| /system/core/trusty/keymaster/set_attestation_key/ |
| D | set_attestation_key.cpp | 78 buf = keymaster::append_uint32_to_buf(buf, end, algorithm); in Serialize()
82 return keymaster::copy_uint32_from_buf(buf_ptr, end, &algorithm) && in Deserialize()
86 keymaster_algorithm_t algorithm; member
107 return keymaster::append_uint32_to_buf(buf, end, algorithm); in Serialize()
110 return keymaster::copy_uint32_from_buf(buf_ptr, end, &algorithm); in Deserialize()
113 keymaster_algorithm_t algorithm; member
118 static int set_attestation_key_or_cert_bin(uint32_t cmd, keymaster_algorithm_t algorithm, in set_attestation_key_or_cert_bin() argument
123 req.algorithm = algorithm; in set_attestation_key_or_cert_bin()
136 static int set_attestation_key_or_cert_pem(uint32_t cmd, keymaster_algorithm_t algorithm, in set_attestation_key_or_cert_pem() argument
163 ret = set_attestation_key_or_cert_bin(cmd, algorithm, key, keylen); in set_attestation_key_or_cert_pem()
[all …]
|
| /system/keymaster/legacy_support/ |
| D | keymaster1_legacy_support.cpp | 58 keymaster_algorithm_t algorithm, keymaster_purpose_t purpose, in add_digests() argument
60 auto key = std::make_pair(algorithm, purpose); in add_digests()
65 dev->get_supported_digests(dev, algorithm, purpose, &digests, &digests_length); in add_digests()
85 for (auto algorithm : sig_algorithms) in map_digests() local
89 add_digests(dev, algorithm, purpose, map, &alg_purpose_supports_all); in map_digests()
96 for (auto algorithm : crypt_algorithms) in map_digests() local
100 add_digests(dev, algorithm, purpose, map, &alg_purpose_supports_all); in map_digests()
117 static bool findUnsupportedDigest(keymaster_algorithm_t algorithm, keymaster_purpose_t purpose, in findUnsupportedDigest() argument
120 auto supported_digests = digest_map.find(std::make_pair(algorithm, purpose)); in findUnsupportedDigest()
141 bool requiresSoftwareDigesting(keymaster_algorithm_t algorithm, keymaster_purpose_t purpose, in requiresSoftwareDigesting() argument
[all …]
|
| /system/keymaster/contexts/ |
| D | keymaster2_passthrough_context.cpp | 42 KeyFactory* Keymaster2PassthroughContext::GetKeyFactory(keymaster_algorithm_t algorithm) const { in GetKeyFactory()
43 auto& result = factories_[algorithm]; in GetKeyFactory()
45 result.reset(new (std::nothrow) KeymasterPassthroughKeyFactory(engine_.get(), algorithm)); in GetKeyFactory()
50 Keymaster2PassthroughContext::GetOperationFactory(keymaster_algorithm_t algorithm, in GetOperationFactory() argument
52 auto keyfactory = GetKeyFactory(algorithm); in GetOperationFactory()
100 keymaster_algorithm_t algorithm; in ParseKeyBlob() local
101 if (!hw_enforced.GetTagValue(TAG_ALGORITHM, &algorithm) && in ParseKeyBlob()
102 !sw_enforced.GetTagValue(TAG_ALGORITHM, &algorithm)) { in ParseKeyBlob()
107 auto factory = GetKeyFactory(algorithm); in ParseKeyBlob()
|
| D | soft_attestation_cert.cpp | 281 const keymaster_key_blob_t* getAttestationKey(keymaster_algorithm_t algorithm, in getAttestationKey() argument
286 switch (algorithm) { in getAttestationKey()
299 CertificateChain getAttestationChain(keymaster_algorithm_t algorithm, keymaster_error_t* error) { in getAttestationChain() argument
304 switch (algorithm) { in getAttestationChain()
|
| D | keymaster1_passthrough_context.cpp | 56 KeyFactory* Keymaster1PassthroughContext::GetKeyFactory(keymaster_algorithm_t algorithm) const { in GetKeyFactory()
57 auto& result = factories_[algorithm]; in GetKeyFactory()
59 switch (algorithm) { in GetKeyFactory()
88 Keymaster1PassthroughContext::GetOperationFactory(keymaster_algorithm_t algorithm, in GetOperationFactory() argument
90 auto keyfactory = GetKeyFactory(algorithm); in GetOperationFactory()
167 keymaster_algorithm_t algorithm; in ParseKeyBlob() local
168 if (!hw_enforced.GetTagValue(TAG_ALGORITHM, &algorithm) && in ParseKeyBlob()
169 !sw_enforced.GetTagValue(TAG_ALGORITHM, &algorithm)) { in ParseKeyBlob()
172 auto factory = GetKeyFactory(algorithm); in ParseKeyBlob()
|
| D | soft_keymaster_device.cpp | 109 static keymaster_error_t add_digests(keymaster1_device_t* dev, keymaster_algorithm_t algorithm, in add_digests() argument
112 auto key = std::make_pair(algorithm, purpose); in add_digests()
117 dev->get_supported_digests(dev, algorithm, purpose, &digests, &digests_length); in add_digests()
137 for (auto algorithm : sig_algorithms) in map_digests() local
141 add_digests(dev, algorithm, purpose, map, &alg_purpose_supports_all); in map_digests()
148 for (auto algorithm : crypt_algorithms) in map_digests() local
