100644 --- a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/ErrorCode.aidl +++ b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/ErrorCode.aidl @@ -15,7 +15,7 @@ // with such a backward incompatible change, it has a high risk of breaking // later when a module using the interface is updated, e.g., Mainline modules. -package android.hardware.keymint; +package android.hardware.security.keymint; @Backing(type="int") @VintfStability enum ErrorCode { OK = 0, diff --git a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/HardwareAuthToken.aidl b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/HardwareAuthToken.aidl similarity index 86% rename from keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/HardwareAuthToken.aidl rename to security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/HardwareAuthToken.aidl index 1f5f8e952e..9ea24f5ebe 100644 --- a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/HardwareAuthToken.aidl +++ b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/HardwareAuthToken.aidl @@ -15,13 +15,13 @@ // with such a backward incompatible change, it has a high risk of breaking // later when a module using the interface is updated, e.g., Mainline modules. -package android.hardware.keymint; +package android.hardware.security.keymint; @VintfStability parcelable HardwareAuthToken { long challenge; long userId; long authenticatorId; - android.hardware.keymint.HardwareAuthenticatorType authenticatorType; - android.hardware.keymint.Timestamp timestamp; + android.hardware.security.keymint.HardwareAuthenticatorType authenticatorType; + android.hardware.security.keymint.Timestamp timestamp; byte[] mac; } diff --git a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/HardwareAuthenticatorType.aidl b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/HardwareAuthenticatorType.aidl similarity index 96% rename from keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/HardwareAuthenticatorType.aidl rename to security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/HardwareAuthenticatorType.aidl index 95ec5c5b45..aef5ee049f 100644 --- a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/HardwareAuthenticatorType.aidl +++ b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/HardwareAuthenticatorType.aidl @@ -15,7 +15,7 @@ // with such a backward incompatible change, it has a high risk of breaking // later when a module using the interface is updated, e.g., Mainline modules. -package android.hardware.keymint; +package android.hardware.security.keymint; @Backing(type="int") @VintfStability enum HardwareAuthenticatorType { NONE = 0, diff --git a/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/IKeyMintDevice.aidl b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/IKeyMintDevice.aidl new file mode 100644 index 0000000000..3d08cfef08 --- /dev/null +++ b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/IKeyMintDevice.aidl @@ -0,0 +1,33 @@ +/////////////////////////////////////////////////////////////////////////////// +// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. // +/////////////////////////////////////////////////////////////////////////////// + +// This file is a snapshot of an AIDL interface (or parcelable). Do not try to +// edit this file. It looks like you are doing that because you have modified +// an AIDL interface in a backward-incompatible way, e.g., deleting a function +// from an interface or a field from a parcelable and it broke the build. That +// breakage is intended. +// +// You must not make a backward incompatible changes to the AIDL files built +// with the aidl_interface module type with versions property set. The module +// type is used to build AIDL files in a way that they can be used across +// independently updatable components of the system. If a device is shipped +// with such a backward incompatible change, it has a high risk of breaking +// later when a module using the interface is updated, e.g., Mainline modules. + +package android.hardware.security.keymint; +@VintfStability +interface IKeyMintDevice { + android.hardware.security.keymint.KeyMintHardwareInfo getHardwareInfo(); + android.hardware.security.keymint.VerificationToken verifyAuthorization(in long challenge, in android.hardware.security.keymint.HardwareAuthToken token); + void addRngEntropy(in byte[] data); + void generateKey(in android.hardware.security.keymint.KeyParameter[] keyParams, out android.hardware.security.keymint.ByteArray generatedKeyBlob, out android.hardware.security.keymint.KeyCharacteristics generatedKeyCharacteristics, out android.hardware.security.keymint.Certificate[] outCertChain); + void importKey(in android.hardware.security.keymint.KeyParameter[] inKeyParams, in android.hardware.security.keymint.KeyFormat inKeyFormat, in byte[] inKeyData, out android.hardware.security.keymint.ByteArray outImportedKeyBlob, out android.hardware.security.keymint.KeyCharacteristics outImportedKeyCharacteristics, out android.hardware.security.keymint.Certificate[] outCertChain); + void importWrappedKey(in byte[] inWrappedKeyData, in byte[] inWrappingKeyBlob, in byte[] inMaskingKey, in android.hardware.security.keymint.KeyParameter[] inUnwrappingParams, in long inPasswordSid, in long inBiometricSid, out android.hardware.security.keymint.ByteArray outImportedKeyBlob, out android.hardware.security.keymint.KeyCharacteristics outImportedKeyCharacteristics); + byte[] upgradeKey(in byte[] inKeyBlobToUpgrade, in android.hardware.security.keymint.KeyParameter[] inUpgradeParams); + void deleteKey(in byte[] inKeyBlob); + void deleteAllKeys(); + void destroyAttestationIds(); + android.hardware.security.keymint.BeginResult begin(in android.hardware.security.keymint.KeyPurpose inPurpose, in byte[] inKeyBlob, in android.hardware.security.keymint.KeyParameter[] inParams, in android.hardware.security.keymint.HardwareAuthToken inAuthToken); + const int AUTH_TOKEN_MAC_LENGTH = 32; +} diff --git a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/IKeyMintOperation.aidl b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/IKeyMintOperation.aidl similarity index 56% rename from keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/IKeyMintOperation.aidl rename to security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/IKeyMintOperation.aidl index 5327345596..8e3b0fcf9b 100644 --- a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/IKeyMintOperation.aidl +++ b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/IKeyMintOperation.aidl @@ -15,10 +15,10 @@ // with such a backward incompatible change, it has a high risk of breaking // later when a module using the interface is updated, e.g., Mainline modules. -package android.hardware.keymint; +package android.hardware.security.keymint; @VintfStability interface IKeyMintOperation { - int update(in @nullable android.hardware.keymint.KeyParameterArray inParams, in @nullable byte[] input, in @nullable android.hardware.keymint.HardwareAuthToken inAuthToken, in @nullable android.hardware.keymint.VerificationToken inVerificationToken, out @nullable android.hardware.keymint.KeyParameterArray outParams, out @nullable android.hardware.keymint.ByteArray output); - byte[] finish(in @nullable android.hardware.keymint.KeyParameterArray inParams, in @nullable byte[] input, in @nullable byte[] inSignature, in @nullable android.hardware.keymint.HardwareAuthToken authToken, in @nullable android.hardware.keymint.VerificationToken inVerificationToken, out @nullable android.hardware.keymint.KeyParameterArray outParams); + int update(in @nullable android.hardware.security.keymint.KeyParameterArray inParams, in @nullable byte[] input, in @nullable android.hardware.security.keymint.HardwareAuthToken inAuthToken, in @nullable android.hardware.security.keymint.VerificationToken inVerificationToken, out @nullable android.hardware.security.keymint.KeyParameterArray outParams, out @nullable android.hardware.security.keymint.ByteArray output); + byte[] finish(in @nullable android.hardware.security.keymint.KeyParameterArray inParams, in @nullable byte[] input, in @nullable byte[] inSignature, in @nullable android.hardware.security.keymint.HardwareAuthToken authToken, in @nullable android.hardware.security.keymint.VerificationToken inVerificationToken, out @nullable android.hardware.security.keymint.KeyParameterArray outParams); void abort(); } diff --git a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/KeyCharacteristics.aidl b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/KeyCharacteristics.aidl similarity index 85% rename from keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/KeyCharacteristics.aidl rename to security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/KeyCharacteristics.aidl index 4e73381ad7..fb4214cd43 100644 --- a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/KeyCharacteristics.aidl +++ b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/KeyCharacteristics.aidl @@ -15,9 +15,9 @@ // with such a backward incompatible change, it has a high risk of breaking // later when a module using the interface is updated, e.g., Mainline modules. -package android.hardware.keymint; +package android.hardware.security.keymint; @VintfStability parcelable KeyCharacteristics { - android.hardware.keymint.KeyParameter[] softwareEnforced; - android.hardware.keymint.KeyParameter[] hardwareEnforced; + android.hardware.security.keymint.KeyParameter[] softwareEnforced; + android.hardware.security.keymint.KeyParameter[] hardwareEnforced; } diff --git a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/KeyDerivationFunction.aidl b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/KeyDerivationFunction.aidl similarity index 96% rename from keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/KeyDerivationFunction.aidl rename to security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/KeyDerivationFunction.aidl index 8e2c7747bb..83b7e6e7ee 100644 --- a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/KeyDerivationFunction.aidl +++ b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/KeyDerivationFunction.aidl @@ -15,7 +15,7 @@ // with such a backward incompatible change, it has a high risk of breaking // later when a module using the interface is updated, e.g., Mainline modules. -package android.hardware.keymint; +package android.hardware.security.keymint; @Backing(type="int") @VintfStability enum KeyDerivationFunction { NONE = 0, diff --git a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/KeyFormat.aidl b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/KeyFormat.aidl similarity index 96% rename from keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/KeyFormat.aidl rename to security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/KeyFormat.aidl index cfa585d369..f701c808a2 100644 --- a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/KeyFormat.aidl +++ b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/KeyFormat.aidl @@ -15,7 +15,7 @@ // with such a backward incompatible change, it has a high risk of breaking // later when a module using the interface is updated, e.g., Mainline modules. -package android.hardware.keymint; +package android.hardware.security.keymint; @Backing(type="int") @VintfStability enum KeyFormat { X509 = 0, diff --git a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/KeyMintHardwareInfo.aidl b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/KeyMintHardwareInfo.aidl similarity index 91% rename from keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/KeyMintHardwareInfo.aidl rename to security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/KeyMintHardwareInfo.aidl index 8263e6018a..5e9f7ae635 100644 --- a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/KeyMintHardwareInfo.aidl +++ b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/KeyMintHardwareInfo.aidl @@ -15,11 +15,11 @@ // with such a backward incompatible change, it has a high risk of breaking // later when a module using the interface is updated, e.g., Mainline modules. -package android.hardware.keymint; +package android.hardware.security.keymint; @VintfStability parcelable KeyMintHardwareInfo { int versionNumber; - android.hardware.keymint.SecurityLevel securityLevel; + android.hardware.security.keymint.SecurityLevel securityLevel; @utf8InCpp String keyMintName; @utf8InCpp String keyMintAuthorName; } diff --git a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/KeyOrigin.aidl b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/KeyOrigin.aidl similarity index 96% rename from keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/KeyOrigin.aidl rename to security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/KeyOrigin.aidl index 8d03d2b683..9728bf92b7 100644 --- a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/KeyOrigin.aidl +++ b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/KeyOrigin.aidl @@ -15,7 +15,7 @@ // with such a backward incompatible change, it has a high risk of breaking // later when a module using the interface is updated, e.g., Mainline modules. -package android.hardware.keymint; +package android.hardware.security.keymint; @Backing(type="int") @VintfStability enum KeyOrigin { GENERATED = 0, diff --git a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/KeyParameter.aidl b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/KeyParameter.aidl similarity index 92% rename from keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/KeyParameter.aidl rename to security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/KeyParameter.aidl index 923cc6808a..91f83e4071 100644 --- a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/KeyParameter.aidl +++ b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/KeyParameter.aidl @@ -15,10 +15,10 @@ // with such a backward incompatible change, it has a high risk of breaking // later when a module using the interface is updated, e.g., Mainline modules. -package android.hardware.keymint; +package android.hardware.security.keymint; @VintfStability parcelable KeyParameter { - android.hardware.keymint.Tag tag; + android.hardware.security.keymint.Tag tag; boolean boolValue; int integer; long longInteger; diff --git a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/KeyParameterArray.aidl b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/KeyParameterArray.aidl similarity index 91% rename from keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/KeyParameterArray.aidl rename to security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/KeyParameterArray.aidl index b9b978241b..2c3b768756 100644 --- a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/KeyParameterArray.aidl +++ b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/KeyParameterArray.aidl @@ -15,8 +15,8 @@ // with such a backward incompatible change, it has a high risk of breaking // later when a module using the interface is updated, e.g., Mainline modules. -package android.hardware.keymint; +package android.hardware.security.keymint; @VintfStability parcelable KeyParameterArray { - android.hardware.keymint.KeyParameter[] params; + android.hardware.security.keymint.KeyParameter[] params; } diff --git a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/KeyPurpose.aidl b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/KeyPurpose.aidl similarity index 96% rename from keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/KeyPurpose.aidl rename to security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/KeyPurpose.aidl index 1aee56a14b..a6fd8c3737 100644 --- a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/KeyPurpose.aidl +++ b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/KeyPurpose.aidl @@ -15,7 +15,7 @@ // with such a backward incompatible change, it has a high risk of breaking // later when a module using the interface is updated, e.g., Mainline modules. -package android.hardware.keymint; +package android.hardware.security.keymint; @Backing(type="int") @VintfStability enum KeyPurpose { ENCRYPT = 0, diff --git a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/PaddingMode.aidl b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/PaddingMode.aidl similarity index 96% rename from keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/PaddingMode.aidl rename to security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/PaddingMode.aidl index 97f93db3cb..2ecfa1e8f6 100644 --- a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/PaddingMode.aidl +++ b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/PaddingMode.aidl @@ -15,7 +15,7 @@ // with such a backward incompatible change, it has a high risk of breaking // later when a module using the interface is updated, e.g., Mainline modules. -package android.hardware.keymint; +package android.hardware.security.keymint; @Backing(type="int") @VintfStability enum PaddingMode { NONE = 1, diff --git a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/SecurityLevel.aidl b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/SecurityLevel.aidl similarity index 96% rename from keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/SecurityLevel.aidl rename to security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/SecurityLevel.aidl index 1fb529ded4..601693f127 100644 --- a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/SecurityLevel.aidl +++ b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/SecurityLevel.aidl @@ -15,7 +15,7 @@ // with such a backward incompatible change, it has a high risk of breaking // later when a module using the interface is updated, e.g., Mainline modules. -package android.hardware.keymint; +package android.hardware.security.keymint; @Backing(type="int") @VintfStability enum SecurityLevel { SOFTWARE = 0, diff --git a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/Tag.aidl b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/Tag.aidl