summaryrefslogtreecommitdiff
path: root/identity/aidl/default/common/WritableIdentityCredential.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'identity/aidl/default/common/WritableIdentityCredential.cpp')
-rw-r--r--identity/aidl/default/common/WritableIdentityCredential.cpp53
1 files changed, 4 insertions, 49 deletions
diff --git a/identity/aidl/default/common/WritableIdentityCredential.cpp b/identity/aidl/default/common/WritableIdentityCredential.cpp
index e420a7b74b..200ee61df4 100644
--- a/identity/aidl/default/common/WritableIdentityCredential.cpp
+++ b/identity/aidl/default/common/WritableIdentityCredential.cpp
@@ -79,15 +79,8 @@ ndk::ScopedAStatus WritableIdentityCredential::getAttestationCertificate(
IIdentityCredentialStore::STATUS_INVALID_DATA, "Challenge can not be empty"));
}
- optional<vector<uint8_t>> certChain;
- if (attestationKeyBlob_ && attestationCertificateChain_) {
- certChain = hwProxy_->createCredentialKeyUsingRkp(
- attestationChallenge, attestationApplicationId, *attestationKeyBlob_,
- attestationCertificateChain_->at(0));
- } else {
- certChain = hwProxy_->createCredentialKey(attestationChallenge, attestationApplicationId);
- }
-
+ optional<vector<uint8_t>> certChain =
+ hwProxy_->createCredentialKey(attestationChallenge, attestationApplicationId);
if (!certChain) {
return ndk::ScopedAStatus(AStatus_fromServiceSpecificErrorWithMessage(
IIdentityCredentialStore::STATUS_FAILED,
@@ -102,14 +95,8 @@ ndk::ScopedAStatus WritableIdentityCredential::getAttestationCertificate(
}
*outCertificateChain = vector<Certificate>();
- for (vector<uint8_t>& cert : certs.value()) {
- Certificate c;
- c.encodedCertificate = std::move(cert);
- outCertificateChain->push_back(std::move(c));
- }
-
- for (const vector<uint8_t>& cert : *attestationCertificateChain_) {
- Certificate c;
+ for (const vector<uint8_t>& cert : certs.value()) {
+ Certificate c = Certificate();
c.encodedCertificate = cert;
outCertificateChain->push_back(std::move(c));
}
@@ -415,36 +402,4 @@ ndk::ScopedAStatus WritableIdentityCredential::finishAddingEntries(
return ndk::ScopedAStatus::ok();
}
-ndk::ScopedAStatus WritableIdentityCredential::setRemotelyProvisionedAttestationKey(
- const vector<uint8_t>& attestationKeyBlob,
- const vector<uint8_t>& attestationCertificateChain) {
- if (!hardwareInformation_.isRemoteKeyProvisioningSupported) {
- return ndk::ScopedAStatus(AStatus_fromExceptionCodeWithMessage(
- EX_UNSUPPORTED_OPERATION, "Remote key provisioning is not supported"));
- }
-
- if (attestationKeyBlob.empty() || attestationCertificateChain.empty()) {
- return ndk::ScopedAStatus(AStatus_fromServiceSpecificErrorWithMessage(
- IIdentityCredentialStore::STATUS_FAILED,
- "Empty data passed to setRemotlyProvisionedAttestationKey"));
- }
-
- if (attestationKeyBlob_.has_value()) {
- return ndk::ScopedAStatus(AStatus_fromServiceSpecificErrorWithMessage(
- IIdentityCredentialStore::STATUS_FAILED, "Attestation key already set"));
- }
-
- optional<vector<vector<uint8_t>>> certs =
- support::certificateChainSplit(attestationCertificateChain);
- if (!certs) {
- return ndk::ScopedAStatus(AStatus_fromServiceSpecificErrorWithMessage(
- IIdentityCredentialStore::STATUS_FAILED,
- "Error splitting chain into separate certificates"));
- }
-
- attestationKeyBlob_ = attestationKeyBlob;
- attestationCertificateChain_ = *certs;
- return ndk::ScopedAStatus::ok();
-}
-
} // namespace aidl::android::hardware::identity
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-03 11:25:39 +0000