Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 51471dcf authored by Hasini Gunasinghe's avatar Hasini Gunasinghe Committed by Gerrit Code Review
Browse files

Merge "Challenge is expected in timestamp token in case 2"

parents c4f05e81 77819bb9

security/keymint/aidl/android/hardware/security/keymint/IKeyMintOperation.aidl

+2 −5
Original line number Diff line number Diff line
@@ -126,8 +126,8 @@ interface IKeyMintOperation { 
     *

     *   o The HMAC field must validate correctly.

     *

     *   o The challenge field in the auth token must contain the challenge value contained in the

     *     BeginResult returned from IKeyMintDevice::begin().

     *   o The challenge field in the timestamp token must contain the challenge value contained in

     *     the BeginResult returned from IKeyMintDevice::begin().

     *

     * The resulting secure time value is then used to authenticate the HardwareAuthToken. For the

     * auth token to be valid, all of the following has to be true:
@@ -139,9 +139,6 @@ interface IKeyMintOperation { 
     *

     *   o The key must have a Tag::USER_AUTH_TYPE that matches the auth type in the token.

     *

     *   o The challenge field in the auth token must contain the challenge value contained in the

     *     BeginResult returned from IKeyMintDevice::begin().

     *

     *   o The timestamp in the auth token plus the value of the Tag::AUTH_TIMEOUT must be greater

     *     than the provided secure timestamp.