Loading core/api/test-current.txt +2 −0 Original line number Original line Diff line number Diff line Loading @@ -1698,7 +1698,9 @@ package android.os { method public static boolean is64BitAbi(String); method public static boolean is64BitAbi(String); method public static boolean isDebuggable(); method public static boolean isDebuggable(); field @Nullable public static final String BRAND_FOR_ATTESTATION; field @Nullable public static final String BRAND_FOR_ATTESTATION; field @Nullable public static final String DEVICE_FOR_ATTESTATION; field public static final boolean IS_EMULATOR; field public static final boolean IS_EMULATOR; field @Nullable public static final String MANUFACTURER_FOR_ATTESTATION; field @Nullable public static final String MODEL_FOR_ATTESTATION; field @Nullable public static final String MODEL_FOR_ATTESTATION; field @Nullable public static final String PRODUCT_FOR_ATTESTATION; field @Nullable public static final String PRODUCT_FOR_ATTESTATION; } } Loading core/java/android/os/Build.java +39 −9 Original line number Original line Diff line number Diff line Loading @@ -64,17 +64,27 @@ public class Build { /** /** * The product name for attestation. In non-default builds (like the AOSP build) the value of * The product name for attestation. In non-default builds (like the AOSP build) the value of * the 'PRODUCT' system property may be different to the one provisioned to KeyMint, * the 'PRODUCT' system property may be different to the one provisioned to KeyMint, * and Keymint attestation would still attest to the product name, it's running on. * and Keymint attestation would still attest to the product name which was provisioned. * @hide * @hide */ */ @Nullable @Nullable @TestApi @TestApi public static final String PRODUCT_FOR_ATTESTATION = public static final String PRODUCT_FOR_ATTESTATION = getVendorDeviceIdProperty("name"); getString("ro.product.name_for_attestation"); /** The name of the industrial design. */ /** The name of the industrial design. */ public static final String DEVICE = getString("ro.product.device"); public static final String DEVICE = getString("ro.product.device"); /** * The device name for attestation. In non-default builds (like the AOSP build) the value of * the 'DEVICE' system property may be different to the one provisioned to KeyMint, * and Keymint attestation would still attest to the device name which was provisioned. * @hide */ @Nullable @TestApi public static final String DEVICE_FOR_ATTESTATION = getVendorDeviceIdProperty("device"); /** The name of the underlying board, like "goldfish". */ /** The name of the underlying board, like "goldfish". */ public static final String BOARD = getString("ro.product.board"); public static final String BOARD = getString("ro.product.board"); Loading @@ -97,19 +107,29 @@ public class Build { /** The manufacturer of the product/hardware. */ /** The manufacturer of the product/hardware. */ public static final String MANUFACTURER = getString("ro.product.manufacturer"); public static final String MANUFACTURER = getString("ro.product.manufacturer"); /** * The manufacturer name for attestation. In non-default builds (like the AOSP build) the value * of the 'MANUFACTURER' system property may be different to the one provisioned to KeyMint, * and Keymint attestation would still attest to the manufacturer which was provisioned. * @hide */ @Nullable @TestApi public static final String MANUFACTURER_FOR_ATTESTATION = getVendorDeviceIdProperty("manufacturer"); /** The consumer-visible brand with which the product/hardware will be associated, if any. */ /** The consumer-visible brand with which the product/hardware will be associated, if any. */ public static final String BRAND = getString("ro.product.brand"); public static final String BRAND = getString("ro.product.brand"); /** /** * The product brand for attestation. In non-default builds (like the AOSP build) the value of * The product brand for attestation. In non-default builds (like the AOSP build) the value of * the 'BRAND' system property may be different to the one provisioned to KeyMint, * the 'BRAND' system property may be different to the one provisioned to KeyMint, * and Keymint attestation would still attest to the product brand, it's running on. * and Keymint attestation would still attest to the product brand which was provisioned. * @hide * @hide */ */ @Nullable @Nullable @TestApi @TestApi public