similarity index 98% rename from keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/Tag.aidl rename to security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/Tag.aidl index 33a95fe38d..38eb6e693c 100644 --- a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/Tag.aidl +++ b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/Tag.aidl @@ -15,7 +15,7 @@ // with such a backward incompatible change, it has a high risk of breaking // later when a module using the interface is updated, e.g., Mainline modules. -package android.hardware.keymint; +package android.hardware.security.keymint; @Backing(type="int") @VintfStability enum Tag { INVALID = 0, diff --git a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/TagType.aidl b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/TagType.aidl similarity index 96% rename from keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/TagType.aidl rename to security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/TagType.aidl index 82144539a7..bb2766c6bf 100644 --- a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/TagType.aidl +++ b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/TagType.aidl @@ -15,7 +15,7 @@ // with such a backward incompatible change, it has a high risk of breaking // later when a module using the interface is updated, e.g., Mainline modules. -package android.hardware.keymint; +package android.hardware.security.keymint; @Backing(type="int") @VintfStability enum TagType { INVALID = 0, diff --git a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/Timestamp.aidl b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/Timestamp.aidl similarity index 96% rename from keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/Timestamp.aidl rename to security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/Timestamp.aidl index f95d8db828..4d5b6598b5 100644 --- a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/Timestamp.aidl +++ b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/Timestamp.aidl @@ -15,7 +15,7 @@ // with such a backward incompatible change, it has a high risk of breaking // later when a module using the interface is updated, e.g., Mainline modules. -package android.hardware.keymint; +package android.hardware.security.keymint; @VintfStability parcelable Timestamp { long milliSeconds; diff --git a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/VerificationToken.aidl b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/VerificationToken.aidl similarity index 87% rename from keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/VerificationToken.aidl rename to security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/VerificationToken.aidl index 7b4989a408..5c76816a52 100644 --- a/keymint/aidl/aidl_api/android.hardware.keymint/current/android/hardware/keymint/VerificationToken.aidl +++ b/security/keymint/aidl/aidl_api/android.hardware.security.keymint/current/android/hardware/security/keymint/VerificationToken.aidl @@ -15,11 +15,11 @@ // with such a backward incompatible change, it has a high risk of breaking // later when a module using the interface is updated, e.g., Mainline modules. -package android.hardware.keymint; +package android.hardware.security.keymint; @VintfStability parcelable VerificationToken { long challenge; - android.hardware.keymint.Timestamp timestamp; - android.hardware.keymint.SecurityLevel securityLevel; + android.hardware.security.keymint.Timestamp timestamp; + android.hardware.security.keymint.SecurityLevel securityLevel; byte[] mac; } diff --git a/keymint/aidl/android/hardware/keymint/Algorithm.aidl b/security/keymint/aidl/android/hardware/security/keymint/Algorithm.aidl similarity index 95% rename from keymint/aidl/android/hardware/keymint/Algorithm.aidl rename to security/keymint/aidl/android/hardware/security/keymint/Algorithm.aidl index 8c5d99cf35..8300b0d75c 100644 --- a/keymint/aidl/android/hardware/keymint/Algorithm.aidl +++ b/security/keymint/aidl/android/hardware/security/keymint/Algorithm.aidl @@ -14,8 +14,7 @@ * limitations under the License. */ -package android.hardware.keymint; - +package android.hardware.security.keymint; /** * Algorithms provided by IKeyMintDevice implementations. diff --git a/keymint/aidl/android/hardware/keymint/BeginResult.aidl b/security/keymint/aidl/android/hardware/security/keymint/BeginResult.aidl similarity index 87% rename from keymint/aidl/android/hardware/keymint/BeginResult.aidl rename to security/keymint/aidl/android/hardware/security/keymint/BeginResult.aidl index 58eb024427..aaf9f3caa4 100644 --- a/keymint/aidl/android/hardware/keymint/BeginResult.aidl +++ b/security/keymint/aidl/android/hardware/security/keymint/BeginResult.aidl @@ -14,12 +14,10 @@ * limitations under the License. */ -package android.hardware.keymint; - - -import android.hardware.keymint.IKeyMintOperation; -import android.hardware.keymint.KeyParameter; +package android.hardware.security.keymint; +import android.hardware.security.keymint.IKeyMintOperation; +import android.hardware.security.keymint.KeyParameter; /** * This is all the results returned by the IKeyMintDevice begin() function. diff --git a/keymint/aidl/android/hardware/keymint/BlockMode.aidl b/security/keymint/aidl/android/hardware/security/keymint/BlockMode.aidl similarity index 96% rename from keymint/aidl/android/hardware/keymint/BlockMode.aidl rename to security/keymint/aidl/android/hardware/security/keymint/BlockMode.aidl index b6b36ccf2a..629c89f02e 100644 --- a/keymint/aidl/android/hardware/keymint/BlockMode.aidl +++ b/security/keymint/aidl/android/hardware/security/keymint/BlockMode.aidl @@ -14,8 +14,7 @@ * limitations under the License. */ -package android.hardware.keymint; - +package android.hardware.security.keymint; /** * Symmetric block cipher modes provided by IKeyMintDevice implementations. diff --git a/keymint/aidl/android/hardware/keymint/ByteArray.aidl b/security/keymint/aidl/android/hardware/security/keymint/ByteArray.aidl similarity index 94% rename from keymint/aidl/android/hardware/keymint/ByteArray.aidl rename to security/keymint/aidl/android/hardware/security/keymint/ByteArray.aidl index 18d187e889..c3b402ea65 100644 --- a/keymint/aidl/android/hardware/keymint/ByteArray.aidl +++ b/security/keymint/aidl/android/hardware/security/keymint/ByteArray.aidl @@ -14,8 +14,7 @@ * limitations under the License. */ -package android.hardware.keymint; - +package android.hardware.security.keymint; /** * This is used to contain a byte[], to make out parameters of byte arrays diff --git a/keymint/aidl/android/hardware/keymint/Certificate.aidl b/security/keymint/aidl/android/hardware/security/keymint/Certificate.aidl similarity index 95% rename from keymint/aidl/android/hardware/keymint/Certificate.aidl rename to security/keymint/aidl/android/hardware/security/keymint/Certificate.aidl index 3a70970f30..a9538590eb 100644 --- a/keymint/aidl/android/hardware/keymint/Certificate.aidl +++ b/security/keymint/aidl/android/hardware/security/keymint/Certificate.aidl @@ -14,7 +14,7 @@ * limitations under the License. */ -package android.hardware.keymint; +package android.hardware.security.keymint; /** * This encodes the IKeyMintDevice attestation generated certificate. diff --git a/keymint/aidl/android/hardware/keymint/Digest.aidl b/security/keymint/aidl/android/hardware/security/keymint/Digest.aidl similarity index 95% rename from keymint/aidl/android/hardware/keymint/Digest.aidl rename to security/keymint/aidl/android/hardware/security/keymint/Digest.aidl index a92ac23209..b44da5a51c 100644 --- a/keymint/aidl/android/hardware/keymint/Digest.aidl +++ b/security/keymint/aidl/android/hardware/security/keymint/Digest.aidl @@ -14,8 +14,7 @@ * limitations under the License. */ -package android.hardware.keymint; - +package android.hardware.security.keymint; /** * Digests provided by keyMint implementations. diff --git a/keymint/aidl/android/hardware/keymint/EcCurve.aidl b/security/keymint/aidl/android/hardware/security/keymint/EcCurve.aidl similarity index 94% rename from keymint/aidl/android/hardware/keymint/EcCurve.aidl rename to security/keymint/aidl/android/hardware/security/keymint/EcCurve.aidl index abd44b406d..b9d16467b0 100644 --- a/keymint/aidl/android/hardware/keymint/EcCurve.aidl +++ b/security/keymint/aidl/android/hardware/security/keymint/EcCurve.aidl @@ -14,8 +14,7 @@ * limitations under the License. */ -package android.hardware.keymint; - +package android.hardware.security.keymint; /** * Supported EC curves, used in ECDSA diff --git a/keymint/aidl/android/hardware/keymint/ErrorCode.aidl b/security/keymint/aidl/android/hardware/security/keymint/ErrorCode.aidl similarity index 98% rename from keymint/aidl/android/hardware/keymint/ErrorCode.aidl rename to security/keymint/aidl/android/hardware/security/keymint/ErrorCode.aidl index 2a54954c74..fb24ad1baa 100644 --- a/keymint/aidl/android/hardware/keymint/ErrorCode.aidl +++ b/security/keymint/aidl/android/hardware/security/keymint/ErrorCode.aidl @@ -14,8 +14,7 @@ * limitations under the License. */ -package android.hardware.keymint; - +package android.hardware.security.keymint; /** * KeyMint error codes. Aidl will return these error codes as service specific diff --git a/keymint/aidl/android/hardware/keymint/HardwareAuthToken.aidl b/security/keymint/aidl/android/hardware/security/keymint/HardwareAuthToken.aidl similarity index 95% rename from keymint/aidl/android/hardware/keymint/HardwareAuthToken.aidl rename to security/keymint/aidl/android/hardware/security/keymint/HardwareAuthToken.aidl index 9b56a2e661..12d615f86f 100644 --- a/keymint/aidl/android/hardware/keymint/HardwareAuthToken.aidl +++ b/security/keymint/aidl/android/hardware/security/keymint/HardwareAuthToken.aidl @@ -14,10 +14,10 @@ * limitations under the License. */ -package android.hardware.keymint; +package android.hardware.security.keymint; -import android.hardware.keymint.Timestamp; -import android.hardware.keymint.HardwareAuthenticatorType; +import android.hardware.security.keymint.Timestamp; +import android.hardware.security.keymint.HardwareAuthenticatorType; /** * HardwareAuthToken is used to prove successful user authentication, to unlock the use of a key. @@ -30,7 +30,6 @@ import android.hardware.keymint.HardwareAuthenticatorType; */ @VintfStability parcelable HardwareAuthToken { - /** * challenge is a value that's used to enable authentication tokens to authorize specific * events. The primary use case for challenge is to authorize an IKeyMintDevice cryptographic diff --git a/keymint/aidl/android/hardware/keymint/HardwareAuthenticatorType.aidl b/security/keymint/aidl/android/hardware/security/keymint/HardwareAuthenticatorType.aidl similarity index 96% rename from keymint/aidl/android/hardware/keymint/HardwareAuthenticatorType.aidl rename to security/keymint/aidl/android/hardware/security/keymint/HardwareAuthenticatorType.aidl index 5c25e2f544..33f71b8d3c 100644 --- a/keymint/aidl/android/hardware/keymint/HardwareAuthenticatorType.aidl +++ b/security/keymint/aidl/android/hardware/security/keymint/HardwareAuthenticatorType.aidl @@ -14,7 +14,7 @@ * limitations under the License. */ -package android.hardware.keymint; +package android.hardware.security.keymint; /** * Hardware authentication type, used by HardwareAuthTokens to specify the mechanism used to diff --git a/keymint/aidl/android/hardware/keymint/IKeyMintDevice.aidl b/security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl similarity index 98% rename from keymint/aidl/android/hardware/keymint/IKeyMintDevice.aidl rename to security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl index 8fbab79600..4944acb1b1 100644 --- a/keymint/aidl/android/hardware/keymint/IKeyMintDevice.aidl +++ b/security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl @@ -14,20 +14,20 @@ * limitations under the License. */ -package android.hardware.keymint; +package android.hardware.security.keymint; -import android.hardware.keymint.BeginResult; -import android.hardware.keymint.ByteArray; -import android.hardware.keymint.Certificate; -import android.hardware.keymint.HardwareAuthToken; -import android.hardware.keymint.IKeyMintOperation; -import android.hardware.keymint.KeyCharacteristics; -import android.hardware.keymint.KeyFormat; -import android.hardware.keymint.KeyParameter; -import android.hardware.keymint.KeyMintHardwareInfo; -import android.hardware.keymint.KeyPurpose; -import android.hardware.keymint.SecurityLevel; -import android.hardware.keymint.VerificationToken; +import android.hardware.security.keymint.BeginResult; +import android.hardware.security.keymint.ByteArray; +import android.hardware.security.keymint.Certificate; +import android.hardware.security.keymint.HardwareAuthToken; +import android.hardware.security.keymint.IKeyMintOperation; +import android.hardware.security.keymint.KeyCharacteristics; +import android.hardware.security.keymint.KeyFormat; +import android.hardware.security.keymint.KeyParameter; +import android.hardware.security.keymint.KeyMintHardwareInfo; +import android.hardware.security.keymint.KeyPurpose; +import android.hardware.security.keymint.SecurityLevel; +import android.hardware.security.keymint.VerificationToken; /** * KeyMint device definition. diff --git a/keymint/aidl/android/hardware/keymint/IKeyMintOperation.aidl b/security/keymint/aidl/android/hardware/security/keymint/IKeyMintOperation.aidl similarity index 97% rename from keymint/aidl/android/hardware/keymint/IKeyMintOperation.aidl rename to security/keymint/aidl/android/hardware/security/keymint/IKeyMintOperation.aidl index 1b792961f7..24960ccea0 100644 --- a/keymint/aidl/android/hardware/keymint/IKeyMintOperation.aidl +++ b/security/keymint/aidl/android/hardware/security/keymint/IKeyMintOperation.aidl @@ -14,13 +14,13 @@ * limitations under the License. */ -package android.hardware.keymint; +package android.hardware.security.keymint; -import android.hardware.keymint.ByteArray; -import android.hardware.keymint.HardwareAuthToken; -import android.hardware.keymint.KeyParameter; -import android.hardware.keymint.KeyParameterArray; -import android.hardware.keymint.VerificationToken; +import android.hardware.security.keymint.ByteArray; +import android.hardware.security.keymint.HardwareAuthToken; +import android.hardware.security.keymint.KeyParameter; +import android.hardware.security.keymint.KeyParameterArray; +import android.hardware.security.keymint.VerificationToken; @VintfStability interface IKeyMintOperation { diff --git a/keymint/aidl/android/hardware/keymint/KeyCharacteristics.aidl b/security/keymint/aidl/android/hardware/security/keymint/KeyCharacteristics.aidl similarity index 94% rename from keymint/aidl/android/hardware/keymint/KeyCharacteristics.aidl rename to security/keymint/aidl/android/hardware/security/keymint/KeyCharacteristics.aidl index ac7c2b482f..0801868825 100644 --- a/keymint/aidl/android/hardware/keymint/KeyCharacteristics.aidl +++ b/security/keymint/aidl/android/hardware/security/keymint/KeyCharacteristics.aidl @@ -14,9 +14,9 @@ * limitations under the License. */ -package android.hardware.keymint; +package android.hardware.security.keymint; -import android.hardware.keymint.KeyParameter; +import android.hardware.security.keymint.KeyParameter; /** * KeyCharacteristics defines the attributes of a key, including cryptographic parameters, and usage diff --git a/keymint/aidl/android/hardware/keymint/KeyDerivationFunction.aidl b/security/keymint/aidl/android/hardware/security/keymint/KeyDerivationFunction.aidl similarity index 96% rename from keymint/aidl/android/hardware/keymint/KeyDerivationFunction.aidl rename to security/keymint/aidl/android/hardware/security/keymint/KeyDerivationFunction.aidl index 1eba446770..e166ab6ad9 100644 --- a/keymint/aidl/android/hardware/keymint/KeyDerivationFunction.aidl +++ b/security/keymint/aidl/android/hardware/security/keymint/KeyDerivationFunction.aidl @@ -14,7 +14,7 @@ * limitations under the License. */ -package android.hardware.keymint; +package android.hardware.security.keymint; /** * Key derivation functions, mostly used in ECIES. diff --git a/keymint/aidl/android/hardware/keymint/KeyFormat.aidl b/security/keymint/aidl/android/hardware/security/keymint/KeyFormat.aidl similarity index 95% rename from keymint/aidl/android/hardware/keymint/KeyFormat.aidl rename to security/keymint/aidl/android/hardware/security/keymint/KeyFormat.aidl index 13044dc5b1..6ad8e3d922 100644 --- a/keymint/aidl/android/hardware/keymint/KeyFormat.aidl +++ b/security/keymint/aidl/android/hardware/security/keymint/KeyFormat.aidl @@ -14,8 +14,7 @@ * limitations under the License. */ -package android.hardware.keymint; - +package android.hardware.security.keymint; /** * Formats for key import and export. diff --git a/keymint/aidl/android/hardware/keymint/KeyMintHardwareInfo.aidl b/security/keymint/aidl/android/hardware/security/keymint/KeyMintHardwareInfo.aidl similarity index 94% rename from keymint/aidl/android/hardware/keymint/KeyMintHardwareInfo.aidl rename to security/keymint/aidl/android/hardware/security/keymint/KeyMintHardwareInfo.aidl index 5815b10951..d3d7368add 100644 --- a/keymint/aidl/android/hardware/keymint/KeyMintHardwareInfo.aidl +++ b/security/keymint/aidl/android/hardware/security/keymint/KeyMintHardwareInfo.aidl @@ -14,15 +14,13 @@ * limitations under the License. */ -package android.hardware.keymint; - -import android.hardware.keymint.SecurityLevel; +package android.hardware.security.keymint; +import android.hardware.security.keymint.SecurityLevel; /** * KeyMintHardwareInfo is the hardware information returned by calling KeyMint getHardwareInfo() */ - @VintfStability parcelable KeyMintHardwareInfo { /** diff --git a/keymint/aidl/android/hardware/keymint/KeyOrigin.aidl b/security/keymint/aidl/android/hardware/security/keymint/KeyOrigin.aidl similarity index 97% rename from keymint/aidl/android/hardware/keymint/KeyOrigin.aidl