From 3dadaad1d7e0d51ed674780d612d0368d5a17412 Mon Sep 17 00:00:00 2001
From: BKSSM Venkateswarlu <venki.manikanta@gmail.com>
Date: Thu, 21 Jan 2021 17:25:31 +0530
Subject: [PATCH] Removed authenticationIdentifier from cert params

---
 HAL/keymaster/4.1/Provision.cpp | 26 --------------------------
 1 file changed, 26 deletions(-)

diff --git a/HAL/keymaster/4.1/Provision.cpp b/HAL/keymaster/4.1/Provision.cpp
index e90cd7ef..6249e34d 100644
--- a/HAL/keymaster/4.1/Provision.cpp
+++ b/HAL/keymaster/4.1/Provision.cpp
@@ -125,28 +125,6 @@ static inline void getDerSubjectName(X509* x509, std::vector<uint8_t>& subject)
     subject.insert(subject.begin(), subjectDer, subjectDer+len);
 }
 
-static inline void getAuthorityKeyIdentifier(X509* x509, std::vector<uint8_t>& authKeyId) {
-    long xlen;
-    int tag, xclass;
-
-    int loc = X509_get_ext_by_NID(x509, NID_authority_key_identifier, -1);
-    X509_EXTENSION *ext = X509_get_ext(x509, loc);
-    if(ext == NULL) {
-        LOG(ERROR) << " Failed to read authority key identifier.";
-        return;
-    }
-
-    ASN1_OCTET_STRING *asn1AuthKeyId = X509_EXTENSION_get_data(ext);
-    const uint8_t *strAuthKeyId = ASN1_STRING_get0_data(asn1AuthKeyId);
-    int strAuthKeyIdLen = ASN1_STRING_length(asn1AuthKeyId);
-    int ret = ASN1_get_object(&strAuthKeyId, &xlen, &tag, &xclass, strAuthKeyIdLen);
-    if (ret == 0x80 || strAuthKeyId == NULL) {
-        LOG(ERROR) << "Failed to get the auth key identifier from ASN1 sequence.";
-        return;
-    }
-    authKeyId.insert(authKeyId.begin(), strAuthKeyId, strAuthKeyId + xlen);
-}
-
 static inline void getNotAfter(X509* x509, std::vector<uint8_t>& notAfterDate) {
     const ASN1_TIME* notAfter = X509_get0_notAfter(x509);
     if(notAfter == NULL) {
@@ -334,7 +312,6 @@ static ErrorCode provisionAttestationCertificateParams(std::unique_ptr<se_transp
     std::vector<uint8_t> response;
     X509 *x509 = NULL;
     std::vector<uint8_t> subject;
-    std::vector<uint8_t> authorityKeyIdentifier;
     std::vector<uint8_t> notAfter;
 
     /* Subject, AuthorityKeyIdentifier and Expirty time of the root certificate are required by javacard. */
@@ -345,8 +322,6 @@ static ErrorCode provisionAttestationCertificateParams(std::unique_ptr<se_transp
 
     /* Get subject in DER */
     getDerSubjectName(x509, subject);
-    /* Get AuthorityKeyIdentifier */
-    getAuthorityKeyIdentifier(x509, authorityKeyIdentifier);
     /* Get Expirty Time */
     getNotAfter(x509, notAfter);
     /*Free X509 */
@@ -355,7 +330,6 @@ static ErrorCode provisionAttestationCertificateParams(std::unique_ptr<se_transp
     array = cppbor::Array();
     array.add(subject);
     array.add(notAfter);
-    array.add(authorityKeyIdentifier);
     std::vector<uint8_t> cborData = array.encode();
 
     if(ErrorCode::OK != (errorCode = sendProvisionData(transport, ins, cborData, response))) {