abaf4d88d8ef3061de05da7034fc28b2ba880e71 |
|
28-Dec-2017 |
Eran Messeri <eranm@google.com> |
Fix version code handling in attestation records The version code is one of the fields included in the attestationApplicationId field of the attestation record (tag 709). It was converted to a 64-bit integer (returned by getLongVersionCode) in Change-ID Ibfffe235bbfcf358b3741abd3f7197fdb063d3f3. This broke the KeyAttestation test as the Signature array size (the 4 bytes read after the 4 bytes that used to be the int32 indicating version code) gets incorrectly read as zero, causing the omission of any signature info in the attestation record produced. This fixes the broken functionality by changing the field type in the native code to int64_t, and the integer value in the attestation record to match. Bug: 71021326 Test: runtest --path cts/tests/tests/keystore/src/android/keystore/cts/KeyAttestationTest.java Change-Id: I5fe53eb75b544f307c0f419029735ca22fe2b595
/system/security/keystore/include/keystore/KeyAttestationPackageInfo.h
|
8845a098c91d75b3d079e9ee6aafba919f7a9c66 |
|
03-Dec-2017 |
Shawn Willden <swillden@google.com> |
Clean up #includes in keystore/include Test: runtest --path cts/tests/tests/keystore/src/android/keystore/cts Change-Id: I021429fcda468e87c82a426e0424320c3f0fa3e2
/system/security/keystore/include/keystore/KeyAttestationPackageInfo.h
|
ea47d3f78bd6902e406f5faf84a5477112f10e3e |
|
06-Dec-2017 |
Eran Messeri <eranm@google.com> |
Keystore: Enable key attestation from the system context. When key attestation is requested by the system context, indicate, in the attestation record, that the requesting package is the system and not a user app. This is done by including a single package information with "AndroidSystem" as the package name and an empty signature. This change is needed because the package manager currently fails to provide package details for the system context (UID 1000). Even if it did, it would be too verbose and include irrelevant packages. This is necessary for supporting key attestation for keys generated directly by KeyChain. Bug: 63388672 Test: Combined with CTS tests for the attestation feature. Change-Id: I33492ad1286709fe94b11be77e94d4effdf7566f
/system/security/keystore/include/keystore/KeyAttestationPackageInfo.h
|
18f27ade48405475ed610ee0067faa773211d598 |
|
01-Jun-2016 |
Janis Danisevskis <jdanis@google.com> |
Add attestation application id for key attestation This patch adds functionality for gathering an application id for the attestation of a key that is bound to an application in the keystore. Keystore gathers the information package name, package version, and signing certificates of the calling app from the package manager. It then DER encodes the information and appends it to attestation parameters. Bug: 22914603 Change-Id: I9fe1d8f97ee1dfa79284bcf751f86631c94d4174
/system/security/keystore/include/keystore/KeyAttestationPackageInfo.h
|