152 add_digests(dev, algorithm, purpose, map, &alg_purpose_supports_all); in map_digests()
404 keymaster_algorithm_t algorithm, in get_supported_block_modes() argument
414 return km1_dev->get_supported_block_modes(km1_dev, algorithm, purpose, modes, modes_length); in get_supported_block_modes()
418 request.algorithm = algorithm; in get_supported_block_modes()
[all …]
|
| D | soft_keymaster_context.cpp | 97 KeyFactory* SoftKeymasterContext::GetKeyFactory(keymaster_algorithm_t algorithm) const { in GetKeyFactory()
98 switch (algorithm) { in GetKeyFactory()
123 OperationFactory* SoftKeymasterContext::GetOperationFactory(keymaster_algorithm_t algorithm, in GetOperationFactory() argument
125 KeyFactory* key_factory = GetKeyFactory(algorithm); in GetOperationFactory()
270 keymaster_algorithm_t algorithm; in ParseKeyBlob() local
271 if (!hw_enforced.GetTagValue(TAG_ALGORITHM, &algorithm) && in ParseKeyBlob()
272 !sw_enforced.GetTagValue(TAG_ALGORITHM, &algorithm)) { in ParseKeyBlob()
275 auto factory = GetKeyFactory(algorithm); in ParseKeyBlob()
|
| /system/keymaster/include/keymaster/contexts/ |
| D | soft_attestation_context.h | 35 KeymasterKeyBlob GetAttestationKey(keymaster_algorithm_t algorithm, in GetAttestationKey() argument
37 return KeymasterKeyBlob(*getAttestationKey(algorithm, error)); in GetAttestationKey()
40 CertificateChain GetAttestationChain(keymaster_algorithm_t algorithm, in GetAttestationChain() argument
42 return getAttestationChain(algorithm, error); in GetAttestationChain()
|
| D | soft_attestation_cert.h | 26 const keymaster_key_blob_t* getAttestationKey(keymaster_algorithm_t algorithm,
28 CertificateChain getAttestationChain(keymaster_algorithm_t algorithm, keymaster_error_t* error);
|
| /system/tools/mkbootimg/gki/ |
| D | certify_bootimg.py | 44 def add_certificate(boot_img, algorithm, key, extra_args): argument
58 algorithm=algorithm, key=key, salt='d00df00d',
195 def certify_bootimg(boot_img, output_img, algorithm, key, extra_args): argument
202 add_certificate(boot_tmp, algorithm, key, extra_args)
211 def certify_bootimg_zip(boot_img_zip, output_zip, algorithm, key, extra_args): argument
226 algorithm=algorithm, key=key, extra_args=extra_args)
238 certify_bootimg_zip(args.boot_img_zip, args.output, args.algorithm,
241 certify_bootimg(args.boot_img, args.output, args.algorithm,
|
| D | generate_gki_certificate.py | 25 def generate_gki_certificate(image, avbtool, name, algorithm, key, salt, argument
37 '--algorithm', algorithm,
87 algorithm=args.algorithm, key=args.key, salt=args.salt,
|
| /system/keymaster/include/keymaster/ |
| D | soft_keymaster_device.h | 81 bool FindUnsupportedDigest(keymaster_algorithm_t algorithm, keymaster_purpose_t purpose,
84 bool RequiresSoftwareDigesting(keymaster_algorithm_t algorithm, keymaster_purpose_t purpose,
88 static void StoreDefaultNewKeyParams(keymaster_algorithm_t algorithm,
91 keymaster_algorithm_t* algorithm);
105 keymaster_algorithm_t algorithm,
110 keymaster_algorithm_t algorithm,
115 keymaster_algorithm_t algorithm,
120 keymaster_algorithm_t algorithm,
124 keymaster_algorithm_t algorithm,
|
| D | operation.h | 43 : algorithm(alg), purpose(purp) {} in KeyType()
45 keymaster_algorithm_t algorithm; member
49 return algorithm == rhs.algorithm && purpose == rhs.purpose;
|
| D | attestation_context.h | 91 virtual KeymasterKeyBlob GetAttestationKey(keymaster_algorithm_t algorithm,
98 virtual CertificateChain GetAttestationChain(keymaster_algorithm_t algorithm,
|
| /system/security/keystore2/src/ |
| D | super_key.rs | 80 pub algorithm: SuperEncryptionAlgorithm, field
86 SuperKeyType { alias: "USER_SUPER_KEY", algorithm: SuperEncryptionAlgorithm::Aes256Gcm };
92 algorithm: SuperEncryptionAlgorithm::Aes256Gcm,
99 algorithm: SuperEncryptionAlgorithm::EcdhP521,
145 algorithm: SuperEncryptionAlgorithm, field
158 if self.algorithm == SuperEncryptionAlgorithm::Aes256Gcm { in decrypt()
167 if self.algorithm == SuperEncryptionAlgorithm::Aes256Gcm { in encrypt()
179 algorithm: SuperEncryptionAlgorithm, field
189 Ok(LockedKey { algorithm: to_encrypt.algorithm, id: to_encrypt.id, nonce, ciphertext }) in new()
225 Ok(Arc::new(SuperKey { algorithm: self.algorithm, key, id: self.id, reencrypt_with })) in decrypt()
[all …]
|
| /system/sepolicy/prebuilts/api/30.0/private/ |
| D | fsverity_init.te | 18 # When kernel requests an algorithm, the crypto API first looks for an
19 # already registered algorithm with that name. If it fails, the kernel creates
20 # an implementation of the algorithm from templates.