static final String BRAND_FOR_ATTESTATION = public static final String BRAND_FOR_ATTESTATION = getVendorDeviceIdProperty("brand"); getString("ro.product.brand_for_attestation"); /** The end-user-visible name for the end product. */ /** The end-user-visible name for the end product. */ public static final String MODEL = getString("ro.product.model"); public static final String MODEL = getString("ro.product.model"); Loading @@ -117,13 +137,12 @@ public class Build { /** /** * The product model for attestation. In non-default builds (like the AOSP build) the value of * The product model for attestation. In non-default builds (like the AOSP build) the value of * the 'MODEL' system property may be different to the one provisioned to KeyMint, * the 'MODEL' system property may be different to the one provisioned to KeyMint, * and Keymint attestation would still attest to the product model, it's running on. * and Keymint attestation would still attest to the product model which was provisioned. * @hide * @hide */ */ @Nullable @Nullable @TestApi @TestApi public static final String MODEL_FOR_ATTESTATION = public static final String MODEL_FOR_ATTESTATION = getVendorDeviceIdProperty("model"); getString("ro.product.model_for_attestation"); /** The manufacturer of the device's primary system-on-chip. */ /** The manufacturer of the device's primary system-on-chip. */ @NonNull @NonNull Loading Loading @@ -1530,6 +1549,17 @@ public class Build { private static String getString(String property) { private static String getString(String property) { return SystemProperties.get(property, UNKNOWN); return SystemProperties.get(property, UNKNOWN); } } /** * Return attestation specific proerties. * @param property model, name, brand, device or manufacturer. * @return property value or UNKNOWN */ private static String getVendorDeviceIdProperty(String property) { String attestProp = getString( TextUtils.formatSimple("ro.product.%s_for_attestation", property)); return attestProp.equals(UNKNOWN) ? getString(TextUtils.formatSimple("ro.product.vendor.%s", property)) : UNKNOWN; } private static String[] getStringList(String property, String separator) { private static String[] getStringList(String property, String separator) { String value = SystemProperties.get(property); String value = SystemProperties.get(property); Loading keystore/java/android/security/keystore2/AndroidKeyStoreKeyPairGeneratorSpi.java +8 −2 Original line number Original line Diff line number Diff line Loading @@ -808,9 +808,12 @@ public abstract class AndroidKeyStoreKeyPairGeneratorSpi extends KeyPairGenerato KeymasterDefs.KM_TAG_ATTESTATION_ID_BRAND, KeymasterDefs.KM_TAG_ATTESTATION_ID_BRAND, platformReportedBrand.getBytes(StandardCharsets.UTF_8) platformReportedBrand.getBytes(StandardCharsets.UTF_8) )); )); final String platformReportedDevice = isPropertyEmptyOrUnknown(Build.DEVICE_FOR_ATTESTATION) ? Build.DEVICE : Build.DEVICE_FOR_ATTESTATION; params.add(KeyStore2ParameterUtils.makeBytes( params.add(KeyStore2ParameterUtils.makeBytes( KeymasterDefs.KM_TAG_ATTESTATION_ID_DEVICE, KeymasterDefs.KM_TAG_ATTESTATION_ID_DEVICE, Build.DEVICE.getBytes(StandardCharsets.UTF_8) platformReportedDevice.getBytes(StandardCharsets.UTF_8) )); )); final String platformReportedProduct = final String platformReportedProduct = isPropertyEmptyOrUnknown(Build.PRODUCT_FOR_ATTESTATION) isPropertyEmptyOrUnknown(Build.PRODUCT_FOR_ATTESTATION) Loading @@ -819,9 +822,12 @@ public abstract class AndroidKeyStoreKeyPairGeneratorSpi extends KeyPairGenerato KeymasterDefs.KM_TAG_ATTESTATION_ID_PRODUCT, KeymasterDefs.KM_TAG_ATTESTATION_ID_PRODUCT, platformReportedProduct.getBytes(StandardCharsets.UTF_8) platformReportedProduct.getBytes(StandardCharsets.UTF_8) )); )); final String platformReportedManufacturer = isPropertyEmptyOrUnknown(Build.MANUFACTURER_FOR_ATTESTATION) ? Build.MANUFACTURER : Build.MANUFACTURER_FOR_ATTESTATION; params.add(KeyStore2ParameterUtils.makeBytes( params.add(KeyStore2ParameterUtils.makeBytes( KeymasterDefs.KM_TAG_ATTESTATION_ID_MANUFACTURER, KeymasterDefs.KM_TAG_ATTESTATION_ID_MANUFACTURER, Build.MANUFACTURER.getBytes(StandardCharsets.UTF_8) platformReportedManufacturer.getBytes(StandardCharsets.UTF_8) )); )); final String platformReportedModel = final String platformReportedModel = isPropertyEmptyOrUnknown(Build.MODEL_FOR_ATTESTATION) isPropertyEmptyOrUnknown(Build.MODEL_FOR_ATTESTATION) Loading Loading
