首页 > 其他分享 >android11 keymaster4 和 keymaster3 接口差异点

android11 keymaster4 和 keymaster3 接口差异点

时间:2023-01-11 10:11:06浏览次数:43  
标签:authToken android11 keymaster4 keymaster3 OperationHandle operationHandle vec in

最近在尝试升级optee的keymaster3实现到keymaster4。

记录下升级过程中的方法和一些坑,便于回溯。

keymaster源码:https://github.com/linaro-swg/kmgk

基于这份源码,based android R,修复了一些cts问题,之后尝试从3.0升级到4.0。

首先需要明确的是,需要新开发的接口,所以有了这个对比图。

版本:android11

hardware/interfaces/keymaster/4.1/IKeymasterDevice.hal

hardware/interfaces/keymaster/4.0/IKeymasterDevice.hal

hardware/interfaces/keymaster/3.0/IKeymasterDevice.hal

 3.0  

4.0   4.1
   
deviceLocked(bool passwordOnly, VerificationToken verificationToken)
   
earlyBootEnded()
 
getHardwareInfo()
 
 
getHmacSharingParameters()
 
 
computeSharedHmac(vec<HmacSharingParameters> params)
 
   
verifyAuthorization(uint64_t operationHandle, vec<KeyParameter> parametersToVerify,
                        HardwareAuthToken authToken)
 
getHardwareFeatures()
   
 
addRngEntropy(vec<uint8_t> data)
 
addRngEntropy(vec<uint8_t> data)
 
 
generateKey(vec<KeyParameter> keyParams)
 
generateKey(vec<KeyParameter> keyParams)
 
 
importKey(vec<KeyParameter> params, KeyFormat keyFormat, vec<uint8_t> keyData)
 
importKey(vec<KeyParameter> keyParams, KeyFormat keyFormat, vec<uint8_t> keyData)
 
   
importWrappedKey(vec<uint8_t> wrappedKeyData, vec<uint8_t> wrappingKeyBlob,
                     vec<uint8_t> maskingKey, vec<KeyParameter> unwrappingParams,
                     uint64_t passwordSid, uint64_t biometricSid)
 
 
getKeyCharacteristics(vec<uint8_t> keyBlob, vec<uint8_t> clientId, vec<uint8_t> appData)
 
getKeyCharacteristics(vec<uint8_t> keyBlob, vec<uint8_t> clientId, vec<uint8_t> appData)
 
 
exportKey(KeyFormat keyFormat, vec<uint8_t> keyBlob, vec<uint8_t> clientId,
              vec<uint8_t> appData)
 
exportKey(KeyFormat keyFormat, vec<uint8_t> keyBlob, vec<uint8_t> clientId,
              vec<uint8_t> appData)
 
 
attestKey(vec<uint8_t> keyToAttest, vec<KeyParameter> attestParams)
 
attestKey(vec<uint8_t> keyToAttest, vec<KeyParameter> attestParams)
 
 
upgradeKey(vec<uint8_t> keyBlobToUpgrade, vec<KeyParameter> upgradeParams)
 
upgradeKey(vec<uint8_t> keyBlobToUpgrade, vec<KeyParameter> upgradeParams)
 
 
deleteKey(vec<uint8_t> keyBlob)
 
deleteKey(vec<uint8_t> keyBlob)
 
 
deleteAllKeys()
 
deleteAllKeys()
 
 
destroyAttestationIds()
 
destroyAttestationIds()
 
 
begin(KeyPurpose purpose, vec<uint8_t> key, vec<KeyParameter> inParams)
 
begin(KeyPurpose purpose, vec<uint8_t> keyBlob, vec<KeyParameter> inParams,
          HardwareAuthToken authToken)
 
 
update(OperationHandle operationHandle, vec<KeyParameter> inParams, vec<uint8_t> input)
 
update(OperationHandle operationHandle, vec<KeyParameter> inParams, vec<uint8_t> input,
           HardwareAuthToken authToken, VerificationToken verificationToken)
 
 
finish(OperationHandle operationHandle, vec<KeyParameter> inParams, vec<uint8_t> input,
           vec<uint8_t> signature)
 
finish(OperationHandle operationHandle, vec<KeyParameter> inParams, vec<uint8_t> input,
           vec<uint8_t> signature, HardwareAuthToken authToken, VerificationToken verificationToken)
 
 
abort(OperationHandle operationHandle)
 
abort(OperationHandle operationHandle)
 

标签:authToken,android11,keymaster4,keymaster3,OperationHandle,operationHandle,vec,in
From: https://www.cnblogs.com/xiululu/p/17040752.html

相关文章