diff options
author | Matthew Maurer <mmaurer@google.com> | 2019-03-18 13:37:02 -0700 |
---|---|---|
committer | Matthew Maurer <mmaurer@google.com> | 2019-03-26 00:18:24 +0000 |
commit | 0b9dc0d02650d02f247b29418f30acb0a76b9628 (patch) | |
tree | 233ec3dba92cefdd9c2137276f2e4d44b3d12e03 | |
parent | 68222be6674ffcf23f6eae56f1220fb93a366618 (diff) | |
download | libhardware-0b9dc0d02650d02f247b29418f30acb0a76b9628.tar.gz |
Add KM_TRUSTED_CONFIRMATION_REQUIRED
This was added in KM4, but didn't make it into this header.
Additionally, KM_TAG_UNLOCKED_DEVICE_REQUIRED was squatting on
KM_TRUSTED_CONFIRMATION_REQUIRED's number.
See hardware/interfaces/keymaster/4.0/types.hal for correct numbering.
Bug: 128851722
Test: Keymaster VTS 4.0 + Trusty
Change-Id: I89117ffe91602884edb8dd19ffd22e659f40fb1c
-rw-r--r-- | include/hardware/keymaster_defs.h | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/include/hardware/keymaster_defs.h b/include/hardware/keymaster_defs.h index 196062ee..eca484cd 100644 --- a/include/hardware/keymaster_defs.h +++ b/include/hardware/keymaster_defs.h @@ -112,7 +112,9 @@ typedef enum { KM_TAG_ALLOW_WHILE_ON_BODY = KM_BOOL | 506, /* Allow key to be used after authentication timeout * if device is still on-body (requires secure * on-body sensor. */ - KM_TAG_UNLOCKED_DEVICE_REQUIRED = KM_BOOL | 508, /* Require the device screen to be unlocked if the + KM_TAG_TRUSTED_CONFIRMATION_REQUIRED = KM_BOOL | 508, /* Require user confirmation through a + * trusted UI to use this key */ + KM_TAG_UNLOCKED_DEVICE_REQUIRED = KM_BOOL | 509, /* Require the device screen to be unlocked if the * key is used. */ /* Application access control */ @@ -454,6 +456,7 @@ typedef enum { KM_ERROR_KEYMASTER_NOT_CONFIGURED = -64, KM_ERROR_ATTESTATION_APPLICATION_ID_MISSING = -65, KM_ERROR_CANNOT_ATTEST_IDS = -66, + KM_ERROR_NO_USER_CONFIRMATION = -71, KM_ERROR_DEVICE_LOCKED = -72, KM_ERROR_UNIMPLEMENTED = -100, |