Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit e2c58bf9 authored by Dave McCloskey's avatar Dave McCloskey Committed by Automerger Merge Worker
Browse files

Merge "Enforce USE_ATTESTATION_VERIFICATION_SERVICE permission to call APIs."... 

Merge "Enforce USE_ATTESTATION_VERIFICATION_SERVICE permission to call APIs." into tm-dev am: 43181611

Original change: https://googleplex-android-review.googlesource.com/c/platform/frameworks/base/+/18494488



Change-Id: I56dbf499c72a293870ddacd157178f9013fa8343
Signed-off-by: default avatarAutomerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
parents 8f6248af 43181611

services/core/java/com/android/server/security/AttestationVerificationManagerService.java

+7 −0
Original line number Diff line number Diff line
@@ -16,6 +16,7 @@ 


package com.android.server.security;



import static android.Manifest.permission.USE_ATTESTATION_VERIFICATION_SERVICE;

import static android.security.attestationverification.AttestationVerificationManager.PROFILE_PEER_DEVICE;

import static android.security.attestationverification.AttestationVerificationManager.PROFILE_SELF_TRUSTED;

import static android.security.attestationverification.AttestationVerificationManager.RESULT_FAILURE;
@@ -60,6 +61,7 @@ public class AttestationVerificationManagerService extends SystemService { 
                Bundle requirements,

                byte[] attestation,

                AndroidFuture resultCallback) throws RemoteException {

            enforceUsePermission();

            try {

                Slog.d(TAG, "verifyAttestation");

                verifyAttestationForAllVerifiers(profile, localBindingType, requirements,
@@ -73,9 +75,14 @@ public class AttestationVerificationManagerService extends SystemService { 
        @Override

        public void verifyToken(VerificationToken token, ParcelDuration parcelDuration,

                AndroidFuture resultCallback) throws RemoteException {

            enforceUsePermission();

            // TODO(b/201696614): Implement

            resultCallback.complete(RESULT_UNKNOWN);

        }



        private void enforceUsePermission() {

            getContext().enforceCallingOrSelfPermission(USE_ATTESTATION_VERIFICATION_SERVICE, null);

        }

    };



    private void verifyAttestationForAllVerifiers(