Merge "Identity: Fix breakage caused by recent changes in libsoft_attestation_cert." am: aef57a826a (fb669b9e) · Commits · e / os / android_hardware_interfaces

identity/support/src/IdentityCredentialSupport.cpp

+5 −2

Original line number	Diff line number	Diff line
		@@ -874,8 +874,11 @@ optional<vector<vector<uint8_t>>> createAttestation(

		i2d_X509_NAME(subjectName.get(), &subjectPtr);

		uint64_t nowMilliSeconds = time(nullptr) * 1000;
		::keymaster::AuthorizationSet auth_set(
		::keymaster::AuthorizationSetBuilder()
		.Authorization(::keymaster::TAG_CERTIFICATE_NOT_BEFORE, nowMilliSeconds)
		.Authorization(::keymaster::TAG_CERTIFICATE_NOT_AFTER, expireTimeMilliSeconds)
		.Authorization(::keymaster::TAG_ATTESTATION_CHALLENGE, challenge.data(),
		challenge.size())
		.Authorization(::keymaster::TAG_ACTIVE_DATETIME, activeTimeMilliSeconds)
		@@ -918,7 +921,7 @@ optional<vector<vector<uint8_t>>> createAttestation(
		// the VTS tests. Of course, this is a pretend-only game since hopefully no
		// relying party is ever going to trust our batch key and those keys above
		// it.
		::keymaster::PureSoftKeymasterContext context(::keymaster::KmVersion::KEYMASTER_4_1,
		::keymaster::PureSoftKeymasterContext context(::keymaster::KmVersion::KEYMINT_1,
		KM_SECURITY_LEVEL_TRUSTED_ENVIRONMENT);

		::keymaster::CertificateChain cert_chain_out = generate_attestation_from_EVP(
		@@ -926,7 +929,7 @@ optional<vector<vector<uint8_t>>> createAttestation(
		*attestation_signing_key, &error);

		if (KM_ERROR_OK != error) {
		LOG(ERROR) << "Error generate attestation from EVP key" << error;
		LOG(ERROR) << "Error generating attestation from EVP key: " << error;
		return {};
		}