From 3f821a8e17f97a6f0b3ae408b2e7f2bfde666df4 Mon Sep 17 00:00:00 2001
From: Eva Bertels <evabertels@google.com>
Date: Thu, 16 Aug 2018 12:46:12 +0100
Subject: Added check for misprovisioned Pixel 2 device.

Some Pixel devices had a wrong brand value provisioned into keymaster.
Due to this misprovisioning those devices fail device ID attestation because it includes a check for the correct brand value.
This is now solved by re-trying Device ID attestation if we are running on a potentially misprovisioned device, allowing for the known incorrect brand value.

Bug: 69471841
Test: atest com.android.cts.devicepolicy.MixedDeviceOwnerTest#testKeyManagement
Change-Id: If715ebdd4ab6d7fcfffab60b40fd2dc8fa1fda44
Merged-In: Ia0da5478d6092c1927d26600a6893ae8ce53da51
---
 core/res/res/values/config.xml                     |  7 ++++
 core/res/res/values/symbols.xml                    |  3 ++
 .../security/keystore/AttestationUtils.java        | 38 ++++++++++++++++++++--
 3 files changed, 46 insertions(+), 2 deletions(-)

diff --git a/core/res/res/values/config.xml b/core/res/res/values/config.xml
index fb7cd3d974f5..fbd7ffbe1590 100644
--- a/core/res/res/values/config.xml
+++ b/core/res/res/values/config.xml
@@ -3504,4 +3504,11 @@
 
     <!-- Whether or not we should show the option to show battery percentage -->
     <bool name="config_battery_percentage_setting_available">true</bool>
+
+    <!-- Model of potentially misprovisioned devices. If none is specified in an overlay, an
+         empty string is passed in. -->
+    <string name="config_misprovisionedDeviceModel" translatable="false"></string>
+
+    <!-- Brand value for attestation of misprovisioned device. -->
+    <string name="config_misprovisionedBrandValue" translatable="false"></string>
 </resources>
diff --git a/core/res/res/values/symbols.xml b/core/res/res/values/symbols.xml
index cf624acfc675..ab1e4c1b61a0 100644
--- a/core/res/res/values/symbols.xml
+++ b/core/res/res/values/symbols.xml
@@ -3410,4 +3410,7 @@
 
   <java-symbol type="array" name="config_disableApksUnlessMatchedSku_apk_list" />
   <java-symbol type="array" name="config_disableApkUnlessMatchedSku_skus_list" />
+
+  <java-symbol type="string" name="config_misprovisionedDeviceModel" />
+  <java-symbol type="string" name="config_misprovisionedBrandValue" />
 </resources>
diff --git a/keystore/java/android/security/keystore/AttestationUtils.java b/keystore/java/android/security/keystore/AttestationUtils.java
index 1be8309bcf5a..f7993eff6b08 100644
--- a/keystore/java/android/security/keystore/AttestationUtils.java
+++ b/keystore/java/android/security/keystore/AttestationUtils.java
@@ -22,9 +22,9 @@ import android.annotation.RequiresPermission;
 import android.annotation.SystemApi;
 import android.annotation.TestApi;
 import android.content.Context;
+import android.content.res.Resources;
 import android.os.Build;
 import android.security.KeyStore;
-import android.security.KeyStoreException;
 import android.security.keymaster.KeymasterArguments;
 import android.security.keymaster.KeymasterCertificateChain;
 import android.security.keymaster.KeymasterDefs;
@@ -117,6 +117,40 @@ public abstract class AttestationUtils {
     @NonNull public static KeymasterArguments prepareAttestationArguments(Context context,
             @NonNull int[] idTypes, @NonNull byte[] attestationChallenge) throws
             DeviceIdAttestationException {
+        return prepareAttestationArguments(context, idTypes,attestationChallenge, Build.BRAND);
+    }
+
+    /**
+     * Prepares Keymaster Arguments with attestation data for misprovisioned Pixel 2 device.
+     * See http://go/keyAttestationFailure and http://b/69471841 for more info.
+     * @hide should only be used by KeyChain.
+     */
+    @NonNull public static KeymasterArguments prepareAttestationArgumentsIfMisprovisioned(
+            Context context, @NonNull int[] idTypes, @NonNull byte[] attestationChallenge) throws
+            DeviceIdAttestationException {
+        if (!isPotentiallyMisprovisionedDevice(context)) {
+            return null;
+        }
+        Resources resources = context.getResources();
+        String misprovisionedBrand = resources.getString(
+                com.android.internal.R.string.config_misprovisionedBrandValue);
+        return prepareAttestationArguments(
+                    context, idTypes, attestationChallenge, misprovisionedBrand);
+    }
+
+    @NonNull private static boolean isPotentiallyMisprovisionedDevice(Context context) {
+        Resources resources = context.getResources();
+        String misprovisionedModel = resources.getString(
+                com.android.internal.R.string.config_misprovisionedDeviceModel);
+        String misprovisionedBrand = resources.getString(
+                com.android.internal.R.string.config_misprovisionedBrandValue);
+
+        return (Build.MODEL.equals(misprovisionedModel));
+    }
+
+    @NonNull private static KeymasterArguments prepareAttestationArguments(Context context,
+            @NonNull int[] idTypes, @NonNull byte[] attestationChallenge, String brand) throws
+            DeviceIdAttestationException {
         // Check method arguments, retrieve requested device IDs and prepare attestation arguments.
         if (attestationChallenge == null) {
             throw new NullPointerException("Missing attestation challenge");
@@ -169,7 +203,7 @@ public abstract class AttestationUtils {
             }
         }
         attestArgs.addBytes(KeymasterDefs.KM_TAG_ATTESTATION_ID_BRAND,
-                Build.BRAND.getBytes(StandardCharsets.UTF_8));
+                brand.getBytes(StandardCharsets.UTF_8));
         attestArgs.addBytes(KeymasterDefs.KM_TAG_ATTESTATION_ID_DEVICE,
                 Build.DEVICE.getBytes(StandardCharsets.UTF_8));
         attestArgs.addBytes(KeymasterDefs.KM_TAG_ATTESTATION_ID_PRODUCT,
-- 
cgit v1.2.3-59-g8ed1b