Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / frameworks / base / da05c80d6b8b95ef77059adc114009b75e14f535
commitda05c80d6b8b95ef77059adc114009b75e14f535[log] [tgz]
authorEran Messeri <eranm@google.com>Wed Sep 04 11:35:50 2019 +0100
committerEran Messeri <eranm@google.com>Tue Sep 24 18:14:05 2019 +0100
tree81ee3458cb57a8001889361625601cca604fad9c
parentefb5b79fcd4bbecbac0e803623a3037d02750da8 [diff]
API for individual attestation

Introduce a new API to request use of individual attestation
certificate for attesting keys generated by the
DevicePolicyManager.generateKeyPair method.

It builds on existing device ID attestation capabilities in two ways:
(1) Eligibility check: Assuming similar privacy requirements for the use
    of individual attestation certificates, enforce the same conditions
    for using them as the conditions for requesting device identifiers
    in the attestation record.
(2) Keymaster interaction: Passing the right Keymaster tag to the
    attestKey call, which is easily done in AttestationUtils.

Bug: 136494773
Test: CTS test to be added.
Change-Id: Idb5cee66d986a521c17e1955532d0bfae66c035d
7 files changed
tree: 81ee3458cb57a8001889361625601cca604fad9c
  1. apct-tests/
  2. apex/
  3. api/
  4. cmds/
  5. config/
  6. core/
  7. data/
  8. docs/
  9. drm/
  10. graphics/
  11. keystore/
  12. libs/
  13. location/
  14. lowpan/
  15. media/
  16. native/
  17. nfc-extras/
  18. obex/
  19. opengl/
  20. packages/
  21. proto/
  22. rs/
  23. samples/
  24. sax/
  25. services/
  26. startop/
  27. telecomm/
  28. telephony/
  29. test-base/
  30. test-legacy/
  31. test-mock/
  32. test-runner/
  33. tests/
  34. tools/
  35. wifi/
  36. .gitignore
  37. .mailmap
  38. Android.bp
  39. Android.mk
  40. CleanSpec.mk
  41. jarjar_rules_hidl.txt
  42. MODULE_LICENSE_APACHE2
  43. NOTICE
  44. pathmap.mk
  45. PREUPLOAD.cfg