From fa3d38d206089f786dafc369627b5143acacdabe Mon Sep 17 00:00:00 2001 From: Seth Moore Date: Tue, 1 Jun 2021 11:30:24 -0700 Subject: [PATCH] Correct the description for getKeyCharacteristics The description should note that keystore-enforced tags are not to be returned. This is done so that the keymint implementation doesn't have to bother keeping track of tags it's not repsonsible for dealing with. Bug: 186685601 Test: none (it's just a comment change) Change-Id: I3ff94201c262a5071d271b150dbbf21888d678aa --- .../android/hardware/security/keymint/IKeyMintDevice.aidl | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl b/security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl index 9cc795d582..5b0b303cc0 100644 --- a/security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl +++ b/security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl @@ -805,9 +805,10 @@ interface IKeyMintDevice { byte[] convertStorageKeyToEphemeral(in byte[] storageKeyBlob); /** - * Returns parameters associated with the provided key. This should match the - * KeyCharacteristics present in the KeyCreationResult returned by generateKey(), - * importKey(), or importWrappedKey(). + * Returns KeyMint-enforced parameters associated with the provided key. The returned tags are + * a subset of KeyCharacteristics found in the KeyCreationResult returned by generateKey(), + * importKey(), or importWrappedKey(). The returned value is a subset, as it does not include + * any Keystore-enforced parameters. * * @param keyBlob The opaque descriptor returned by generateKey, importKey or importWrappedKey. *