Evolution-x/hardware_interfaces
1
0
Fork 0
mirror of https://github.com/Evolution-X/hardware_interfaces synced 2026-02-01 16:50:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge "Updated the description on Root of Trust Binding."

Browse Source
This commit is contained in:
Treehugger Robot
2022-05-09 16:36:54 +00:00
committed by Gerrit Code Review
parent e003ed061b 0f5953556c
commit 0ba8531279
1 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
security/keymint/aidl/android/hardware/security/keymint/IKeyMintDevice.aidl
View File

@@ -196,12 +196,12 @@ import android.hardware.security.secureclock.TimeStampToken;
* derive a key that is used to encrypt the private/secret key material.
*
* The root of trust consists of a bitstring that must be derived from the public key used by
* Verified Boot to verify the signature on the boot image and from the lock state of the
* device. If the public key is changed to allow a different system image to be used or if the
* lock state is changed, then all of the IKeyMintDevice-protected keys created by the previous
* system state must be unusable, unless the previous state is restored. The goal is to increase
* the value of the software-enforced key access controls by making it impossible for an attacker-
* installed operating system to use IKeyMintDevice keys.
* Verified Boot to verify the signature on the boot image, from the lock state and from the
* Verified Boot state of the device. If the public key is changed to allow a different system
* image to be used or if the lock state is changed, then all of the IKeyMintDevice-protected keys
* created by the previous system state must be unusable, unless the previous state is restored.
* The goal is to increase the value of the software-enforced key access controls by making it
* impossible for an attacker-installed operating system to use IKeyMintDevice keys.
*
* == Version Binding ==
*