rename to security/keymint/aidl/android/hardware/security/keymint/KeyOrigin.aidl index 70320d3998..0cd53c2fbb 100644 --- a/keymint/aidl/android/hardware/keymint/KeyOrigin.aidl +++ b/security/keymint/aidl/android/hardware/security/keymint/KeyOrigin.aidl @@ -14,8 +14,7 @@ * limitations under the License. */ -package android.hardware.keymint; - +package android.hardware.security.keymint; /** * The origin of a key (or pair), i.e. where it was generated. Note that ORIGIN can be found in diff --git a/keymint/aidl/android/hardware/keymint/KeyParameter.aidl b/security/keymint/aidl/android/hardware/security/keymint/KeyParameter.aidl similarity index 70% rename from keymint/aidl/android/hardware/keymint/KeyParameter.aidl rename to security/keymint/aidl/android/hardware/security/keymint/KeyParameter.aidl index d58e4aa1aa..938064ca53 100644 --- a/keymint/aidl/android/hardware/keymint/KeyParameter.aidl +++ b/security/keymint/aidl/android/hardware/security/keymint/KeyParameter.aidl @@ -14,20 +14,19 @@ * limitations under the License. */ -package android.hardware.keymint; +package android.hardware.security.keymint; - -import android.hardware.keymint.Algorithm; -import android.hardware.keymint.BlockMode; -import android.hardware.keymint.Digest; -import android.hardware.keymint.EcCurve; -import android.hardware.keymint.HardwareAuthenticatorType; -import android.hardware.keymint.KeyDerivationFunction; -import android.hardware.keymint.KeyOrigin; -import android.hardware.keymint.KeyPurpose; -import android.hardware.keymint.PaddingMode; -import android.hardware.keymint.SecurityLevel; -import android.hardware.keymint.Tag; +import android.hardware.security.keymint.Algorithm; +import android.hardware.security.keymint.BlockMode; +import android.hardware.security.keymint.Digest; +import android.hardware.security.keymint.EcCurve; +import android.hardware.security.keymint.HardwareAuthenticatorType; +import android.hardware.security.keymint.KeyDerivationFunction; +import android.hardware.security.keymint.KeyOrigin; +import android.hardware.security.keymint.KeyPurpose; +import android.hardware.security.keymint.PaddingMode; +import android.hardware.security.keymint.SecurityLevel; +import android.hardware.security.keymint.Tag; /** diff --git a/keymint/aidl/android/hardware/keymint/KeyParameterArray.aidl b/security/keymint/aidl/android/hardware/security/keymint/KeyParameterArray.aidl similarity index 90% rename from keymint/aidl/android/hardware/keymint/KeyParameterArray.aidl rename to security/keymint/aidl/android/hardware/security/keymint/KeyParameterArray.aidl index cc9e37ad2a..acab43591c 100644 --- a/keymint/aidl/android/hardware/keymint/KeyParameterArray.aidl +++ b/security/keymint/aidl/android/hardware/security/keymint/KeyParameterArray.aidl @@ -14,9 +14,9 @@ * limitations under the License. */ -package android.hardware.keymint; +package android.hardware.security.keymint; -import android.hardware.keymint.KeyParameter; +import android.hardware.security.keymint.KeyParameter; /** * Identifies the key authorization parameters to be used with keyMint. This is usually diff --git a/keymint/aidl/android/hardware/keymint/KeyPurpose.aidl b/security/keymint/aidl/android/hardware/security/keymint/KeyPurpose.aidl similarity index 96% rename from keymint/aidl/android/hardware/keymint/KeyPurpose.aidl rename to security/keymint/aidl/android/hardware/security/keymint/KeyPurpose.aidl index bc029fdb39..cb4682ea56 100644 --- a/keymint/aidl/android/hardware/keymint/KeyPurpose.aidl +++ b/security/keymint/aidl/android/hardware/security/keymint/KeyPurpose.aidl @@ -14,7 +14,7 @@ * limitations under the License. */ -package android.hardware.keymint; +package android.hardware.security.keymint; /** diff --git a/keymint/aidl/android/hardware/keymint/PaddingMode.aidl b/security/keymint/aidl/android/hardware/security/keymint/PaddingMode.aidl similarity index 96% rename from keymint/aidl/android/hardware/keymint/PaddingMode.aidl rename to security/keymint/aidl/android/hardware/security/keymint/PaddingMode.aidl index 337ed912fc..80b73bd0dc 100644 --- a/keymint/aidl/android/hardware/keymint/PaddingMode.aidl +++ b/security/keymint/aidl/android/hardware/security/keymint/PaddingMode.aidl @@ -14,7 +14,7 @@ * limitations under the License. */ -package android.hardware.keymint; +package android.hardware.security.keymint; /** * TODO(seleneh) update the description. diff --git a/keymint/aidl/android/hardware/keymint/SecurityLevel.aidl b/security/keymint/aidl/android/hardware/security/keymint/SecurityLevel.aidl similarity index 95% rename from keymint/aidl/android/hardware/keymint/SecurityLevel.aidl rename to security/keymint/aidl/android/hardware/security/keymint/SecurityLevel.aidl index d8de024493..10363e9bb0 100644 --- a/keymint/aidl/android/hardware/keymint/SecurityLevel.aidl +++ b/security/keymint/aidl/android/hardware/security/keymint/SecurityLevel.aidl @@ -14,7 +14,7 @@ * limitations under the License. */ -package android.hardware.keymint; +package android.hardware.security.keymint; /** * Device security levels. diff --git a/keymint/aidl/android/hardware/keymint/Tag.aidl b/security/keymint/aidl/android/hardware/security/keymint/Tag.aidl similarity index 99% rename from keymint/aidl/android/hardware/keymint/Tag.aidl rename to security/keymint/aidl/android/hardware/security/keymint/Tag.aidl index 46da09658c..532bc5de9b 100644 --- a/keymint/aidl/android/hardware/keymint/Tag.aidl +++ b/security/keymint/aidl/android/hardware/security/keymint/Tag.aidl @@ -14,9 +14,9 @@ * limitations under the License. */ -package android.hardware.keymint; +package android.hardware.security.keymint; -import android.hardware.keymint.TagType; +import android.hardware.security.keymint.TagType; // TODO(seleneh) : note aidl currently does not support double nested enum definitions such as // ROOT_OF_TRUST = TagType:BYTES | 704. So we are forced to write definations as diff --git a/keymint/aidl/android/hardware/keymint/TagType.aidl b/security/keymint/aidl/android/hardware/security/keymint/TagType.aidl similarity index 97% rename from keymint/aidl/android/hardware/keymint/TagType.aidl rename to security/keymint/aidl/android/hardware/security/keymint/TagType.aidl index fb50b10d4a..a273af3f8c 100644 --- a/keymint/aidl/android/hardware/keymint/TagType.aidl +++ b/security/keymint/aidl/android/hardware/security/keymint/TagType.aidl @@ -14,7 +14,7 @@ * limitations under the License. */ -package android.hardware.keymint; +package android.hardware.security.keymint; /** * TagType classifies Tags in Tag.aidl into various groups of data. diff --git a/keymint/aidl/android/hardware/keymint/Timestamp.aidl b/security/keymint/aidl/android/hardware/security/keymint/Timestamp.aidl similarity index 96% rename from keymint/aidl/android/hardware/keymint/Timestamp.aidl rename to security/keymint/aidl/android/hardware/security/keymint/Timestamp.aidl index 7c882c6811..ebb36848df 100644 --- a/keymint/aidl/android/hardware/keymint/Timestamp.aidl +++ b/security/keymint/aidl/android/hardware/security/keymint/Timestamp.aidl @@ -14,7 +14,7 @@ * limitations under the License. */ -package android.hardware.keymint; +package android.hardware.security.keymint; /** * Time in milliseconds since some arbitrary point in time. Time must be monotonically increasing, diff --git a/keymint/aidl/android/hardware/keymint/VerificationToken.aidl b/security/keymint/aidl/android/hardware/security/keymint/VerificationToken.aidl similarity index 79% rename from keymint/aidl/android/hardware/keymint/VerificationToken.aidl rename to security/keymint/aidl/android/hardware/security/keymint/VerificationToken.aidl index 736c0e2f3e..f76e6a8526 100644 --- a/keymint/aidl/android/hardware/keymint/VerificationToken.aidl +++ b/security/keymint/aidl/android/hardware/security/keymint/VerificationToken.aidl @@ -14,10 +14,10 @@ * limitations under the License. */ -package android.hardware.keymint; +package android.hardware.security.keymint; -import android.hardware.keymint.SecurityLevel; -import android.hardware.keymint.Timestamp; +import android.hardware.security.keymint.SecurityLevel; +import android.hardware.security.keymint.Timestamp; /** * VerificationToken instances are used for secure environments to authenticate one another. @@ -48,7 +48,7 @@ parcelable VerificationToken { * 32-byte HMAC-SHA256 of the above values, computed as: * * HMAC(H, - * "Auth Verification" || challenge || timestamp || securityLevel || parametersVerified) + * "Auth Verification" || challenge || timestamp || securityLevel) * * where: * @@ -58,11 +58,6 @@ parcelable VerificationToken { * * The representation of challenge and timestamp is as 64-bit unsigned integers in big-endian * order. securityLevel is represented as a 32-bit unsigned integer in big-endian order. - * - * If parametersVerified is non-empty, the representation of parametersVerified is an ASN.1 DER - * encoded representation of the values. The ASN.1 schema used is the AuthorizationList