Merge tag 'android-15.0.0_r6' of https://android.googlesource.com/platform/system/security into HEAD
Android 15.0.0 Release 6 (AP4A.241205.013)
Change-Id: Ia5918a4ebb92f6c2417f5a80a61baab25d3f13e4
# -----BEGIN PGP SIGNATURE-----
#
# iF0EABECAB0WIQRDQNE1cO+UXoOBCWTorT+BmrEOeAUCZ1IsswAKCRDorT+BmrEO
# eJZZAJ9FJl7mAYHefxQe6QOZft7eMd+3SACgiZkPu1NOHxJRom6RPgjIeQUF9w8=
# =Humq
# -----END PGP SIGNATURE-----
# gpg: Signature faite le jeu 05 déc 2024 17:44:03 EST
# gpg: avec la clef DSA 4340D13570EF945E83810964E8AD3F819AB10E78
# gpg: Impossible de vérifier la signature : Pas de clef publique
diff --git a/keystore2/src/km_compat/km_compat.cpp b/keystore2/src/km_compat/km_compat.cpp
index e9ff1ff..be3ba18 100644
--- a/keystore2/src/km_compat/km_compat.cpp
+++ b/keystore2/src/km_compat/km_compat.cpp
@@ -59,6 +59,8 @@
using namespace std::chrono_literals;
using std::chrono::duration_cast;
+static const KMV1::Tag KM_TAG_FBE_ICE = static_cast<KMV1::Tag>((7 << 28) | 16201);
+
// Utility functions
// Returns true if this parameter may be passed to attestKey.
@@ -484,6 +486,18 @@
auto legacyKeyGenParams = convertKeyParametersToLegacy(extractGenerationParams(inKeyParams));
KMV1::ErrorCode errorCode;
+
+ for (const auto& keyParam : inKeyParams) {
+ if((int32_t)keyParam.tag==(int32_t)KM_TAG_FBE_ICE) {
+ android::hardware::keymaster::V4_0::KeyParameter param1;
+ param1.tag = static_cast<::android::hardware::keymaster::V4_0::Tag>
+ (android::hardware::keymaster::V4_0::KM_TAG_FBE_ICE);
+ param1.f.boolValue = true;
+ legacyKeyGenParams.push_back(param1);
+ break;
+ }
+ }
+
auto result = mDevice->generateKey(
legacyKeyGenParams, [&](V4_0_ErrorCode error, const hidl_vec<uint8_t>& keyBlob,
const V4_0_KeyCharacteristics& keyCharacteristics) {