-
Notifications
You must be signed in to change notification settings - Fork 2.1k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Enable TV Casting App Example to using Hardware-backed keys For DAC (#…
…26022) * Enable TV Casting App Example to using Hardware-backed keys For DAC (#142) It is best practice for private keys to not be available to the application layer in plain form. In fact you can generate keys within the secure element on device, or TrustZone, that is not extractable in plain form. In order to support such best practices, the change addresses this by modifying the DAC Provider's SignWithDeviceAttestationKey function that is provided by the example tv castin app to: - For Android, ask the Java application layer to do the signing via the Android Keystore. - For iOS, request the SecKeyRef for the private key as part of setting the DAC provider and hence allowing the SDK to just sign using the Security APIs. * Update JNI Interface in tv-app to allow app to sign messages for DAC stored in Android KeyStore In an effort to leverage hardware keys for DAC, the JNI layer was updated to ask the JVM layer to sign message by leveraging the Android KeyStore instead of requesting to the raw private key bytes only to sign it within the c++ layer. This adds a level of security to the device attestation process.
- Loading branch information
1 parent
210be18
commit f9f896e
Showing
14 changed files
with
257 additions
and
178 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.