diff options
| author | 2023-03-31 15:26:37 -0700 | |
|---|---|---|
| committer | 2023-04-03 08:48:15 -0700 | |
| commit | 651ffe62867f6448581e550d3433100f943e16cc (patch) | |
| tree | 96bcf37f8bf0661164d346cfc533a30b02a0f6ee /identity | |
| parent | 932fe8ac1d0253abba86036811f004bf36dabc8e (diff) | |
Remove the GenerateRkpKey service
With the move to rkpd, we no longer need to make calls from framework
into the remote provisioner to tell it that a key was consumed.
Bug: 274823784
Test: atest KeystoreTests
Test: atest CtsKeystoreTestCases:android.keystore.cts.KeyAttestationTest
Change-Id: I510d471a980c62e5798e459729f73c231321d2a9
Diffstat (limited to 'identity')
| -rw-r--r-- | identity/java/android/security/identity/CredstoreIdentityCredentialStore.java | 16 |
1 files changed, 1 insertions, 15 deletions
diff --git a/identity/java/android/security/identity/CredstoreIdentityCredentialStore.java b/identity/java/android/security/identity/CredstoreIdentityCredentialStore.java index d785c3c895b8..f26b50ed4e2a 100644 --- a/identity/java/android/security/identity/CredstoreIdentityCredentialStore.java +++ b/identity/java/android/security/identity/CredstoreIdentityCredentialStore.java @@ -21,10 +21,7 @@ import android.annotation.Nullable; import android.content.Context; import android.content.pm.FeatureInfo; import android.content.pm.PackageManager; -import android.os.RemoteException; import android.os.ServiceManager; -import android.security.GenerateRkpKey; -import android.security.keymaster.KeymasterDefs; class CredstoreIdentityCredentialStore extends IdentityCredentialStore { @@ -125,18 +122,7 @@ class CredstoreIdentityCredentialStore extends IdentityCredentialStore { @NonNull String docType) throws AlreadyPersonalizedException, DocTypeNotSupportedException { try { - IWritableCredential wc; - wc = mStore.createCredential(credentialName, docType); - try { - GenerateRkpKey keyGen = new GenerateRkpKey(mContext); - // We don't know what the security level is for the backing keymint, so go ahead and - // poke the provisioner for both TEE and SB. - keyGen.notifyKeyGenerated(KeymasterDefs.KM_SECURITY_LEVEL_TRUSTED_ENVIRONMENT); - keyGen.notifyKeyGenerated(KeymasterDefs.KM_SECURITY_LEVEL_STRONGBOX); - } catch (RemoteException e) { - // Not really an error state. Does not apply at all if RKP is unsupported or - // disabled on a given device. - } + IWritableCredential wc = mStore.createCredential(credentialName, docType); return new CredstoreWritableIdentityCredential(mContext, credentialName, docType, wc); } catch (android.os.RemoteException e) { throw new RuntimeException("Unexpected RemoteException ", e); |