Lines Matching refs:enforced
129 * o Tag::OS_VERSION, must be hardware-enforced.
130 * o Tag::OS_PATCHLEVEL, must be hardware-enforced.
131 * o Tag::VENDOR_PATCHLEVEL, must be hardware-enforced.
132 * o Tag::BOOT_PATCHLEVEL, must be hardware-enforced.
133 * o Tag::CREATION_DATETIME, must be software-enforced, unless the IKeymasterDevice has access to
135 * o Tag::ORIGIN, must be hardware-enforced.
161 * Some tags must be enforced by the IKeymasterDevice. See the detailed documentation on each Tag
178 * of the software-enforced key access controls by making it impossible for an attacker-installed
393 * in the hardware-enforced and software-enforced lists. See getKeyCharacteristics for more
406 * software-enforced list. It must be cryptographically bound to the key, like all tags.
595 * Returns parameters associated with the provided key, divided into two sets: hardware-enforced
596 * and software-enforced. The description here applies equally to the key characteristics lists
601 * belongs in the hardware-enforced or software-enforced list is that if the meaning of the tag
602 * is fully assured by secure hardware, it is hardware enforced. Otherwise, it's software
603 * enforced.
841 * with Tag::ROLLBACK_RESISTANCE in its hardware-enforced authorization list must render the key
851 * this function is called all keys with Tag::ROLLBACK_RESISTANCE in their hardware-enforced
892 * The following key authorization parameters must be enforced by the IKeymasterDevice secure
906 * o Tag::ACTIVE_DATETIME can only be enforced if a trusted UTC time source is available. If
910 * o Tag::ORIGINATION_EXPIRE_DATETIME can only be enforced if a trusted UTC time source is
914 * o Tag::USAGE_EXPIRE_DATETIME can only be enforced if a trusted UTC time source is
927 * o Tag::USER_SECURE_ID must be enforced by this method if and only if the key also has
929 * requirement must be enforced by update() and finish()). If the key has both, then this