History log of /system/security/keystore/KeyAttestationApplicationId.cpp
Revision Date Author Comments (<<< Hide modified files) (Show modified files >>>)
ea47d3f78bd6902e406f5faf84a5477112f10e3e 06-Dec-2017 Eran Messeri <eranm@google.com> Keystore: Enable key attestation from the system context.

When key attestation is requested by the system context, indicate, in
the attestation record, that the requesting package is the system and
not a user app.
This is done by including a single package information with
"AndroidSystem" as the package name and an empty signature.

This change is needed because the package manager currently fails to
provide package details for the system context (UID 1000). Even if it did,
it would be too verbose and include irrelevant packages.

This is necessary for supporting key attestation for keys generated
directly by KeyChain.

Bug: 63388672
Test: Combined with CTS tests for the attestation feature.
Change-Id: I33492ad1286709fe94b11be77e94d4effdf7566f
/system/security/keystore/KeyAttestationApplicationId.cpp
18f27ade48405475ed610ee0067faa773211d598 01-Jun-2016 Janis Danisevskis <jdanis@google.com> Add attestation application id for key attestation

This patch adds functionality for gathering an application id
for the attestation of a key that is bound to an application
in the keystore.

Keystore gathers the information package name, package version,
and signing certificates of the calling app from the package manager.
It then DER encodes the information and appends it to attestation
parameters.

Bug: 22914603
Change-Id: I9fe1d8f97ee1dfa79284bcf751f86631c94d4174
/system/security/keystore/KeyAttestationApplicationId.cpp