diff options
author | Android Build Coastguard Worker <android-build-coastguard-worker@google.com> | 2022-07-12 06:22:07 +0000 |
---|---|---|
committer | Android Build Coastguard Worker <android-build-coastguard-worker@google.com> | 2022-07-12 06:22:07 +0000 |
commit | 29adb77fccf3a0d2169d00201b857469cad13100 (patch) | |
tree | 427eda775c48afa86bf2219797d8a8c19fe43b0d | |
parent | f2e2f6c34142088a340dc024ae3a75e7444f6583 (diff) | |
parent | dbea77ebb5345c9ce1d84db198ae78d7b1536fe5 (diff) | |
download | security-29adb77fccf3a0d2169d00201b857469cad13100.tar.gz |
Snap for 8819924 from dbea77ebb5345c9ce1d84db198ae78d7b1536fe5 to mainline-cellbroadcast-releaseaml_cbr_331910000aml_cbr_331810000aml_cbr_331710020aml_cbr_331610010aml_cbr_331510000aml_cbr_331411000aml_cbr_331310010aml_cbr_331111030aml_cbr_331013010aml_cbr_330911010android13-mainline-cellbroadcast-release
Change-Id: I3cbe4df5d3201103125da6c8d2812b27c088bfc4
-rw-r--r-- | keystore2/src/attestation_key_utils.rs | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/keystore2/src/attestation_key_utils.rs b/keystore2/src/attestation_key_utils.rs index 8354ba5c..34089425 100644 --- a/keystore2/src/attestation_key_utils.rs +++ b/keystore2/src/attestation_key_utils.rs @@ -59,8 +59,11 @@ pub fn get_attest_key_info( db: &mut KeystoreDB, ) -> Result<Option<AttestationKeyInfo>> { let challenge_present = params.iter().any(|kp| kp.tag == Tag::ATTESTATION_CHALLENGE); + let is_device_unique_attestation = + params.iter().any(|kp| kp.tag == Tag::DEVICE_UNIQUE_ATTESTATION); match attest_key_descriptor { - None if challenge_present => rem_prov_state + // Do not select an RKP key if DEVICE_UNIQUE_ATTESTATION is present. + None if challenge_present && !is_device_unique_attestation => rem_prov_state .get_remotely_provisioned_attestation_key_and_certs(key, caller_uid, params, db) .context(concat!( "In get_attest_key_and_cert_chain: ", |