Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit cf164810 authored by Tom Chan's avatar Tom Chan
Browse files

Store the entire certificate revocation list locally 

Compared to the previous approach which stores previously seen <certificate,
last-checked-date> pairs, storing the entire CRL avoids edge cases where
a rotated certificate causes an attestation failure because it is not
seen before.

Test: Manually, also atest AttestationVerificationTest:com.android.server.security.CertificateRevocationStatusManagerTest
Bug: 389088384
Flag: EXEMPT bug fix
Change-Id: Ia7ae905018d140ff76671d5eb5fc911acaa94897
parent 3cf30217
Expand all Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment