Merge "Keystore: Attestation fix in non AOSP builds"
diff --git a/keystore/java/android/security/keystore2/AndroidKeyStoreKeyPairGeneratorSpi.java b/keystore/java/android/security/keystore2/AndroidKeyStoreKeyPairGeneratorSpi.java
index 4715045..c1f6c29 100644
--- a/keystore/java/android/security/keystore2/AndroidKeyStoreKeyPairGeneratorSpi.java
+++ b/keystore/java/android/security/keystore2/AndroidKeyStoreKeyPairGeneratorSpi.java
@@ -801,7 +801,8 @@
));
if (mSpec.isDevicePropertiesAttestationIncluded()) {
- final String platformReportedBrand = TextUtils.isEmpty(Build.BRAND_FOR_ATTESTATION)
+ final String platformReportedBrand =
+ isPropertyEmptyOrUnknown(Build.BRAND_FOR_ATTESTATION)
? Build.BRAND : Build.BRAND_FOR_ATTESTATION;
params.add(KeyStore2ParameterUtils.makeBytes(
KeymasterDefs.KM_TAG_ATTESTATION_ID_BRAND,
@@ -812,8 +813,8 @@
Build.DEVICE.getBytes(StandardCharsets.UTF_8)
));
final String platformReportedProduct =
- TextUtils.isEmpty(Build.PRODUCT_FOR_ATTESTATION) ? Build.PRODUCT :
- Build.PRODUCT_FOR_ATTESTATION;
+ isPropertyEmptyOrUnknown(Build.PRODUCT_FOR_ATTESTATION)
+ ? Build.PRODUCT : Build.PRODUCT_FOR_ATTESTATION;
params.add(KeyStore2ParameterUtils.makeBytes(
KeymasterDefs.KM_TAG_ATTESTATION_ID_PRODUCT,
platformReportedProduct.getBytes(StandardCharsets.UTF_8)
@@ -822,7 +823,8 @@
KeymasterDefs.KM_TAG_ATTESTATION_ID_MANUFACTURER,
Build.MANUFACTURER.getBytes(StandardCharsets.UTF_8)
));
- final String platformReportedModel = TextUtils.isEmpty(Build.MODEL_FOR_ATTESTATION)
+ final String platformReportedModel =
+ isPropertyEmptyOrUnknown(Build.MODEL_FOR_ATTESTATION)
? Build.MODEL : Build.MODEL_FOR_ATTESTATION;
params.add(KeyStore2ParameterUtils.makeBytes(
KeymasterDefs.KM_TAG_ATTESTATION_ID_MODEL,
@@ -1227,4 +1229,8 @@
result.retainAll(authorizedKeymasterKeyDigests);
return result;
}
+
+ private boolean isPropertyEmptyOrUnknown(String property) {
+ return TextUtils.isEmpty(property) || property.equals(Build.UNKNOWN);
+ }
}