core/api/test-current.txt +2 −0 Original line number Original line Diff line number Diff line Loading @@ -1698,7 +1698,9 @@ package android.os { method public static boolean is64BitAbi(String); method public static boolean is64BitAbi(String); method public static boolean isDebuggable(); method public static boolean isDebuggable(); field @Nullable public static final String BRAND_FOR_ATTESTATION; field @Nullable public static final String BRAND_FOR_ATTESTATION; field @Nullable public static final String DEVICE_FOR_ATTESTATION; field public static final boolean IS_EMULATOR; field public static final boolean IS_EMULATOR; field @Nullable public static final String MANUFACTURER_FOR_ATTESTATION; field @Nullable public static final String MODEL_FOR_ATTESTATION; field @Nullable public static final String MODEL_FOR_ATTESTATION; field @Nullable public static final String PRODUCT_FOR_ATTESTATION; field @Nullable public static final String PRODUCT_FOR_ATTESTATION; } } Loading
core/java/android/os/Build.java +39 −9 Original line number Original line Diff line number Diff line Loading @@ -64,17 +64,27 @@ public class Build { /** /** * The product name for attestation. In non-default builds (like the AOSP build) the value of * The product name for attestation. In non-default builds (like the AOSP build) the value of * the 'PRODUCT' system property may be different to the one provisioned to KeyMint, * the 'PRODUCT' system property may be different to the one provisioned to KeyMint, * and Keymint attestation would still attest to the product name, it's running on. * and Keymint attestation would still attest to the product name which was provisioned. * @hide * @hide */ */ @Nullable @Nullable @TestApi @TestApi public static final String PRODUCT_FOR_ATTESTATION = public static final String PRODUCT_FOR_ATTESTATION = getVendorDeviceIdProperty("name"); getString("ro.product.name_for_attestation"); /** The name of the industrial design. */ /** The name of the industrial design. */ public static final String DEVICE = getString("ro.product.device"); public static final String DEVICE = getString("ro.product.device"); /** * The device name for attestation. In non-default builds (like the AOSP build) the value of * the 'DEVICE' system property may be different to the one provisioned to KeyMint, * and Keymint attestation would still attest to the device name which was provisioned. * @hide */ @Nullable @TestApi public static final String DEVICE_FOR_ATTESTATION = getVendorDeviceIdProperty("device"); /** The name of the underlying board, like "goldfish". */ /** The name of the underlying board, like "goldfish". */ public static final String BOARD = getString("ro.product.board"); public static final String BOARD = getString("ro.product.board"); Loading @@ -97,19 +107,29 @@ public class Build { /** The manufacturer of the product/hardware. */ /** The manufacturer of the product/hardware. */ public static final String MANUFACTURER = getString("ro.product.manufacturer"); public static final String MANUFACTURER = getString("ro.product.manufacturer"); /** * The manufacturer name for attestation. In non-default builds (like the AOSP build) the value * of the 'MANUFACTURER' system property may be different to the one provisioned to KeyMint, * and Keymint attestation would still attest to the manufacturer which was provisioned. * @hide */ @Nullable @TestApi public static final String MANUFACTURER_FOR_ATTESTATION = getVendorDeviceIdProperty("manufacturer"); /** The consumer-visible brand with which the product/hardware will be associated, if any. */ /** The consumer-visible brand with which the product/hardware will be associated, if any. */ public static final String BRAND = getString("ro.product.brand"); public static final String BRAND = getString("ro.product.brand"); /** /** * The product brand for attestation. In non-default builds (like the AOSP build) the value of * The product brand for attestation. In non-default builds (like the AOSP build) the value of * the 'BRAND' system property may be different to the one provisioned to KeyMint, * the 'BRAND' system property may be different to the one provisioned to KeyMint, * and Keymint attestation would still attest to the product brand, it's running on. * and Keymint attestation would still attest to the product brand which was provisioned. * @hide * @hide */ */ @Nullable @Nullable @TestApi @TestApi public