schema - * from the Keystore attestation documentation. If parametersVerified is empty, it is simply - * omitted from the HMAC computation. */ byte[] mac; } diff --git a/keymint/aidl/default/Android.bp b/security/keymint/aidl/default/Android.bp similarity index 58% rename from keymint/aidl/default/Android.bp rename to security/keymint/aidl/default/Android.bp index 539ca47511..491a2c1c95 100644 --- a/keymint/aidl/default/Android.bp +++ b/security/keymint/aidl/default/Android.bp @@ -1,22 +1,22 @@ cc_binary { - name: "android.hardware.keymint@1.0-service", + name: "android.hardware.security.keymint-service", relative_install_path: "hw", - init_rc: ["android.hardware.keymint@1.0-service.rc"], - vintf_fragments: ["android.hardware.keymint@1.0-service.xml"], + init_rc: ["android.hardware.security.keymint-service.rc"], + vintf_fragments: ["android.hardware.security.keymint-service.xml"], vendor: true, cflags: [ "-Wall", "-Wextra", ], shared_libs: [ - "android.hardware.keymint-ndk_platform", + "android.hardware.security.keymint-ndk_platform", "libbase", "libbinder_ndk", "libcppbor", "libcrypto", - "liblog", "libkeymaster_portable", - "libkeymint1", + "libkeymint", + "liblog", "libpuresoftkeymasterdevice", "libutils", ], diff --git a/security/keymint/aidl/default/android.hardware.security.keymint-service.rc b/security/keymint/aidl/default/android.hardware.security.keymint-service.rc new file mode 100644 index 0000000000..0c3a6e15a6 --- /dev/null +++ b/security/keymint/aidl/default/android.hardware.security.keymint-service.rc @@ -0,0 +1,3 @@ +service vendor.keymint-default /vendor/bin/hw/android.hardware.security.keymint-service + class early_hal + user nobody diff --git a/keymint/aidl/default/android.hardware.keymint@1.0-service.xml b/security/keymint/aidl/default/android.hardware.security.keymint-service.xml similarity index 70% rename from keymint/aidl/default/android.hardware.keymint@1.0-service.xml rename to security/keymint/aidl/default/android.hardware.security.keymint-service.xml index 3935b5a0d4..73d15a8024 100644 --- a/keymint/aidl/default/android.hardware.keymint@1.0-service.xml +++ b/security/keymint/aidl/default/android.hardware.security.keymint-service.xml @@ -1,6 +1,6 @@ - android.hardware.keymint + android.hardware.security.keymint IKeyMintDevice/default diff --git a/keymint/aidl/default/service.cpp b/security/keymint/aidl/default/service.cpp similarity index 68% rename from keymint/aidl/default/service.cpp rename to security/keymint/aidl/default/service.cpp index ca5555e633..a710535fac 100644 --- a/keymint/aidl/default/service.cpp +++ b/security/keymint/aidl/default/service.cpp @@ -14,30 +14,30 @@ * limitations under the License. */ -#define LOG_TAG "android.hardware.keymint1-service" +#define LOG_TAG "android.hardware.security.keymint-service" #include #include #include -#include +#include #include -using aidl::android::hardware::keymint::SecurityLevel; -using aidl::android::hardware::keymint::V1_0::AndroidKeyMint1Device; +using aidl::android::hardware::security::keymint::AndroidKeyMintDevice; +using aidl::android::hardware::security::keymint::SecurityLevel; int main() { // Zero threads seems like a useless pool, but below we'll join this thread to it, increasing // the pool size to 1. ABinderProcess_setThreadPoolMaxThreadCount(0); - std::shared_ptr km5 = - ndk::SharedRefBase::make(SecurityLevel::SOFTWARE); + std::shared_ptr keyMint = + ndk::SharedRefBase::make(SecurityLevel::SOFTWARE); keymaster::SoftKeymasterLogger logger; - const auto instanceName = std::string(AndroidKeyMint1Device::descriptor) + "/default"; + const auto instanceName = std::string(AndroidKeyMintDevice::descriptor) + "/default"; LOG(INFO) << "instance: " << instanceName; binder_status_t status = - AServiceManager_addService(km5->asBinder().get(), instanceName.c_str()); + AServiceManager_addService(keyMint->asBinder().get(), instanceName.c_str()); CHECK(status == STATUS_OK); ABinderProcess_joinThreadPool(); diff --git a/keymint/aidl/vts/functional/Android.bp b/security/keymint/aidl/vts/functional/Android.bp similarity index 77% rename from keymint/aidl/vts/functional/Android.bp rename to security/keymint/aidl/vts/functional/Android.bp index 9ee8239455..ef7adb10a6 100644 --- a/keymint/aidl/vts/functional/Android.bp +++ b/security/keymint/aidl/vts/functional/Android.bp @@ -15,25 +15,25 @@ // cc_test { - name: "VtsAidlKeyMintV1_0TargetTest", + name: "VtsAidlKeyMintTargetTest", defaults: [ "VtsHalTargetTestDefaults", "use_libaidlvintf_gtest_helper_static", ], srcs: [ - "keyMint1Test.cpp", + "KeyMintTest.cpp", "VerificationTokenTest.cpp", ], shared_libs: [ "libbinder", "libcrypto", - "libkeymint1", - "libkeymintSupport", + "libkeymint", + "libkeymint_support", ], static_libs: [ - "android.hardware.keymint-cpp", - "libcppbor", - "libkeyMint1VtsTestUtil", + "android.hardware.security.keymint-cpp", + "libcppbor_external", + "libkeymint_vts_test_utils", ], test_suites: [ "general-tests", @@ -42,7 +42,7 @@ cc_test { } cc_test_library { - name: "libkeyMint1VtsTestUtil", + name: "libkeymint_vts_test_utils", defaults: [ "VtsHalTargetTestDefaults", "use_libaidlvintf_gtest_helper_static", @@ -56,11 +56,11 @@ cc_test_library { shared_libs: [ "libbinder", "libcrypto", - "libkeymint1", - "libkeymintSupport", + "libkeymint", + "libkeymint_support", ], static_libs: [ - "android.hardware.keymint-cpp", + "android.hardware.security.keymint-cpp", "libcppbor", ], } diff --git a/keymint/aidl/vts/functional/AndroidTest.xml b/security/keymint/aidl/vts/functional/AndroidTest.xml similarity index 100% rename from keymint/aidl/vts/functional/AndroidTest.xml rename to security/keymint/aidl/vts/functional/AndroidTest.xml diff --git a/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp similarity index 99% rename from keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp rename to security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp index 05461492be..ea3a329573 100644 --- a/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp +++ b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp @@ -21,12 +21,10 @@ #include -#include -#include +#include +#include -namespace android { -namespace hardware { -namespace keymint { +namespace android::hardware::security::keymint { using namespace std::literals::chrono_literals; using std::endl; @@ -751,6 +749,5 @@ vector KeyMintAidlTestBase::ValidDigests(bool withNone, bool withMD5) { } } // namespace test -} // namespace keymint -} // namespace hardware -} // namespace android + +} // namespace android::hardware::security::keymint diff --git a/keymint/aidl/vts/functional/KeyMintAidlTestBase.h b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.h similarity index 96% rename from keymint/aidl/vts/functional/KeyMintAidlTestBase.h rename to security/keymint/aidl/vts/functional/KeyMintAidlTestBase.h index 2948c41eae..76effcff31 100644 --- a/keymint/aidl/vts/functional/KeyMintAidlTestBase.h +++ b/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.h @@ -21,18 +21,15 @@ #include #include -#include -#include +#include +#include #include #include #include -#include +#include -namespace android { -namespace hardware { -namespace keymint { -namespace test { +namespace android::hardware::security::keymint::test { using ::android::sp; using binder::Status; @@ -189,9 +186,6 @@ class KeyMintAidlTestBase : public ::testing::TestWithParam { testing::ValuesIn(KeyMintAidlTestBase::build_params()), \ android::PrintInstanceNameToString) -} // namespace test -} // namespace keymint -} // namespace hardware -} // namespace android +} // namespace android::hardware::security::keymint::test #endif // VTS_KEYMINT_AIDL_TEST_UTILS_H diff --git a/keymint/aidl/vts/functional/keyMint1Test.cpp b/security/keymint/aidl/vts/functional/KeyMintTest.cpp similarity index 99% rename from keymint/aidl/vts/functional/keyMint1Test.cpp rename to security/keymint/aidl/vts/functional/KeyMintTest.cpp index c2fa2f8588..f9423a24a3 100644 --- a/keymint/aidl/vts/functional/keyMint1Test.cpp +++ b/security/keymint/aidl/vts/functional/KeyMintTest.cpp @@ -26,36 +26,32 @@ #include -#include +#include -#include -#include -#include +#include +#include +#include #include "KeyMintAidlTestBase.h" static bool arm_deleteAllKeys = false; static bool dump_Attestations = false; -using android::hardware::keymint::AuthorizationSet; -using android::hardware::keymint::KeyCharacteristics; -using android::hardware::keymint::KeyFormat; +using android::hardware::security::keymint::AuthorizationSet; +using android::hardware::security::keymint::KeyCharacteristics; +using android::hardware::security::keymint::KeyFormat; -namespace android { -namespace hardware { - -namespace keymint { +namespace android::hardware::security::keymint { bool operator==(const keymint::AuthorizationSet& a, const keymint::AuthorizationSet& b) { return a.size() == b.size() && std::equal(a.begin(), a.end(), b.begin()); } -} // namespace keymint -} // namespace hardware -} // namespace android + +} // namespace android::hardware::security::keymint namespace std { -using namespace android::hardware::keymint; +using namespace android::hardware::security::keymint; template <> struct std::equal_to { @@ -77,10 +73,8 @@ struct std::equal_to { } // namespace std -namespace android { -namespace hardware { -namespace keymint { -namespace test { +namespace android::hardware::security::keymint::test { + namespace { template @@ -4046,10 +4040,7 @@ TEST_P(TransportLimitTest, LargeFinishInput) { INSTANTIATE_KEYMINT_AIDL_TEST(TransportLimitTest); -} // namespace test -} // namespace keymint -} // namespace hardware -} // namespace android +} // namespace android::hardware::security::keymint::test int main(int argc, char** argv) { ::testing::InitGoogleTest(&argc, argv); @@ -4063,7 +4054,5 @@ int main(int argc, char** argv) { } } } - int status = RUN_ALL_TESTS(); - ALOGI("Test result = %d", status); - return status; + return RUN_ALL_TESTS(); } diff --git a/keymint/aidl/vts/functional/VerificationTokenTest.cpp b/security/keymint/aidl/vts/functional/VerificationTokenTest.cpp similarity index 97% rename from keymint/aidl/vts/functional/VerificationTokenTest.cpp rename to security/keymint/aidl/vts/functional/VerificationTokenTest.cpp index bd0942ba10..6d3a34e7a6 100644 --- a/keymint/aidl/vts/functional/VerificationTokenTest.cpp +++ b/security/keymint/aidl/vts/functional/VerificationTokenTest.cpp @@ -16,10 +16,7 @@ #include "KeyMintAidlTestBase.h" -namespace android { -namespace hardware { -namespace keymint { -namespace test { +namespace android::hardware::security::keymint::test { class VerificationTokenTest : public KeyMintAidlTestBase { protected: @@ -168,7 +165,4 @@ TEST_P(VerificationTokenTest, MacChangesOnChangingTimestamp) { INSTANTIATE_KEYMINT_AIDL_TEST(VerificationTokenTest); -} // namespace test -} // namespace keymint -} // namespace hardware -} // namespace android +} // namespace android::hardware::security::keymint::test diff --git a/keymint/support/Android.bp b/security/keymint/support/Android.bp similarity index 92% rename from keymint/support/Android.bp rename to security/keymint/support/Android.bp index 432416e006..ddac92fc6b 100644 --- a/keymint/support/Android.bp +++ b/security/keymint/support/Android.bp @@ -15,7 +15,7 @@ // cc_library { - name: "libkeymintSupport", + name: "libkeymint_support", cflags: [ "-Wall", "-Wextra", @@ -31,7 +31,7 @@ cc_library { "include", ], shared_libs: [ - "android.hardware.keymint-cpp", + "android.hardware.security.keymint-cpp", "libbase", "libcrypto", "libutils", diff --git a/keymint/support/OWNERS b/security/keymint/support/OWNERS similarity index 100% rename from keymint/support/OWNERS rename to security/keymint/support/OWNERS diff --git a/keymint/support/attestation_record.cpp b/security/keymint/support/attestation_record.cpp similarity index 97% rename from keymint/support/attestation_record.cpp rename to security/keymint/support/attestation_record.cpp index e5659746fe..afdb208221 100644 --- a/keymint/support/attestation_record.cpp +++ b/security/keymint/support/attestation_record.cpp @@ -14,27 +14,26 @@ * limitations under the License. */ -#include +#include -#include -#include +#include #include -#include #include #include #include #include -#include -#include +#include +#include + +#include +#include #define AT __FILE__ ":" << __LINE__ -namespace android { -namespace hardware { -namespace keymint { +namespace android::hardware::security::keymint { struct stack_st_ASN1_TYPE_Delete { void operator()(stack_st_ASN1_TYPE* p) { sk_ASN1_TYPE_free(p); } @@ -382,6 +381,4 @@ ErrorCode parse_root_of_trust(const uint8_t* asn1_key_desc, size_t asn1_key_desc return ErrorCode::OK; // KM_ERROR_OK; } -} // namespace keymint -} // namespace hardware -} // namespace android +} // namespace android::hardware::security::keymint diff --git a/keymint/support/authorization_set.cpp b/security/keymint/support/authorization_set.cpp similarity index 93% rename from keymint/support/authorization_set.cpp rename to security/keymint/support/authorization_set.cpp index 9fc4e13727..aa9638f256 100644 --- a/keymint/support/authorization_set.cpp +++ b/security/keymint/support/authorization_set.cpp @@ -14,23 +14,21 @@ * limitations under the License. */ -#include +#include #include - -#include #include -#include -#include -#include -#include -#include -#include +#include -namespace android { -namespace hardware { -namespace keymint { +#include +#include +#include +#include +#include +#include + +namespace android::hardware::security::keymint { void AuthorizationSet::Sort() { std::sort(data_.begin(), data_.end()); @@ -220,10 +218,11 @@ struct choose_serializer<> { }; template -struct choose_serializer, Tail...> { +struct choose_serializer, Tail...> { static OutStreams& serialize(OutStreams& out, const KeyParameter& param) { if (param.tag == tag) { - return android::hardware::keymint::serialize(TypedTag(), out, param); + return android::hardware::security::keymint::serialize(TypedTag(), out, + param); } else { return choose_serializer::serialize(out, param); } @@ -329,7 +328,8 @@ template struct choose_deserializer, Tail...> { static InStreams& deserialize(InStreams& in, KeyParameter* param) { if (param->tag == tag) { - return android::hardware::keymint::deserialize(TypedTag(), in, param); + return android::hardware::security::keymint::deserialize(TypedTag(), in, + param); } else { return choose_deserializer::deserialize(in, param); } @@ -501,15 +501,14 @@ AuthorizationSetBuilder& AuthorizationSetBuilder::GcmModeMacLen(uint32_t macLeng } AuthorizationSetBuilder& AuthorizationSetBuilder::BlockMode( - std::initializer_list blockModes) { + std::initializer_list blockModes) { for (auto mode : blockModes) { push_back(TAG_BLOCK_MODE, mode); } return *this; } -AuthorizationSetBuilder& AuthorizationSetBuilder::Digest( - std::vector digests) { +AuthorizationSetBuilder& AuthorizationSetBuilder::Digest(std::vector digests) { for (auto digest : digests) { push_back(TAG_DIGEST, digest); } @@ -524,6 +523,4 @@ AuthorizationSetBuilder& AuthorizationSetBuilder::Padding( return *this; } -} // namespace keymint -} // namespace hardware -} // namespace android +} // namespace android::hardware::security::keymint diff --git a/keymint/support/include/keymintSupport/attestation_record.h b/security/keymint/support/include/keymint_support/attestation_record.h similarity index 84% rename from keymint/support/include/keymintSupport/attestation_record.h rename to security/keymint/support/include/keymint_support/attestation_record.h index 7a69789423..d71624c978 100644 --- a/keymint/support/include/keymintSupport/attestation_record.h +++ b/security/keymint/support/include/keymint_support/attestation_record.h @@ -16,20 +16,14 @@ #pragma once -#include -#include +#include +#include -#include -#include -#include +#include +#include +#include -namespace android { -namespace hardware { -namespace keymint { - -using android::hardware::keymint::KeyParameter; -using android::hardware::keymint::Tag; -using android::hardware::keymint::TAG_ALGORITHM; +namespace android::hardware::security::keymint { class AuthorizationSet; @@ -90,6 +84,4 @@ ErrorCode parse_root_of_trust(const uint8_t* asn1_key_desc, size_t asn1_key_desc keymint_verified_boot_t* verified_boot_state, bool* device_locked, std::vector* verified_boot_hash); -} // namespace keymint -} // namespace hardware -} // namespace android +} // namespace android::hardware::security::keymint diff --git a/keymint/support/include/keymintSupport/authorization_set.h b/security/keymint/support/include/keymint_support/authorization_set.h similarity index 95% rename from keymint/support/include/keymintSupport/authorization_set.h rename to security/keymint/support/include/keymint_support/authorization_set.h index 141426a7a2..97e10224d3 100644 --- a/keymint/support/include/keymintSupport/authorization_set.h +++ b/security/keymint/support/include/keymint_support/authorization_set.h @@ -19,21 +19,14 @@ #include -#include -#include -#include -#include +#include +#include +#include +#include -#include +#include -namespace android { -namespace hardware { -namespace keymint { - -using android::hardware::keymint::BlockMode; -using android::hardware::keymint::Digest; -using android::hardware::keymint::EcCurve; -using android::hardware::keymint::PaddingMode; +namespace android::hardware::security::keymint { using std::vector; @@ -322,8 +315,6 @@ class AuthorizationSetBuilder : public AuthorizationSet { } }; -} // namespace keymint -} // namespace hardware -} // namespace android +} // namespace android::hardware::security::keymint #endif // SYSTEM_SECURITY_KEYSTORE_KM4_AUTHORIZATION_SET_H_ diff --git a/keymint/support/include/keymintSupport/key_param_output.h b/security/keymint/support/include/keymint_support/key_param_output.h similarity index 72% rename from keymint/support/include/keymintSupport/key_param_output.h rename to security/keymint/support/include/keymint_support/key_param_output.h index a35a9816a9..82c9689329 100644 --- a/keymint/support/include/keymintSupport/key_param_output.h +++ b/security/keymint/support/include/keymint_support/key_param_output.