|
| /system/sepolicy/prebuilts/api/31.0/private/ |
| D | fsverity_init.te | 22 # When kernel requests an algorithm, the crypto API first looks for an
23 # already registered algorithm with that name. If it fails, the kernel creates
24 # an implementation of the algorithm from templates.
|
| /system/sepolicy/prebuilts/api/29.0/private/ |
| D | fsverity_init.te | 22 # When kernel requests an algorithm, the crypto API first looks for an
23 # already registered algorithm with that name. If it fails, the kernel creates
24 # an implementation of the algorithm from templates.
|
| /system/sepolicy/prebuilts/api/33.0/private/ |
| D | fsverity_init.te | 21 # When kernel requests an algorithm, the crypto API first looks for an
22 # already registered algorithm with that name. If it fails, the kernel creates
23 # an implementation of the algorithm from templates.
|
| /system/sepolicy/prebuilts/api/32.0/private/ |
| D | fsverity_init.te | 22 # When kernel requests an algorithm, the crypto API first looks for an
23 # already registered algorithm with that name. If it fails, the kernel creates
24 # an implementation of the algorithm from templates.
|
| /system/sepolicy/private/ |
| D | fsverity_init.te | 21 # When kernel requests an algorithm, the crypto API first looks for an
22 # already registered algorithm with that name. If it fails, the kernel creates
23 # an implementation of the algorithm from templates.
|
| /system/keymaster/tests/ |
| D | wrapped_key_test.cpp | 97 keymaster_algorithm_t algorithm; in TEST() local
98 auth_list.GetTagValue(TAG_ALGORITHM, &algorithm); in TEST()
99 EXPECT_EQ(algorithm, KM_ALGORITHM_AES); in TEST()
|
| /system/keymaster/km_openssl/ |
| D | attestation_utils.cpp | 218 EVP_PKEY_Ptr get_attestation_key(keymaster_algorithm_t algorithm, const AttestationContext& context, in get_attestation_key() argument
220 KeymasterKeyBlob signing_key_blob = context.GetAttestationKey(algorithm, error); in get_attestation_key()
291 keymaster_algorithm_t algorithm; in generate_attestation() local
292 if (!proxy.GetTagValue(TAG_ALGORITHM, &algorithm)) { in generate_attestation()
298 attest_key ? CertificateChain() : context.GetAttestationChain(algorithm, error); in generate_attestation()
312 signing_key = get_attestation_key(algorithm, context, error); in generate_attestation()
|
| /system/keymaster/android_keymaster/ |
| D | operation.cpp | 47 inline bool is_public_key_algorithm(keymaster_algorithm_t algorithm) { in is_public_key_algorithm() argument
48 switch (algorithm) { in is_public_key_algorithm()
66 if (!is_public_key_algorithm(key_type.algorithm)) return false; in is_public_key_operation()
|
| /system/keymaster/cppcose/ |
| D | cppcose.cpp | 355 auto& algorithm = parsedProtParams->asMap()->get(ALGORITHM); in verifyAndParseCoseSign1() local
356 if (!algorithm || !algorithm->asInt() || in verifyAndParseCoseSign1()
357 !(algorithm->asInt()->value() == EDDSA || algorithm->asInt()->value() == ES256)) { in verifyAndParseCoseSign1()
369 if (algorithm->asInt()->value() == EDDSA) { in verifyAndParseCoseSign1()
465 auto& algorithm = parsedProtParms->asMap()->get(ALGORITHM); in getSenderPubKeyFromCoseEncrypt() local
466 if (!algorithm || !algorithm->asInt() || algorithm->asInt()->value() != ECDH_ES_HKDF_256) { in getSenderPubKeyFromCoseEncrypt()
544 auto& algorithm = parsedProtParams->asMap()->get(ALGORITHM); in decryptCoseEncrypt() local
545 if (!algorithm || !algorithm->asInt() || algorithm->asInt()->value() != AES_GCM_256) { in decryptCoseEncrypt()
|