| abaf4d88d8ef3061de05da7034fc28b2ba880e71 |
|
28-Dec-2017 |
Eran Messeri <eranm@google.com> |
Fix version code handling in attestation records
The version code is one of the fields included in the attestationApplicationId field
of the attestation record (tag 709).
It was converted to a 64-bit integer (returned by getLongVersionCode) in
Change-ID Ibfffe235bbfcf358b3741abd3f7197fdb063d3f3.
This broke the KeyAttestation test as the Signature array size (the 4 bytes
read after the 4 bytes that used to be the int32 indicating version code)
gets incorrectly read as zero, causing the omission of any signature info
in the attestation record produced.
This fixes the broken functionality by changing the field type in the native
code to int64_t, and the integer value in the attestation record to match.
Bug: 71021326
Test: runtest --path cts/tests/tests/keystore/src/android/keystore/cts/KeyAttestationTest.java
Change-Id: I5fe53eb75b544f307c0f419029735ca22fe2b595
/system/security/keystore/include/keystore/KeyAttestationPackageInfo.h
|
| 8845a098c91d75b3d079e9ee6aafba919f7a9c66 |
|
03-Dec-2017 |
Shawn Willden <swillden@google.com> |
Clean up #includes in keystore/include
Test: runtest --path cts/tests/tests/keystore/src/android/keystore/cts
Change-Id: I021429fcda468e87c82a426e0424320c3f0fa3e2
/system/security/keystore/include/keystore/KeyAttestationPackageInfo.h
|
| ea47d3f78bd6902e406f5faf84a5477112f10e3e |
|
06-Dec-2017 |
Eran Messeri <eranm@google.com> |
Keystore: Enable key attestation from the system context.
When key attestation is requested by the system context, indicate, in
the attestation record, that the requesting package is the system and
not a user app.
This is done by including a single package information with
"AndroidSystem" as the package name and an empty signature.
This change is needed because the package manager currently fails to
provide package details for the system context (UID 1000). Even if it did,
it would be too verbose and include irrelevant packages.
This is necessary for supporting key attestation for keys generated
directly by KeyChain.
Bug: 63388672
Test: Combined with CTS tests for the attestation feature.
Change-Id: I33492ad1286709fe94b11be77e94d4effdf7566f
/system/security/keystore/include/keystore/KeyAttestationPackageInfo.h
|
| 18f27ade48405475ed610ee0067faa773211d598 |
|
01-Jun-2016 |
Janis Danisevskis <jdanis@google.com> |
Add attestation application id for key attestation
This patch adds functionality for gathering an application id
for the attestation of a key that is bound to an application
in the keystore.
Keystore gathers the information package name, package version,
and signing certificates of the calling app from the package manager.
It then DER encodes the information and appends it to attestation
parameters.
Bug: 22914603
Change-Id: I9fe1d8f97ee1dfa79284bcf751f86631c94d4174
/system/security/keystore/include/keystore/KeyAttestationPackageInfo.h
|