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2017 The Android Open Source Project + * Copyright (C) 2020 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -20,28 +20,24 @@ #include #include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + #include "keymint_tags.h" -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -namespace android { -namespace hardware { -namespace keymint { - -using namespace ::android::hardware::keymint; +namespace android::hardware::security::keymint { inline ::std::ostream& operator<<(::std::ostream& os, Algorithm value) { return os << toString(value); @@ -101,8 +97,6 @@ inline ::std::ostream& operator<<(::std::ostream& os, Tag tag) { return os << toString(tag); } -} // namespace keymint -} // namespace hardware -} // namespace android +} // namespace android::hardware::security::keymint #endif // HARDWARE_INTERFACES_KEYMINT_SUPPORT_INCLUDE_KEY_PARAM_OUTPUT_H_ diff --git a/keymint/support/include/keymintSupport/keymint_tags.h b/security/keymint/support/include/keymint_support/keymint_tags.h similarity index 81% rename from keymint/support/include/keymintSupport/keymint_tags.h rename to security/keymint/support/include/keymint_support/keymint_tags.h index f1060a9e16..f23e4f2ce2 100644 --- a/keymint/support/include/keymintSupport/keymint_tags.h +++ b/security/keymint/support/include/keymint_support/keymint_tags.h @@ -17,24 +17,20 @@ #ifndef HARDWARE_INTERFACES_KEYMINT_SUPPORT_INCLUDE_KEYMINT_TAGS_H_ #define HARDWARE_INTERFACES_KEYMINT_SUPPORT_INCLUDE_KEYMINT_TAGS_H_ -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include -namespace android::hardware::keymint { - -using android::hardware::keymint::KeyParameter; -using android::hardware::keymint::Tag; -using android::hardware::keymint::TagType; +namespace android::hardware::security::keymint { // The following create the numeric values that KM_TAG_PADDING and KM_TAG_DIGEST used to have. We // need these old values to be able to support old keys that use them. @@ -337,78 +333,6 @@ inline NullOr>::type&> return accessTagValue(ttag, param); } -} // namespace android::hardware::keymint - -namespace std { - -using namespace android::hardware::keymint; - -// Aidl generates KeyParameter operator<, >, ==, != for cpp translation but not ndk -// translations. So we cannot straight forward overload these operators. -// However we need our custom comparison for KeyParameters. So we will -// overload std::less, equal_to instead. -template <> -struct std::less { - bool operator()(const KeyParameter& a, const KeyParameter& b) const { - if (a.tag != b.tag) return a.tag < b.tag; - int retval; - switch (typeFromTag(a.tag)) { - case TagType::INVALID: - case TagType::BOOL: - return false; - case TagType::ENUM: - case TagType::ENUM_REP: - case TagType::UINT: - case TagType::UINT_REP: - return a.integer < b.integer; - case TagType::ULONG: - case TagType::ULONG_REP: - case TagType::DATE: - return a.longInteger < b.longInteger; - case TagType::BIGNUM: - case TagType::BYTES: - // Handle the empty cases. - if (a.blob.size() == 0) return b.blob.size() != 0; - if (b.blob.size() == 0) return false; - retval = memcmp(&a.blob[0], &b.blob[0], std::min(a.blob.size(), b.blob.size())); - // if one is the prefix of the other the longer wins - if (retval == 0) return a.blob.size() < b.blob.size(); - // Otherwise a is less if a is less. - else - return retval < 0; - } - return false; - } -}; - -template <> -struct std::equal_to { - bool operator()(const KeyParameter& a, const KeyParameter& b) const { - if (a.tag != b.tag) { - return false; - } - switch (typeFromTag(a.tag)) { - case TagType::INVALID: - case TagType::BOOL: - return true; - case TagType::ENUM: - case TagType::ENUM_REP: - case TagType::UINT: - case TagType::UINT_REP: - return a.integer == b.integer; - case TagType::ULONG: - case TagType::ULONG_REP: - case TagType::DATE: - return a.longInteger == b.longInteger; - case TagType::BIGNUM: - case TagType::BYTES: - if (a.blob.size() != b.blob.size()) return false; - return a.blob.size() == 0 || memcmp(&a.blob[0], &b.blob[0], a.blob.size()) == 0; - } - return false; - } -}; - -} // namespace std +} // namespace android::hardware::security::keymint #endif // HARDWARE_INTERFACES_KEYMINT_SUPPORT_INCLUDE_KEYMINT_TAGS_H_ diff --git a/keymint/support/include/keymintSupport/keymint_utils.h b/security/keymint/support/include/keymint_support/keymint_utils.h similarity index 88% rename from keymint/support/include/keymintSupport/keymint_utils.h rename to security/keymint/support/include/keymint_support/keymint_utils.h index aa1e93b3c5..fda1b6c9b2 100644 --- a/keymint/support/include/keymintSupport/keymint_utils.h +++ b/security/keymint/support/include/keymint_support/keymint_utils.h @@ -19,11 +19,9 @@ #ifndef HARDWARE_INTERFACES_KEYMINT_10_SUPPORT_KEYMINT_UTILS_H_ #define HARDWARE_INTERFACES_KEYMINT_10_SUPPORT_KEYMINT_UTILS_H_ -#include +#include -namespace android { -namespace hardware { -namespace keymint { +namespace android::hardware::security::keymint { using std::vector; @@ -44,8 +42,6 @@ vector authToken2vector(const HardwareAuthToken& token); uint32_t getOsVersion(); uint32_t getOsPatchlevel(); -} // namespace keymint -} // namespace hardware -} // namespace android +} // namespace android::hardware::security::keymint #endif // HARDWARE_INTERFACES_KEYMINT_10_SUPPORT_KEYMINT_UTILS_H_ diff --git a/keymint/support/include/keymintSupport/openssl_utils.h b/security/keymint/support/include/keymint_support/openssl_utils.h similarity index 75% rename from keymint/support/include/keymintSupport/openssl_utils.h rename to security/keymint/support/include/keymint_support/openssl_utils.h index 39633edaaa..cb099680d4 100644 --- a/keymint/support/include/keymintSupport/openssl_utils.h +++ b/security/keymint/support/include/keymint_support/openssl_utils.h @@ -17,11 +17,13 @@ #ifndef HARDWARE_INTERFACES_KEYMINT_1_0_SUPPORT_OPENSSL_UTILS_H_ #define HARDWARE_INTERFACES_KEYMINT_1_0_SUPPORT_OPENSSL_UTILS_H_ -#include +#include #include #include +namespace android::hardware::security::keymint { + template struct UniquePtrDeleter { void operator()(T* p) const { F(p); } @@ -40,24 +42,26 @@ MAKE_OPENSSL_PTR_TYPE(BN_CTX) typedef std::unique_ptr> BIGNUM_Ptr; -inline const EVP_MD* openssl_digest(android::hardware::keymint::Digest digest) { +inline const EVP_MD* openssl_digest(Digest digest) { switch (digest) { - case android::hardware::keymint::Digest::NONE: + case Digest::NONE: return nullptr; - case android::hardware::keymint::Digest::MD5: + case Digest::MD5: return EVP_md5(); - case android::hardware::keymint::Digest::SHA1: + case Digest::SHA1: return EVP_sha1(); - case android::hardware::keymint::Digest::SHA_2_224: + case Digest::SHA_2_224: return EVP_sha224(); - case android::hardware::keymint::Digest::SHA_2_256: + case Digest::SHA_2_256: return EVP_sha256(); - case android::hardware::keymint::Digest::SHA_2_384: + case Digest::SHA_2_384: return EVP_sha384(); - case android::hardware::keymint::Digest::SHA_2_512: + case Digest::SHA_2_512: return EVP_sha512(); } return nullptr; } +} // namespace android::hardware::security::keymint + #endif // HARDWARE_INTERFACES_KEYMINT_1_0_SUPPORT_OPENSSL_UTILS_H_ diff --git a/keymint/support/key_param_output.cpp b/security/keymint/support/key_param_output.cpp similarity index 90% rename from keymint/support/key_param_output.cpp rename to security/keymint/support/key_param_output.cpp index 6e33558d58..b699b2289e 100644 --- a/keymint/support/key_param_output.cpp +++ b/security/keymint/support/key_param_output.cpp @@ -14,15 +14,13 @@ * limitations under the License. */ -#include - -#include +#include #include -namespace android { -namespace hardware { -namespace keymint { +#include + +namespace android::hardware::security::keymint { using ::std::endl; using ::std::ostream; @@ -71,6 +69,4 @@ ostream& operator<<(ostream& os, const KeyParameter& param) { return os << "UNKNOWN TAG TYPE!"; } -} // namespace keymint -} // namespace hardware -} // namespace android +} // namespace android::hardware::security::keymint diff --git a/keymint/support/keymint_utils.cpp b/security/keymint/support/keymint_utils.cpp similarity index 96% rename from keymint/support/keymint_utils.cpp rename to security/keymint/support/keymint_utils.cpp index fd57cf5af9..cd4cca222a 100644 --- a/keymint/support/keymint_utils.cpp +++ b/security/keymint/support/keymint_utils.cpp @@ -18,11 +18,11 @@ #include #include -#include +#include #include -namespace android::hardware::keymint { +namespace android::hardware::security::keymint { namespace { @@ -111,4 +111,4 @@ uint32_t getOsPatchlevel() { return getOsPatchlevel(patchlevel.c_str()); } -} // namespace android::hardware::keymint +} // namespace android::hardware::security::keymint