Gitiles
Code Review Sign In
review.blissroms.org / platform_system_keymaster / e104f386b29d191c698d1df2d2c266a2a9f3a452
commite104f386b29d191c698d1df2d2c266a2a9f3a452[log] [tgz]
authorDavid Drysdale <drysdale@google.com>Wed Oct 13 10:19:38 2021 +0100
committerDavid Drysdale <drysdale@google.com>Mon Oct 18 15:29:32 2021 +0100
tree1e0457d7fa78a65ab7e3b3f59ad3f146604c32df
parent44ed723c4b4e68be9085613cf55af29138df5325 [diff]
Improve UNIQUE_ID generation

 - Remove unused generate_unique_id() function.
 - Fix unique ID generation code to use ATTESTATION_APPLICATION_ID
   rather than APPLICATION_ID.
 - Add km_openssl helper functions to build a UNIQUE_ID value from the
   inputs and an HBK value for the HMAC-SHA256 function.
 - Treat Tag::INCLUDE_UNIQUE_ID as a key generation parameter, similar
   to the various ATTESTATION_ID_* tags.

Individual KeyMint implementations still need to provide an
implementation of AttestationContext::GenerateUniqueId(), but that
implementation can be a one-line invocation of
keymaster::generate_unique_id() using a suitable HBK.

Bug: 202487002
Test: VtsAidlKeyMintTargetTest
Change-Id: I3eb8cf22cf52a6d5c7a085ae497500800ecd5438
4 files changed
tree: 1e0457d7fa78a65ab7e3b3f59ad3f146604c32df
  1. android_keymaster/
  2. contexts/
  3. cppcose/
  4. include/
  5. key_blob_utils/
  6. km_openssl/
  7. legacy_support/
  8. ng/
  9. tests/
  10. .clang-format
  11. .gitignore
  12. Android.bp
  13. km0_sw_rsa_512.blob
  14. km1_sw_ecdsa_256.blob
  15. km1_sw_rsa_512.blob
  16. km1_sw_rsa_512_unversioned.blob
  17. METADATA
  18. MODULE_LICENSE_APACHE2
  19. NOTICE
  20. OWNERS
  21. PREUPLOAD.cfg
  22. sw_rsa_attest_root.key.pem
  23. valgrind.supp