These are keymaster keys used specifically for storage
encryption. This provides the ability for keymaster implementations to
securely protect storage encryption keys.
Test: VtsHalKeymasterV4_1TargetTest
Bug: 147733587
Change-Id: I5f7f83755fcbed96d8f38fa51812aa6d2eb0927b
* changes:
Keymaster 4.1 VTS tests
Update KM4 VTS tests to allow s/w implementation to pass.
Remove service death test.
Change finish input test to avoid large sizes.
This CL adds:
- The IDENTITY_CREDENTIAL_KEY tag. This new tag is not actually used
by Keymaster at all. It's used by the new Identity Credential HAL in
its key attestations, which use the Keymaster format and the Keymaster
attestation key.
- A VerificationToken argument to deviceLocked, used for StrongBox
implementations.
- Some error codes, including one to diagnose unprovisioned
attestation keys/ids.
- Clarifications in the documentation.
Test: VtsHalKeymasterV41TargetTest
Change-Id: Iae7151e2d9b328dd73e5cd78e59687ef29bab4f0
Note that CL is missing complete tests (what's included is just a
stub, really) and support library code. All of that will come in
near-future CLs. This CL omits them because they'll take time and
there's a need to unblock Keymaster 4.1 implementers now.
Bug: 140193672
Bug: 140192237
Bug: 140824829
Test: Will be in a future CL
Change-Id: I0e6e3a38356f0517158a10604b549415641ad1b9