Keystore 2.0: Fix permission check for device attestation. A permission check was missing guarding device unique attestation. Test: N/A Change-Id: I4c870f50fafacc8b1731c3fed6a846c72b035646

commit: 83116e5784473bb30494899848912268f582b2f5 [log] [tgz]
author: Janis Danisevskis <jdanis@google.com> Tue Apr 06 13:36:58 2021 -0700
committer: Janis Danisevskis <jdanis@google.com> Tue Apr 06 13:41:06 2021 -0700
tree: 9e3ad34d6ecc8b579cd5b8cddfa500ba494dce53
parent: e93d40cada3dc93b7fcc82d36cd7c3d7da2171fd [diff] [blame]
diff --git a/keystore2/src/utils.rs b/keystore2/src/utils.rs
index 7b58205..48e9bfb 100644
--- a/keystore2/src/utils.rs
+++ b/keystore2/src/utils.rs

@@ -91,7 +91,13 @@
 
 /// This function checks whether a given tag corresponds to the access of device identifiers.
 pub fn is_device_id_attestation_tag(tag: Tag) -> bool {
-    matches!(tag, Tag::ATTESTATION_ID_IMEI | Tag::ATTESTATION_ID_MEID | Tag::ATTESTATION_ID_SERIAL)
+    matches!(
+        tag,
+        Tag::ATTESTATION_ID_IMEI
+            | Tag::ATTESTATION_ID_MEID
+            | Tag::ATTESTATION_ID_SERIAL
+            | Tag::DEVICE_UNIQUE_ATTESTATION
+    )
 }
 
 /// This function checks whether the calling app has the Android permissions needed to attest device
commit	83116e5784473bb30494899848912268f582b2f5	[log] [tgz]
author	Janis Danisevskis <jdanis@google.com>	Tue Apr 06 13:36:58 2021 -0700
committer	Janis Danisevskis <jdanis@google.com>	Tue Apr 06 13:41:06 2021 -0700
tree	9e3ad34d6ecc8b579cd5b8cddfa500ba494dce53
parent	e93d40cada3dc93b7fcc82d36cd7c3d7da2171fd [diff] [blame]