Home
last modified time | relevance | path

Searched refs:authorizations (Results 1 – 17 of 17) sorted by relevance

/system/keymaster/
Dec_key_factory.cpp81 AuthorizationSet authorizations(key_description); in GenerateKey() local
85 keymaster_error_t error = GetCurveAndSize(authorizations, &ec_curve, &key_size); in GenerateKey()
88 } else if (!authorizations.Contains(TAG_KEY_SIZE, key_size)) { in GenerateKey()
89 authorizations.push_back(TAG_KEY_SIZE, key_size); in GenerateKey()
90 } else if (!authorizations.Contains(TAG_EC_CURVE, ec_curve)) { in GenerateKey()
91 authorizations.push_back(TAG_EC_CURVE, ec_curve); in GenerateKey()
123 return context_->CreateKeyBlob(authorizations, KM_ORIGIN_GENERATED, key_material, key_blob, in GenerateKey()
136 AuthorizationSet authorizations; in ImportKey() local
139 key_description, input_key_material_format, input_key_material, &authorizations, &key_size); in ImportKey()
143 return context_->CreateKeyBlob(authorizations, KM_ORIGIN_IMPORTED, input_key_material, in ImportKey()
Drsa_key_factory.cpp59 AuthorizationSet authorizations(key_description); in GenerateKey() local
62 if (!authorizations.GetTagValue(TAG_RSA_PUBLIC_EXPONENT, &public_exponent)) { in GenerateKey()
68 if (!authorizations.GetTagValue(TAG_KEY_SIZE, &key_size)) { in GenerateKey()
95 return context_->CreateKeyBlob(authorizations, KM_ORIGIN_GENERATED, key_material, key_blob, in GenerateKey()
108 AuthorizationSet authorizations; in ImportKey() local
113 &authorizations, &public_exponent, &key_size); in ImportKey()
116 return context_->CreateKeyBlob(authorizations, KM_ORIGIN_IMPORTED, input_key_material, in ImportKey()
Decies_kem.cpp25 AuthorizationSet authorizations(kem_description); in EciesKem() local
27 if (!authorizations.GetTagValue(TAG_EC_CURVE, &curve_)) { in EciesKem()
46 if (!authorizations.GetTagValue(TAG_KDF, &kdf)) { in EciesKem()
65 if (!authorizations.GetTagValue(TAG_KEY_SIZE, &key_bytes_to_generate_)) { in EciesKem()
71 single_hash_mode_ = authorizations.GetTagValue(TAG_ECIES_SINGLE_HASH_MODE); in EciesKem()
Dsymmetric_key.cpp74 AuthorizationSet authorizations(key_description); in ImportKey() local
77 if (!authorizations.GetTagValue(TAG_KEY_SIZE, &key_size_bits)) { in ImportKey()
80 authorizations.push_back(TAG_KEY_SIZE, key_size_bits); in ImportKey()
99 return context_->CreateKeyBlob(authorizations, KM_ORIGIN_IMPORTED, input_key_material, in ImportKey()
Doperation.cpp102 !key.authorizations().Contains(TAG_PADDING, *padding) && in GetAndValidatePadding()
103 !key.authorizations().Contains(TAG_PADDING_OLD, *padding)) { in GetAndValidatePadding()
127 !key.authorizations().Contains(TAG_DIGEST, *digest) && in GetAndValidateDigest()
128 !key.authorizations().Contains(TAG_DIGEST_OLD, *digest)) { in GetAndValidateDigest()
Dec_keymaster0_key.cpp79 AuthorizationSet authorizations; in ImportKey() local
82 key_description, input_key_material_format, input_key_material, &authorizations, &key_size); in ImportKey()
96 return context_->CreateKeyBlob(authorizations, KM_ORIGIN_UNKNOWN, imported_hw_key, in ImportKey()
Drsa_keymaster0_key.cpp77 AuthorizationSet authorizations; in ImportKey() local
82 &authorizations, &public_exponent, &key_size); in ImportKey()
97 return context_->CreateKeyBlob(authorizations, KM_ORIGIN_UNKNOWN, imported_hw_key, in ImportKey()
Dkey.h51 const AuthorizationSet& authorizations() const { return authorizations_; } in authorizations() function
Dhmac_operation.cpp40 if (!key.authorizations().GetTagValue(TAG_MIN_MAC_LENGTH, &min_mac_length_bits)) { in CreateOperation()
61 if (!key.authorizations().GetTagValue(TAG_DIGEST, &digest)) { in CreateOperation()
Dandroid_keymaster.cpp254 if (!key->authorizations().GetTagValue(TAG_ALGORITHM, &key_algorithm)) in BeginOperation()
274 request.purpose, key_id, key->authorizations(), request.additional_params, in BeginOperation()
285 operation->SetAuthorizations(key->authorizations()); in BeginOperation()
301 operation->purpose(), operation->key_id(), operation->authorizations(), in UpdateOperation()
330 operation->purpose(), operation->key_id(), operation->authorizations(), in FinishOperation()
Doperation.h101 const AuthorizationSet authorizations() { return key_auths_; } in authorizations() function
