commit | 692199289b76fba98f05dcd5b976fb6a07b66e9e | [log] [tgz] |
---|---|---|
author | Matthew Maurer <mmaurer@google.com> | Tue Dec 10 07:09:13 2019 -0800 |
committer | Matthew Maurer <mmaurer@google.com> | Tue Dec 10 07:09:13 2019 -0800 |
tree | 6999223ebeaa242a862c30398c221624a78bd185 | |
parent | c9e3fe061933374f2fe3d142df9e05a4558fdb4a [diff] |
Empty-initialize verified_boot_key when unverified Per https://source.android.com/security/keystore/attestation the verified_boot_key needs to be empty if we are in the unverified state. This change makes Trusty robust to bootloaders providing it a verified_boot_key that was not used to verify the image. Bug: 138606521 Test: atest CtsKeystoreTestCases; atest VtsHalKeymasterV4_0TargetTest Change-Id: I05e94243405c680281d562e5185299c6da556e0b