diff options
author | Seth Moore <sethmo@google.com> | 2022-04-13 15:31:02 -0700 |
---|---|---|
committer | Seth Moore <sethmo@google.com> | 2022-04-13 15:31:02 -0700 |
commit | 8c06c3e872ed893dbde5c58a5a1424bbd48ab80d (patch) | |
tree | 9a865e336f30021a941b039af3644a4ea1886319 | |
parent | 4e005bddd1120c5c5fd867450eeeefad232a6776 (diff) | |
download | security-8c06c3e872ed893dbde5c58a5a1424bbd48ab80d.tar.gz |
Fix unique id attestation on devices with keymaster
The wrong tag was included in the km_compat layer filter code for
key generation tags. This prevented the INCLUDE_UNIQUE_ID tag from
being passed to keymaster, breaking unique id attestation on platforms
with keymaster (keymint functionality was correct).
Test: KeyAttestationTest
Fixes: 228851969
Change-Id: I81ef55bb92c9869102a741e64375b883c3443224
-rw-r--r-- | keystore2/src/km_compat/km_compat.cpp | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/keystore2/src/km_compat/km_compat.cpp b/keystore2/src/km_compat/km_compat.cpp index 192f4455..6d0630b4 100644 --- a/keystore2/src/km_compat/km_compat.cpp +++ b/keystore2/src/km_compat/km_compat.cpp @@ -126,7 +126,7 @@ bool isKeyCreationParameter(const KMV1::KeyParameter& param) { case Tag::TRUSTED_CONFIRMATION_REQUIRED: case Tag::UNLOCKED_DEVICE_REQUIRED: case Tag::CREATION_DATETIME: - case Tag::UNIQUE_ID: + case Tag::INCLUDE_UNIQUE_ID: case Tag::IDENTITY_CREDENTIAL_KEY: case Tag::STORAGE_KEY: case Tag::MAC_LENGTH: |