diff options
author | Subrahmanya Manikanta Venkateswarlu Bhamidipati Kameswara Sri <subrahmanyaman@google.com> | 2024-03-06 23:45:10 +0000 |
---|---|---|
committer | Subrahmanya Manikanta Venkateswarlu Bhamidipati Kameswara Sri <subrahmanyaman@google.com> | 2024-03-06 23:45:10 +0000 |
commit | 86e11ea3b714b78da4ba7acea16bf2b52734a201 (patch) | |
tree | 22850b2a3074e82b559ffaa28814f4fd0b2cfc6c | |
parent | 2765610a0c354d4538abf517fbc71c36ebb4383f (diff) | |
download | libese-86e11ea3b714b78da4ba7acea16bf2b52734a201.tar.gz |
2nd IMEI attestation may be used independently.
The tag for the 2nd IMEI must denote an IMEI different to
the tag used for the first IMEI, and may be used independently of it.
Bug: 264979486
Test: run vts -m VtsAidlKeyMintTarget
Change-Id: I3b03bbf1e6d0fb3e08de0b68b05dec250d5c51c4
-rw-r--r-- | ready_se/google/keymint/KM300/Applet/src/com/android/javacard/keymaster/KMKeymasterApplet.java | 22 |
1 files changed, 0 insertions, 22 deletions
diff --git a/ready_se/google/keymint/KM300/Applet/src/com/android/javacard/keymaster/KMKeymasterApplet.java b/ready_se/google/keymint/KM300/Applet/src/com/android/javacard/keymaster/KMKeymasterApplet.java index 78ea201..a05798c 100644 --- a/ready_se/google/keymint/KM300/Applet/src/com/android/javacard/keymaster/KMKeymasterApplet.java +++ b/ready_se/google/keymint/KM300/Applet/src/com/android/javacard/keymaster/KMKeymasterApplet.java @@ -4202,17 +4202,6 @@ public class KMKeymasterApplet extends Applet implements AppletEvent, ExtendedLe data[CERTIFICATE] = KMArray.instance((short) 0); // by default the cert is empty. data[ORIGIN] = KMType.IMPORTED; - // ID_IMEI should be present if ID_SECOND_IMEI is present - short attIdTag = - KMKeyParameters.findTag( - KMType.BYTES_TAG, KMType.ATTESTATION_ID_SECOND_IMEI, data[KEY_PARAMETERS]); - if (attIdTag != KMType.INVALID_VALUE) { - KMTag.assertPresence( - data[KEY_PARAMETERS], - KMType.BYTES_TAG, - KMType.ATTESTATION_ID_IMEI, - KMError.CANNOT_ATTEST_IDS); - } importKey(apdu, keyFmt, scratchPad); } @@ -4690,17 +4679,6 @@ public class KMKeymasterApplet extends Applet implements AppletEvent, ExtendedLe KMException.throwIt(KMError.UNSUPPORTED_TAG); } - // ID_IMEI should be present if ID_SECOND_IMEI is present - short attIdTag = - KMKeyParameters.findTag( - KMType.BYTES_TAG, KMType.ATTESTATION_ID_SECOND_IMEI, data[KEY_PARAMETERS]); - if (attIdTag != KMType.INVALID_VALUE) { - KMTag.assertPresence( - data[KEY_PARAMETERS], - KMType.BYTES_TAG, - KMType.ATTESTATION_ID_IMEI, - KMError.CANNOT_ATTEST_IDS); - } short attKeyPurpose = KMKeyParameters.findTag(KMType.ENUM_ARRAY_TAG, KMType.PURPOSE, data[KEY_PARAMETERS]); |