Add attestation application id for key attestation
This patch adds functionality for gathering an application id
for the attestation of a key that is bound to an application
in the keystore.
Keystore gathers the information package name, package version,
and signing certificates of the calling app from the package manager.
It then DER encodes the information and appends it to attestation
parameters.
Bug: 22914603
Change-Id: I9fe1d8f97ee1dfa79284bcf751f86631c94d4174
diff --git a/keystore/Android.mk b/keystore/Android.mk
index f17d5eb..1af8b75 100644
--- a/keystore/Android.mk
+++ b/keystore/Android.mk
@@ -32,13 +32,15 @@
blob.cpp \
entropy.cpp \
key_store_service.cpp \
+ keystore_attestation_id.cpp \
keyblob_utils.cpp \
keystore.cpp \
keystore_main.cpp \
keystore_utils.cpp \
operation.cpp \
permissions.cpp \
- user_state.cpp
+ user_state.cpp \
+ ../../../frameworks/base/core/java/android/security/keymaster/IKeyAttestationApplicationIdProvider.aidl
LOCAL_SHARED_LIBRARIES := \
libbinder \
libcutils \
@@ -59,6 +61,7 @@
LOCAL_CLANG := true
LOCAL_SANITIZE := integer
LOCAL_ADDITIONAL_DEPENDENCIES := $(LOCAL_PATH)/Android.mk
+LOCAL_AIDL_INCLUDES := frameworks/base/core/java/
include $(BUILD_EXECUTABLE)
include $(CLEAR_VARS)
@@ -97,6 +100,9 @@
LOCAL_CFLAGS := -Wall -Wextra -Werror
LOCAL_SRC_FILES := \
IKeystoreService.cpp \
+ KeyAttestationApplicationId.cpp \
+ KeyAttestationPackageInfo.cpp \
+ Signature.cpp \
keyblob_utils.cpp \
keystore_client.proto \
keystore_client_impl.cpp \