Evolution-x/hardware_interfaces
1
0
Fork 0
mirror of https://github.com/Evolution-X/hardware_interfaces synced 2026-02-01 16:50:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge "Challenge is expected in timestamp token in case 2"

Browse Source
This commit is contained in:
Hasini Gunasinghe
2023-05-04 15:21:15 +00:00
committed by Gerrit Code Review
parent c4f05e81e0 77819bb988
commit 51471dcfce
1 changed files with 2 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
security/keymint/aidl/android/hardware/security/keymint/IKeyMintOperation.aidl
View File

@@ -126,8 +126,8 @@ interface IKeyMintOperation {
* *
* o The HMAC field must validate correctly. * o The HMAC field must validate correctly.
* *
* o The challenge field in the auth token must contain the challenge value contained in the * o The challenge field in the timestamp token must contain the challenge value contained in
* BeginResult returned from IKeyMintDevice::begin(). * the BeginResult returned from IKeyMintDevice::begin().
* *
* The resulting secure time value is then used to authenticate the HardwareAuthToken. For the * The resulting secure time value is then used to authenticate the HardwareAuthToken. For the
* auth token to be valid, all of the following has to be true: * auth token to be valid, all of the following has to be true:
@@ -139,9 +139,6 @@ interface IKeyMintOperation {
* *
* o The key must have a Tag::USER_AUTH_TYPE that matches the auth type in the token. * o The key must have a Tag::USER_AUTH_TYPE that matches the auth type in the token.
* *
* o The challenge field in the auth token must contain the challenge value contained in the
* BeginResult returned from IKeyMintDevice::begin().
*
* o The timestamp in the auth token plus the value of the Tag::AUTH_TIMEOUT must be greater * o The timestamp in the auth token plus the value of the Tag::AUTH_TIMEOUT must be greater
* than the provided secure timestamp. * than the provided secure timestamp.