/system/keymaster/ |
D | ec_key_factory.cpp | 81 AuthorizationSet authorizations(key_description); in GenerateKey() local 85 keymaster_error_t error = GetCurveAndSize(authorizations, &ec_curve, &key_size); in GenerateKey() 88 } else if (!authorizations.Contains(TAG_KEY_SIZE, key_size)) { in GenerateKey() 89 authorizations.push_back(TAG_KEY_SIZE, key_size); in GenerateKey() 90 } else if (!authorizations.Contains(TAG_EC_CURVE, ec_curve)) { in GenerateKey() 91 authorizations.push_back(TAG_EC_CURVE, ec_curve); in GenerateKey() 123 return context_->CreateKeyBlob(authorizations, KM_ORIGIN_GENERATED, key_material, key_blob, in GenerateKey() 136 AuthorizationSet authorizations; in ImportKey() local 139 key_description, input_key_material_format, input_key_material, &authorizations, &key_size); in ImportKey() 143 return context_->CreateKeyBlob(authorizations, KM_ORIGIN_IMPORTED, input_key_material, in ImportKey()
|
D | rsa_key_factory.cpp | 59 AuthorizationSet authorizations(key_description); in GenerateKey() local 62 if (!authorizations.GetTagValue(TAG_RSA_PUBLIC_EXPONENT, &public_exponent)) { in GenerateKey() 68 if (!authorizations.GetTagValue(TAG_KEY_SIZE, &key_size)) { in GenerateKey() 95 return context_->CreateKeyBlob(authorizations, KM_ORIGIN_GENERATED, key_material, key_blob, in GenerateKey() 108 AuthorizationSet authorizations; in ImportKey() local 113 &authorizations, &public_exponent, &key_size); in ImportKey() 116 return context_->CreateKeyBlob(authorizations, KM_ORIGIN_IMPORTED, input_key_material, in ImportKey()
|
D | ecies_kem.cpp | 25 AuthorizationSet authorizations(kem_description); in EciesKem() local 27 if (!authorizations.GetTagValue(TAG_EC_CURVE, &curve_)) { in EciesKem() 46 if (!authorizations.GetTagValue(TAG_KDF, &kdf)) { in EciesKem() 65 if (!authorizations.GetTagValue(TAG_KEY_SIZE, &key_bytes_to_generate_)) { in EciesKem() 71 single_hash_mode_ = authorizations.GetTagValue(TAG_ECIES_SINGLE_HASH_MODE); in EciesKem()
|
D | symmetric_key.cpp | 74 AuthorizationSet authorizations(key_description); in ImportKey() local 77 if (!authorizations.GetTagValue(TAG_KEY_SIZE, &key_size_bits)) { in ImportKey() 80 authorizations.push_back(TAG_KEY_SIZE, key_size_bits); in ImportKey() 99 return context_->CreateKeyBlob(authorizations, KM_ORIGIN_IMPORTED, input_key_material, in ImportKey()
|
D | operation.cpp | 102 !key.authorizations().Contains(TAG_PADDING, *padding) && in GetAndValidatePadding() 103 !key.authorizations().Contains(TAG_PADDING_OLD, *padding)) { in GetAndValidatePadding() 127 !key.authorizations().Contains(TAG_DIGEST, *digest) && in GetAndValidateDigest() 128 !key.authorizations().Contains(TAG_DIGEST_OLD, *digest)) { in GetAndValidateDigest()
|
D | ec_keymaster0_key.cpp | 79 AuthorizationSet authorizations; in ImportKey() local 82 key_description, input_key_material_format, input_key_material, &authorizations, &key_size); in ImportKey() 96 return context_->CreateKeyBlob(authorizations, KM_ORIGIN_UNKNOWN, imported_hw_key, in ImportKey()
|
D | rsa_keymaster0_key.cpp | 77 AuthorizationSet authorizations; in ImportKey() local 82 &authorizations, &public_exponent, &key_size); in ImportKey() 97 return context_->CreateKeyBlob(authorizations, KM_ORIGIN_UNKNOWN, imported_hw_key, in ImportKey()
|
D | key.h | 51 const AuthorizationSet& authorizations() const { return authorizations_; } in authorizations() function
|
D | hmac_operation.cpp | 40 if (!key.authorizations().GetTagValue(TAG_MIN_MAC_LENGTH, &min_mac_length_bits)) { in CreateOperation() 61 if (!key.authorizations().GetTagValue(TAG_DIGEST, &digest)) { in CreateOperation()
|
D | android_keymaster.cpp | 254 if (!key->authorizations().GetTagValue(TAG_ALGORITHM, &key_algorithm)) in BeginOperation() 274 request.purpose, key_id, key->authorizations(), request.additional_params, in BeginOperation() 285 operation->SetAuthorizations(key->authorizations()); in BeginOperation() 301 operation->purpose(), operation->key_id(), operation->authorizations(), in UpdateOperation() 330 operation->purpose(), operation->key_id(), operation->authorizations(), in FinishOperation()
|
D | operation.h | 101 const AuthorizationSet authorizations() { return key_auths_; } in authorizations() function
|