static final String BRAND_FOR_ATTESTATION = public static final String BRAND_FOR_ATTESTATION = getVendorDeviceIdProperty("brand"); getString("ro.product.brand_for_attestation"); /** The end-user-visible name for the end product. */ /** The end-user-visible name for the end product. */ public static final String MODEL = getString("ro.product.model"); public static final String MODEL = getString("ro.product.model"); Loading @@ -117,13 +137,12 @@ public class Build { /** /** * The product model for attestation. In non-default builds (like the AOSP build) the value of * The product model for attestation. In non-default builds (like the AOSP build) the value of * the 'MODEL' system property may be different to the one provisioned to KeyMint, * the 'MODEL' system property may be different to the one provisioned to KeyMint, * and Keymint attestation would still attest to the product model, it's running on. * and Keymint attestation would still attest to the product model which was provisioned. * @hide * @hide */ */ @Nullable @Nullable @TestApi @TestApi public static final String MODEL_FOR_ATTESTATION = public static final String MODEL_FOR_ATTESTATION = getVendorDeviceIdProperty("model"); getString("ro.product.model_for_attestation"); /** The manufacturer of the device's primary system-on-chip. */ /** The manufacturer of the device's primary system-on-chip. */ @NonNull @NonNull Loading Loading @@ -1530,6 +1549,17 @@ public class Build { private static String getString(String property) { private static String getString(String property) { return SystemProperties.get(property, UNKNOWN); return SystemProperties.get(property, UNKNOWN); } } /** * Return attestation specific proerties. * @param property model, name, brand, device or manufacturer. * @return property value or UNKNOWN */ private static String getVendorDeviceIdProperty(String property) { String attestProp = getString( TextUtils.formatSimple("ro.product.%s_for_attestation", property)); return attestProp.equals(UNKNOWN) ? getString(TextUtils.formatSimple("ro.product.vendor.%s", property)) : UNKNOWN; } private static String[] getStringList(String property, String separator) { private static String[] getStringList(String property, String separator) { String value = SystemProperties.get(property); String value = SystemProperties.get(property); Loading
keystore/java/android/security/keystore2/AndroidKeyStoreKeyPairGeneratorSpi.java +8 −2 Original line number Original line Diff line number Diff line Loading @@ -808,9 +808,12 @@ public abstract class AndroidKeyStoreKeyPairGeneratorSpi extends KeyPairGenerato KeymasterDefs.KM_TAG_ATTESTATION_ID_BRAND, KeymasterDefs.KM_TAG_ATTESTATION_ID_BRAND, platformReportedBrand.getBytes(StandardCharsets.UTF_8) platformReportedBrand.getBytes(StandardCharsets.UTF_8) )); )); final String platformReportedDevice = isPropertyEmptyOrUnknown(Build.DEVICE_FOR_ATTESTATION) ? Build.DEVICE : Build.DEVICE_FOR_ATTESTATION; params.add(KeyStore2ParameterUtils.makeBytes( params.add(KeyStore2ParameterUtils.makeBytes( KeymasterDefs.KM_TAG_ATTESTATION_ID_DEVICE, KeymasterDefs.KM_TAG_ATTESTATION_ID_DEVICE, Build.DEVICE.getBytes(StandardCharsets.UTF_8) platformReportedDevice.getBytes(StandardCharsets.UTF_8) )); )); final String platformReportedProduct = final String platformReportedProduct = isPropertyEmptyOrUnknown(Build.PRODUCT_FOR_ATTESTATION) isPropertyEmptyOrUnknown(Build.PRODUCT_FOR_ATTESTATION) Loading @@ -819,9 +822,12 @@ public abstract class AndroidKeyStoreKeyPairGeneratorSpi extends KeyPairGenerato KeymasterDefs.KM_TAG_ATTESTATION_ID_PRODUCT, KeymasterDefs.KM_TAG_ATTESTATION_ID_PRODUCT, platformReportedProduct.getBytes(StandardCharsets.UTF_8) platformReportedProduct.getBytes(StandardCharsets.UTF_8) )); )); final String platformReportedManufacturer = isPropertyEmptyOrUnknown(Build.MANUFACTURER_FOR_ATTESTATION) ? Build.MANUFACTURER : Build.MANUFACTURER_FOR_ATTESTATION; params.add(KeyStore2ParameterUtils.makeBytes( params.add(KeyStore2ParameterUtils.makeBytes( KeymasterDefs.KM_TAG_ATTESTATION_ID_MANUFACTURER, KeymasterDefs.KM_TAG_ATTESTATION_ID_MANUFACTURER, Build.MANUFACTURER.getBytes(StandardCharsets.UTF_8) platformReportedManufacturer.getBytes(StandardCharsets.UTF_8) )); )); final String platformReportedModel = final String platformReportedModel = isPropertyEmptyOrUnknown(Build.MODEL_FOR_ATTESTATION) isPropertyEmptyOrUnknown(Build.MODEL_FOR_ATTESTATION) Loading
