Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 501b63b0 authored by Catherine Vlasov's avatar Catherine Vlasov
Browse files

Specify the use of SHA-256 for the "verifiedBootHash". 

Bug: 309963984
Bug: 376832222
Test: n/a, comment update
Change-Id: Iab9e0f2d28ae4ab56d104cab6031783f605fee21
parent b9c1291d

security/keymint/aidl/android/hardware/security/keymint/KeyCreationResult.aidl

+3 −3
Original line number Original line Diff line number Diff line
@@ -145,9 +145,9 @@ parcelable KeyCreationResult { 
     *     verifiedBootKey            OCTET_STRING,

     *     verifiedBootKey            OCTET_STRING,

     *     deviceLocked               BOOLEAN,

     *     deviceLocked               BOOLEAN,

     *     verifiedBootState          VerifiedBootState,

     *     verifiedBootState          VerifiedBootState,

     *     # verifiedBootHash must contain 32-byte value that represents the state of all binaries

     *     # verifiedBootHash must contain a SHA-256 digest of all binaries and components validated

     *     # or other components validated by verified boot.  Updating any verified binary or

     *     # by Verified Boot. Updating any verified binary or component must cause this value to

     *     # component must cause this value to change.

     *     # change.

     *     verifiedBootHash           OCTET_STRING,

     *     verifiedBootHash           OCTET_STRING,

     * }

     * }

     *

     *