D | asymmetric_key.cpp | 312 authorizations().GetTagValue(TAG_ACTIVE_DATETIME, &activeDateTime); in GenerateAttestation() 319 authorizations().GetTagValue(TAG_USAGE_EXPIRE_DATETIME, &usageExpireDateTime); in GenerateAttestation()
|
D | aes_operation.cpp | 103 } else if (!key.authorizations().Contains(TAG_BLOCK_MODE, block_mode)) { in CreateOperation() 111 *error = GetAndValidateGcmTagLength(begin_params, key.authorizations(), &tag_length); in CreateOperation() 127 bool caller_nonce = key.authorizations().GetTagValue(TAG_CALLER_NONCE); in CreateOperation()
|
/system/tpm/trunks/generator/ |
D | raw_structures.txt | 5484 authorizations for objects subject to DA protection 8323 If this attribute is CLEAR, then then HMAC or password authorizations may not be used for USER role 8324 authorizations. 8327 Regardless of the setting of this attribute, authorizations for operations th at require USER role 8328 authorizations may be provided with a policy session that satisfies the object's authPolicy. 8366 If this attribute is SET, then then HMAC or password authorizations may not be used for ADMIN role 8367 authorizations. 8376 authValue may not be used for USER mode authorizations. When adminWithPolicy is CLEAR, it means 8984 CLEAR (0): platformAuth and platformPolicy may not be used for authorizations, 8995 CLEAR (0): ownerAuth and ownerPolicy may not be used for authorizations, and [all …]
|
D | raw_structures_fixed.txt | 5478 authorizations for objects subject to DA protection 8351 If this attribute is CLEAR, then then HMAC or password authorizations may not be used for USER role 8352 authorizations. 8355 Regardless of the setting of this attribute, authorizations for operations th at require USER role 8356 authorizations may be provided with a policy session that satisfies the object's authPolicy. 8394 If this attribute is SET, then then HMAC or password authorizations may not be used for ADMIN role 8395 authorizations. 8404 authValue may not be used for USER mode authorizations. When adminWithPolicy is CLEAR, it means 9012 CLEAR (0): platformAuth and platformPolicy may not be used for authorizations, 9023 CLEAR (0): ownerAuth and ownerPolicy may not be used for authorizations, and [all …]
|
D | raw_commands_fixed.txt | 1073 If the handle references an NV Index, then the allowed authorizations are determined by the 1101 When the command tag is TPM_ST_NO_SESSIONS, no authorizations are present and no 1373 authorizations shall be checked. Authorization checks only apply to handles if the handle in the co… 1809 This response indicates that authorizations for objects subject to DA protection 4031 allows the authorizations to be replayed because the session restarts with the same nonceTPM. If the 18677 authorizations required to use an object have been provided. Many of the commands will also modify 20373 This command allows options in authorizations without requiring that the TPM evaluate all of the op… 20648 authorizations to occur when PCR are in one state and a different set of authorizations when the PC… 27222 However, a command that requires multiple authorizations will not be accepted when the TPM is in 27223 Lockout mode unless all of the authorizations reference objects and indexes in the Platform [all …]
|
D | raw_commands.txt | 1073 If the handle references an NV Index, then the allowed authorizations are determined by the 1101 When the command tag is TPM_ST_NO_SESSIONS, no authorizations are present and no 1373 authorizations shall be checked. Authorization checks only apply to handles if the handle in the co… 1809 This response indicates that authorizations for objects subject to DA protection 4029 allows the authorizations to be replayed because the session restarts with the same nonceTPM. If the 18666 authorizations required to use an object have been provided. Many of the commands will also modify 20362 This command allows options in authorizations without requiring that the TPM evaluate all of the op… 20637 authorizations to occur when PCR are in one state and a different set of authorizations when the PC… 27211 However, a command that requires multiple authorizations will not be accepted when the TPM is in 27212 Lockout mode unless all of the authorizations reference objects and indexes in the Platform [all …]
|