Use TEE keymaster for ID attestation.android-9.0.0_r30android-9.0.0_r22android-9.0.0_r21android-9.0.0_r20android-9.0.0_r19android-9.0.0_r16pie-qpr1-s3-releasepie-qpr1-s2-releasepie-qpr1-s1-releasepie-qpr1-releasepie-dr1-dev

Since it was introduced, ID attestation has always been performed by
the TEE keymaster, because it was the only one.  When StrongBox
support was added, it became necessary to select which of the two
keymaster instances to use.  There is no API for the caller to be able
to choose which one to use in this case.  The decision was made to use
the strongest keymaster instance available, favoring StrongBox over
TEE if available.  However, StrongBox instances are much slower, and
we should not impose this additional latency on clients who did not
request it.  Also, the decision to use StrongBox doesn't fit the goals
of the OEM Unlock protocol, which relies on ID attestation.

This CL changes ID attestation so that it always uses the TEE
keymaster instance, ignoring StrongBox if available.  In the future,
we'll provide a way for the client to select StrongBox if they want
it.

Bug: 110834325
Test: Keystore CTS tests
Change-Id: Idec1d83e42a2d283b0521ff4699ab62b84d419ec

1 files changed, 2 insertions, 4 deletions

diff --git a/keystore/key_store_service.cpp b/keystore/key_store_service.cpp
index 2a75c45b..c8310853 100644
--- a/keystore/key_store_service.cpp
+++ b/keystore/key_store_service.cpp
@@ -1708,11 +1708,9 @@ KeyStoreService::attestDeviceIds(const KeymasterArguments& params,
     }
 
     // Generate temporary key.
-    sp<Keymaster> dev;
-    SecurityLevel securityLevel;
-    std::tie(dev, securityLevel) = mKeyStore->getMostSecureDevice();
+    sp<Keymaster> dev = mKeyStore->getDevice(SecurityLevel::TRUSTED_ENVIRONMENT);
 
-    if (securityLevel == SecurityLevel::SOFTWARE) {
+    if (!dev) {
         *aidl_return = static_cast<int32_t>(ResponseCode::SYSTEM_ERROR);
         return Status::ok();
     }