Clarify where unhashed module info can be found Bug: 369375199 Test: n/a Change-Id: Ibfc7c1f5ec78ec1d97ef475d6e79e9862896f6cd

commit: fd3f0312b58b595b869f71aa93788d2f4e01cd52 [log] [tgz]
author: Karuna Wadhera <kwadhera@google.com> Tue Jan 07 18:47:31 2025 +0000
committer: Karuna Wadhera <kwadhera@google.com> Tue Jan 07 18:47:31 2025 +0000
tree: 5425b7054a0d60e27e99b5a9e64ff1c8458366d2
parent: d9ab2c015c0640d06174c021343c23f1d5326553 [diff]
diff --git a/security/keymint/aidl/android/hardware/security/keymint/Tag.aidl b/security/keymint/aidl/android/hardware/security/keymint/Tag.aidl
index e56c193..7ea5f5d 100644
--- a/security/keymint/aidl/android/hardware/security/keymint/Tag.aidl
+++ b/security/keymint/aidl/android/hardware/security/keymint/Tag.aidl

@@ -904,6 +904,9 @@
      * Tag::MODULE_HASH specifies the SHA-256 hash of the DER-encoded module information (see
      * KeyCreationResult.aidl for the ASN.1 schema).
      *
+     * KeyStore clients can retrieve the unhashed DER-encoded module information from Android
+     * via KeyStoreManager.getSupplementaryAttestationInfo.
+     *
      * This tag is never provided or returned from KeyMint in the key characteristics. It exists
      * only to define the tag for use in the attestation record.
      *
commit	fd3f0312b58b595b869f71aa93788d2f4e01cd52	[log] [tgz]
author	Karuna Wadhera <kwadhera@google.com>	Tue Jan 07 18:47:31 2025 +0000
committer	Karuna Wadhera <kwadhera@google.com>	Tue Jan 07 18:47:31 2025 +0000
tree	5425b7054a0d60e27e99b5a9e64ff1c8458366d2
parent	d9ab2c015c0640d06174c021343c23f1d5326553 [diff]