Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_security / 314845dc8f0c9ffed4aa93c0439abafff19e7324
commit314845dc8f0c9ffed4aa93c0439abafff19e7324[log] [tgz]
authorAlan Stokes <alanstokes@google.com>Mon Jun 14 15:28:39 2021 +0100
committerAlan Stokes <alanstokes@google.com>Mon Jun 14 18:02:52 2021 +0100
treed7d89e54483d7f17eb68cd938771e510aee8da96
parentbfd2ec0404f8f595f6d4ceb66776dcda4794048e [diff]
Add (fake) CompOS key verification.

If we have a persisted key blob and public key for CompOS, but no
cert, then get CompOS to verify that they are genuine. If so, we can
generate a new cert for the public key. Otherwise we fall back to
generating a new keypair.

Once again I have made a few unrelated changes as I understand things
better.

Bug: 190166662
Test: Presubmit
Test: Manual - various valid & missing/invalid files.
Change-Id: I1bcb7f89698c103f413bdb899026bfd2578447db
4 files changed
tree: d7d89e54483d7f17eb68cd938771e510aee8da96
  1. fsverity_init/
  2. identity/
  3. keystore/
  4. keystore-engine/
  5. keystore2/
  6. ondevice-signing/
  7. provisioner/
  8. rustfmt.toml ⇨ ../../build/soong/scripts/rustfmt.toml
  9. .clang-format
  10. .gitignore
  11. Android.bp
  12. METADATA
  13. MODULE_LICENSE_APACHE2
  14. NOTICE
  15. OWNERS
  16. PREUPLOAD.cfg