From 994c65e5bc90822f18a185502a6d553c06bdaa6b Mon Sep 17 00:00:00 2001
From: Shawn Willden <swillden@google.com>
Date: Wed, 1 Apr 2020 13:54:33 -0600
Subject: [PATCH] Fixed encoding of device_locked field

The attestation code used boringssl's ASN.1 encoding tools
incorrectly, causing it to encode incorrect values in device_locked.

Bug: b/152503089
Test: Build & boot
Merged-In: I3c5352523b2db37d539ad353ac8c48c1585eb08d
Change-Id: I3c5352523b2db37d539ad353ac8c48c1585eb08d
---
 keymaster/3.0/vts/functional/attestation_record.cpp | 2 +-
 keymaster/4.0/support/attestation_record.cpp        | 2 +-
 keymaster/4.1/support/attestation_record.cpp        | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/keymaster/3.0/vts/functional/attestation_record.cpp b/keymaster/3.0/vts/functional/attestation_record.cpp
index a428989de2..bde4b57e9b 100644
--- a/keymaster/3.0/vts/functional/attestation_record.cpp
+++ b/keymaster/3.0/vts/functional/attestation_record.cpp
@@ -46,7 +46,7 @@ struct ASN1_TYPE_Delete {
 
 typedef struct km_root_of_trust {
     ASN1_OCTET_STRING* verified_boot_key;
-    ASN1_BOOLEAN* device_locked;
+    ASN1_BOOLEAN device_locked;
     ASN1_ENUMERATED* verified_boot_state;
 } KM_ROOT_OF_TRUST;
 
diff --git a/keymaster/4.0/support/attestation_record.cpp b/keymaster/4.0/support/attestation_record.cpp
index 27e00c173a..bc294bd35b 100644
--- a/keymaster/4.0/support/attestation_record.cpp
+++ b/keymaster/4.0/support/attestation_record.cpp
@@ -50,7 +50,7 @@ struct ASN1_TYPE_Delete {
 
 typedef struct km_root_of_trust {
     ASN1_OCTET_STRING* verified_boot_key;
-    ASN1_BOOLEAN* device_locked;
+    ASN1_BOOLEAN device_locked;
     ASN1_ENUMERATED* verified_boot_state;
     ASN1_OCTET_STRING* verified_boot_hash;
 } KM_ROOT_OF_TRUST;
diff --git a/keymaster/4.1/support/attestation_record.cpp b/keymaster/4.1/support/attestation_record.cpp
index 9eab1db316..63bf854f0f 100644
--- a/keymaster/4.1/support/attestation_record.cpp
+++ b/keymaster/4.1/support/attestation_record.cpp
@@ -58,7 +58,7 @@ struct ASN1_TYPE_Delete {
 
 typedef struct km_root_of_trust {
     ASN1_OCTET_STRING* verified_boot_key;
-    ASN1_BOOLEAN* device_locked;
+    ASN1_BOOLEAN device_locked;
     ASN1_ENUMERATED* verified_boot_state;
     ASN1_OCTET_STRING* verified_boot_hash;
 } KM_ROOT_OF_TRUST;