Remove KM_TAG_CHUNK_LENGTH and add KM_TAG_AEAD_TAG
Change-Id: I384f3d2fee2f68279c6518d9ac0a79e29bed0e52
diff --git a/core/java/android/security/keymaster/KeymasterDefs.java b/core/java/android/security/keymaster/KeymasterDefs.java
index 0e2b8ba..b450a6b 100644
--- a/core/java/android/security/keymaster/KeymasterDefs.java
+++ b/core/java/android/security/keymaster/KeymasterDefs.java
@@ -50,8 +50,7 @@
public static final int KM_TAG_BLOCK_MODE = KM_ENUM_REP | 4;
public static final int KM_TAG_DIGEST = KM_ENUM_REP | 5;
public static final int KM_TAG_PADDING = KM_ENUM_REP | 6;
- public static final int KM_TAG_RETURN_UNAUTHED = KM_BOOL | 7;
- public static final int KM_TAG_CALLER_NONCE = KM_BOOL | 8;
+ public static final int KM_TAG_CALLER_NONCE = KM_BOOL | 7;
public static final int KM_TAG_RESCOPING_ADD = KM_ENUM_REP | 101;
public static final int KM_TAG_RESCOPING_DEL = KM_ENUM_REP | 102;
@@ -82,7 +81,7 @@
public static final int KM_TAG_ASSOCIATED_DATA = KM_BYTES | 1000;
public static final int KM_TAG_NONCE = KM_BYTES | 1001;
- public static final int KM_TAG_CHUNK_LENGTH = KM_INT | 1002;
+ public static final int KM_TAG_AEAD_TAG = KM_BYTES | 1002;
public static final int KM_TAG_AUTH_TOKEN = KM_BYTES | 1003;
public static final int KM_TAG_MAC_LENGTH = KM_INT | 1004;
@@ -194,7 +193,7 @@
public static final int KM_ERROR_UNSUPPORTED_EC_FIELD = -50;
public static final int KM_ERROR_MISSING_NONCE = -51;
public static final int KM_ERROR_INVALID_NONCE = -52;
- public static final int KM_ERROR_UNSUPPORTED_CHUNK_LENGTH = -53;
+ public static final int KM_ERROR_MISSING_MAC_LENGTH = -53;
public static final int KM_ERROR_RESCOPABLE_KEY_NOT_USABLE = -54;
public static final int KM_ERROR_CALLER_NONCE_PROHIBITED = -55;
public static final int KM_ERROR_UNIMPLEMENTED = -100;
diff --git a/keystore/tests/src/android/security/KeyStoreTest.java b/keystore/tests/src/android/security/KeyStoreTest.java
index c68b42b..8259f9b 100644
--- a/keystore/tests/src/android/security/KeyStoreTest.java
+++ b/keystore/tests/src/android/security/KeyStoreTest.java
@@ -806,8 +806,6 @@
args.addInt(KeymasterDefs.KM_TAG_PADDING, KeymasterDefs.KM_PAD_NONE);
args.addInt(KeymasterDefs.KM_TAG_KEY_SIZE, 256);
args.addInt(KeymasterDefs.KM_TAG_BLOCK_MODE, KeymasterDefs.KM_MODE_GCM);
- args.addInt(KeymasterDefs.KM_TAG_CHUNK_LENGTH, 4096);
- args.addInt(KeymasterDefs.KM_TAG_MAC_LENGTH, 16);
args.addBoolean(KeymasterDefs.KM_TAG_NO_AUTH_REQUIRED);
KeyCharacteristics outCharacteristics = new KeyCharacteristics();
@@ -819,6 +817,7 @@
args.addInt(KeymasterDefs.KM_TAG_ALGORITHM, KeymasterDefs.KM_ALGORITHM_AES);
args.addInt(KeymasterDefs.KM_TAG_BLOCK_MODE, KeymasterDefs.KM_MODE_GCM);
args.addInt(KeymasterDefs.KM_TAG_PADDING, KeymasterDefs.KM_PAD_NONE);
+ args.addInt(KeymasterDefs.KM_TAG_MAC_LENGTH, 128);
OperationResult result = mKeyStore.begin(name, KeymasterDefs.KM_PURPOSE_ENCRYPT,
true, args, null, out);
IBinder token = result.token;
@@ -827,6 +826,7 @@
assertEquals("Update should succeed", KeyStore.NO_ERROR, result.resultCode);
assertEquals("Finish should succeed", KeyStore.NO_ERROR,
mKeyStore.finish(token, null, null).resultCode);
+ // TODO: Assert that an AEAD tag was returned by finish
}
public void testBadToken() throws Exception {