commit fb769fc3125d2939683f2f5bff2cf25816e5838c
author Shawn Willden <swillden@google.com> Mon May 11 09:24:48 2015 -0600
committer Shawn Willden <swillden@google.com> Tue May 12 12:09:56 2015 +0000
tree a2a324c1d32af22a20f9d6f84421733313552151
parent 9b31a49c3633895d9a2bf08ddb2ea73f8e8d0c64

Add KM_TAG_BOOTLOADER_ONLY.

Change-Id: Ia507a1378487640683985dbce2e76679261900d3
(cherry picked from commit 3eed99a54b55a120c835de63b5872121b2fe98d1)

include/hardware/keymaster_defs.h

diff --git a/include/hardware/keymaster_defs.h b/include/hardware/keymaster_defs.h
index 1b43fb2..8e25e6c 100644
--- a/include/hardware/keymaster_defs.h
+++ b/include/hardware/keymaster_defs.h
@@ -62,12 +62,13 @@
                                              been authenticated.  WARNING: Not recommended. */
     KM_TAG_CALLER_NONCE = KM_BOOL | 8,    /* Allow caller to specify nonce or IV. */
 
-    /* Other hardware-enforced. */
-    KM_TAG_BLOB_USAGE_REQUIREMENTS = KM_ENUM | 705, /* keymaster_key_blob_usage_requirements_t */
-
     /* Algorithm-specific. */
     KM_TAG_RSA_PUBLIC_EXPONENT = KM_LONG | 200, /* Defaults to 2^16+1 */
 
+    /* Other hardware-enforced. */
+    KM_TAG_BLOB_USAGE_REQUIREMENTS = KM_ENUM | 301, /* keymaster_key_blob_usage_requirements_t */
+    KM_TAG_BOOTLOADER_ONLY = KM_BOOL | 302,         /* Usable only by bootloader */
+
     /*
      * Tags that should be semantically enforced by hardware if possible and will otherwise be
      * enforced by software (keystore).
@@ -277,9 +278,9 @@
  * In the future this list will expand greatly to accommodate asymmetric key import/export.
  */
 typedef enum {
-    KM_KEY_FORMAT_X509 = 0,   /* for public key export */
-    KM_KEY_FORMAT_PKCS8 = 1,  /* for asymmetric key pair import */
-    KM_KEY_FORMAT_RAW = 3,    /* for symmetric key import */
+    KM_KEY_FORMAT_X509 = 0,  /* for public key export */
+    KM_KEY_FORMAT_PKCS8 = 1, /* for asymmetric key pair import */
+    KM_KEY_FORMAT_RAW = 3,   /* for symmetric key import */
 } keymaster_key_format_t;
 
 /**