Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / packages / apps / KeyChain / 643e481306e1cfbea7161128fcb094387a89f637^1..643e481306e1cfbea7161128fcb094387a89f637 / .
commit643e481306e1cfbea7161128fcb094387a89f637[log] [tgz]
authorandroid-build-team Robot <android-build-team-robot@google.com>Sun Jan 07 08:29:29 2018 +0000
committerandroid-build-team Robot <android-build-team-robot@google.com>Sun Jan 07 08:29:29 2018 +0000
tree11bd87bf85aaed1b3e30ade384c892bc5c9c05ab
parent64b3701ba8b7ad341a5abf7bff4e33afc7c34ace [diff]
parent41bf13d9bda52ddee6ba2959a7f92babeb127257 [diff]
Snap for 4531101 from 41bf13d9bda52ddee6ba2959a7f92babeb127257 to pi-release

Change-Id: I960bbdae5298378cdfd6a4ae64fcdad45a61625c

diff --git a/robotests/Android.mk b/robotests/Android.mk
index a6b854f..6165044 100644
--- a/robotests/Android.mk
+++ b/robotests/Android.mk

@@ -14,7 +14,7 @@
 
 LOCAL_JAVA_LIBRARIES := \
     junit \
-    platform-robolectric-3.5.1-prebuilt \
+    platform-robolectric-3.6.1-prebuilt \
     telephony-common
 
 LOCAL_INSTRUMENTATION_FOR := KeyChain
@@ -42,4 +42,4 @@
 
 LOCAL_ROBOTEST_TIMEOUT := 36000
 
-include prebuilts/misc/common/robolectric/3.5.1/run_robotests.mk
+include prebuilts/misc/common/robolectric/3.6.1/run_robotests.mk

diff --git a/src/com/android/keychain/KeyChainService.java b/src/com/android/keychain/KeyChainService.java
index 3f695fe..4ce8378 100644
--- a/src/com/android/keychain/KeyChainService.java
+++ b/src/com/android/keychain/KeyChainService.java

@@ -39,6 +39,8 @@
 import android.security.keymaster.KeymasterCertificateChain;
 import android.security.keymaster.KeymasterDefs;
 import android.security.KeyStore;
+import android.security.keystore.AttestationUtils;
+import android.security.keystore.DeviceIdAttestationException;
 import android.security.keystore.KeyGenParameterSpec;
 import android.security.keystore.ParcelableKeyGenParameterSpec;
 import android.text.TextUtils;
@@ -89,6 +91,7 @@
         private final KeyStore mKeyStore = KeyStore.getInstance();
         private final TrustedCertificateStore mTrustedCertificateStore
                 = new TrustedCertificateStore();
+        private final Context mContext = KeyChainService.this;
 
         @Override
         public String requestPrivateKey(String alias) {
@@ -163,6 +166,7 @@
 
         @Override public boolean attestKey(
                 String alias, byte[] attestationChallenge,
+                int[] idAttestationFlags,
                 KeymasterCertificateChain attestationChain) {
             checkSystemCaller();
             validateAlias(alias);
@@ -172,8 +176,14 @@
                 return false;
             }
 
-            KeymasterArguments attestArgs = new KeymasterArguments();
-            attestArgs.addBytes(KeymasterDefs.KM_TAG_ATTESTATION_CHALLENGE, attestationChallenge);
+            final KeymasterArguments attestArgs;
+            try {
+                attestArgs = AttestationUtils.prepareAttestationArguments(
+                        mContext, idAttestationFlags, attestationChallenge);
+            } catch (DeviceIdAttestationException e) {
+                Log.e(TAG, "Failed collecting attestation data", e);
+                return false;
+            }
             final String keystoreAlias = Credentials.USER_PRIVATE_KEY + alias;
             final int errorCode = mKeyStore.attestKey(keystoreAlias, attestArgs, attestationChain);
             return errorCode == KeyStore.NO_ERROR;