Dasymmetric_key.cpp312 authorizations().GetTagValue(TAG_ACTIVE_DATETIME, &activeDateTime); in GenerateAttestation()
319 authorizations().GetTagValue(TAG_USAGE_EXPIRE_DATETIME, &usageExpireDateTime); in GenerateAttestation()
Daes_operation.cpp103 } else if (!key.authorizations().Contains(TAG_BLOCK_MODE, block_mode)) { in CreateOperation()
111 *error = GetAndValidateGcmTagLength(begin_params, key.authorizations(), &tag_length); in CreateOperation()
127 bool caller_nonce = key.authorizations().GetTagValue(TAG_CALLER_NONCE); in CreateOperation()
/system/tpm/trunks/generator/
Draw_structures.txt5484 authorizations for objects subject to DA protection
8323 If this attribute is CLEAR, then then HMAC or password authorizations may not be used for USER role
8324 authorizations.
8327 Regardless of the setting of this attribute, authorizations for operations th at require USER role
8328 authorizations may be provided with a policy session that satisfies the object's authPolicy.
8366 If this attribute is SET, then then HMAC or password authorizations may not be used for ADMIN role
8367 authorizations.
8376 authValue may not be used for USER mode authorizations. When adminWithPolicy is CLEAR, it means
8984 CLEAR (0): platformAuth and platformPolicy may not be used for authorizations,
8995 CLEAR (0): ownerAuth and ownerPolicy may not be used for authorizations, and
[all …]
Draw_structures_fixed.txt5478 authorizations for objects subject to DA protection
8351 If this attribute is CLEAR, then then HMAC or password authorizations may not be used for USER role
8352 authorizations.
8355 Regardless of the setting of this attribute, authorizations for operations th at require USER role
8356 authorizations may be provided with a policy session that satisfies the object's authPolicy.
8394 If this attribute is SET, then then HMAC or password authorizations may not be used for ADMIN role
8395 authorizations.
8404 authValue may not be used for USER mode authorizations. When adminWithPolicy is CLEAR, it means
9012 CLEAR (0): platformAuth and platformPolicy may not be used for authorizations,
9023 CLEAR (0): ownerAuth and ownerPolicy may not be used for authorizations, and
[all …]
Draw_commands_fixed.txt1073 If the handle references an NV Index, then the allowed authorizations are determined by the
1101 When the command tag is TPM_ST_NO_SESSIONS, no authorizations are present and no
1373 authorizations shall be checked. Authorization checks only apply to handles if the handle in the co…
1809 This response indicates that authorizations for objects subject to DA protection
4031 allows the authorizations to be replayed because the session restarts with the same nonceTPM. If the
18677 authorizations required to use an object have been provided. Many of the commands will also modify
20373 This command allows options in authorizations without requiring that the TPM evaluate all of the op…
20648 authorizations to occur when PCR are in one state and a different set of authorizations when the PC…
27222 However, a command that requires multiple authorizations will not be accepted when the TPM is in
27223 Lockout mode unless all of the authorizations reference objects and indexes in the Platform
[all …]
Draw_commands.txt1073 If the handle references an NV Index, then the allowed authorizations are determined by the
1101 When the command tag is TPM_ST_NO_SESSIONS, no authorizations are present and no
1373 authorizations shall be checked. Authorization checks only apply to handles if the handle in the co…
1809 This response indicates that authorizations for objects subject to DA protection
4029 allows the authorizations to be replayed because the session restarts with the same nonceTPM. If the
18666 authorizations required to use an object have been provided. Many of the commands will also modify
20362 This command allows options in authorizations without requiring that the TPM evaluate all of the op…
20637 authorizations to occur when PCR are in one state and a different set of authorizations when the PC…
27211 However, a command that requires multiple authorizations will not be accepted when the TPM is in
27212 Lockout mode unless all of the authorizations reference objects and indexes in the Platform
[all …]