diff --git a/include/hardware/keymaster_defs.h b/include/hardware/keymaster_defs.h index 5be956da..bf09e23c 100644 --- a/include/hardware/keymaster_defs.h +++ b/include/hardware/keymaster_defs.h @@ -52,18 +52,22 @@ typedef enum { */ /* Crypto parameters */ - KM_TAG_PURPOSE = KM_ENUM_REP | 1, /* keymaster_purpose_t. */ - KM_TAG_ALGORITHM = KM_ENUM | 2, /* keymaster_algorithm_t. */ - KM_TAG_KEY_SIZE = KM_UINT | 3, /* Key size in bits. */ - KM_TAG_BLOCK_MODE = KM_ENUM_REP | 4, /* keymaster_block_mode_t. */ - KM_TAG_DIGEST = KM_ENUM_REP | 5, /* keymaster_digest_t. */ - KM_TAG_PADDING = KM_ENUM_REP | 6, /* keymaster_padding_t. */ - KM_TAG_CALLER_NONCE = KM_BOOL | 7, /* Allow caller to specify nonce or IV. */ - KM_TAG_MIN_MAC_LENGTH = KM_UINT | 8, /* Minimum length of MAC or AEAD authentication tag in - * bits. */ + KM_TAG_PURPOSE = KM_ENUM_REP | 1, /* keymaster_purpose_t. */ + KM_TAG_ALGORITHM = KM_ENUM | 2, /* keymaster_algorithm_t. */ + KM_TAG_KEY_SIZE = KM_UINT | 3, /* Key size in bits. */ + KM_TAG_BLOCK_MODE = KM_ENUM_REP | 4, /* keymaster_block_mode_t. */ + KM_TAG_DIGEST = KM_ENUM_REP | 5, /* keymaster_digest_t. */ + KM_TAG_PADDING = KM_ENUM_REP | 6, /* keymaster_padding_t. */ + KM_TAG_CALLER_NONCE = KM_BOOL | 7, /* Allow caller to specify nonce or IV. */ + KM_TAG_MIN_MAC_LENGTH = KM_UINT | 8, /* Minimum length of MAC or AEAD authentication tag in + * bits. */ + KM_TAG_KDF = KM_ENUM | 9, /* keymaster_kdf_t */ + KM_TAG_EC_CURVE = KM_ENUM | 10, /* keymaster_ec_curve_t */ /* Algorithm-specific. */ KM_TAG_RSA_PUBLIC_EXPONENT = KM_ULONG | 200, + KM_TAG_ECIES_SINGLE_HASH_MODE = KM_BOOL | 201, /* Whether the ephemeral public key is fed into + * the KDF, see 10.2 in http://goo.gl/WbmSSO */ /* Other hardware-enforced. */ KM_TAG_BLOB_USAGE_REQUIREMENTS = KM_ENUM | 301, /* keymaster_key_blob_usage_requirements_t */ @@ -187,6 +191,32 @@ typedef enum { KM_DIGEST_SHA_2_512 = 6, } keymaster_digest_t; +/* + * Key derivation functions, mostly used in ECIES. + */ +typedef enum { + /* HKDF defined in RFC 5869 with SHA256 */ + KM_KDF_RFC5869_SHA256 = 0, + /* KDF1 defined in ISO 18033-2 with SHA1 */ + KM_KDF_ISO18033_1_KDF2_SHA1 = 1, + /* KDF1 defined in ISO 18033-2 with SHA256 */ + KM_KDF_ISO18033_1_KDF1_SHA256 = 2, + /* KDF2 defined in ISO 18033-2 with SHA1 */ + KM_KDF_ISO18033_2_KDF2_SHA1 = 3, + /* KDF2 defined in ISO 18033-2 with SHA256 */ + KM_KDF_ISO18033_2_KDF2_SHA256 = 4, +} keymaster_kdf_t; + +/** + * Supported EC curves, used in ECDSA/ECIES. + */ +typedef enum { + KM_EC_CURVE_P_224 = 0, + KM_EC_CURVE_P_256 = 1, + KM_EC_CURVE_P_384 = 2, + KM_EC_CURVE_P_521 = 3, +} keymaster_ec_curve_t; + /** * The origin of a key (or pair), i.e. where it was generated. Note that KM_TAG_ORIGIN can be found * in either the hardware-enforced or software-enforced list for a key, indicating whether the key @@ -340,12 +370,12 @@ typedef enum { KM_ERROR_INVALID_MAC_LENGTH = -57, KM_ERROR_MISSING_MIN_MAC_LENGTH = -58, KM_ERROR_UNSUPPORTED_MIN_MAC_LENGTH = -59, + KM_ERROR_UNSUPPORTED_KDF = -60, + KM_ERROR_UNSUPPORTED_EC_CURVE = -61, KM_ERROR_UNIMPLEMENTED = -100, KM_ERROR_VERSION_MISMATCH = -101, - /* Additional error codes may be added by implementations, but implementers should coordinate - * with Google to avoid code collision. */ KM_ERROR_UNKNOWN_ERROR = -1000, } keymaster_error_t;