Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit f05dcc4c authored by Treehugger Robot's avatar Treehugger Robot Committed by Automerger Merge Worker
Browse files

Merge "Identity: Fix breakage caused by recent changes in... 

Merge "Identity: Fix breakage caused by recent changes in libsoft_attestation_cert." am: aef57a82 am: fb669b9e

Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/1584471

MUST ONLY BE SUBMITTED BY AUTOMERGER

Change-Id: Iae7a3c70e790f1211c4ce7c7de6f2df69106b07a
parents 999ab57d fb669b9e

identity/support/src/IdentityCredentialSupport.cpp

+5 −2
Original line number Original line Diff line number Diff line
@@ -874,8 +874,11 @@ optional<vector<vector<uint8_t>>> createAttestation( 




    i2d_X509_NAME(subjectName.get(), &subjectPtr);

    i2d_X509_NAME(subjectName.get(), &subjectPtr);





    uint64_t nowMilliSeconds = time(nullptr) * 1000;

    ::keymaster::AuthorizationSet auth_set(

    ::keymaster::AuthorizationSet auth_set(

            ::keymaster::AuthorizationSetBuilder()

            ::keymaster::AuthorizationSetBuilder()

                    .Authorization(::keymaster::TAG_CERTIFICATE_NOT_BEFORE, nowMilliSeconds)

                    .Authorization(::keymaster::TAG_CERTIFICATE_NOT_AFTER, expireTimeMilliSeconds)

                    .Authorization(::keymaster::TAG_ATTESTATION_CHALLENGE, challenge.data(),

                    .Authorization(::keymaster::TAG_ATTESTATION_CHALLENGE, challenge.data(),

                                   challenge.size())

                                   challenge.size())

                    .Authorization(::keymaster::TAG_ACTIVE_DATETIME, activeTimeMilliSeconds)

                    .Authorization(::keymaster::TAG_ACTIVE_DATETIME, activeTimeMilliSeconds)
@@ -918,7 +921,7 @@ optional<vector<vector<uint8_t>>> createAttestation( 
    // the VTS tests. Of course, this is a pretend-only game since hopefully no

    // the VTS tests. Of course, this is a pretend-only game since hopefully no

    // relying party is ever going to trust our batch key and those keys above

    // relying party is ever going to trust our batch key and those keys above

    // it.

    // it.

    ::keymaster::PureSoftKeymasterContext context(::keymaster::KmVersion::KEYMASTER_4_1,

    ::keymaster::PureSoftKeymasterContext context(::keymaster::KmVersion::KEYMINT_1,

                                                  KM_SECURITY_LEVEL_TRUSTED_ENVIRONMENT);

                                                  KM_SECURITY_LEVEL_TRUSTED_ENVIRONMENT);





    ::keymaster::CertificateChain cert_chain_out = generate_attestation_from_EVP(

    ::keymaster::CertificateChain cert_chain_out = generate_attestation_from_EVP(
@@ -926,7 +929,7 @@ optional<vector<vector<uint8_t>>> createAttestation( 
            *attestation_signing_key, &error);

            *attestation_signing_key, &error);





    if (KM_ERROR_OK != error) {

    if (KM_ERROR_OK != error) {

        LOG(ERROR) << "Error generate attestation from EVP key" << error;

        LOG(ERROR) << "Error generating attestation from EVP key: " << error;

        return {};

        return {};

    }

    }