TZ backend already supports importing exportable binary data. Follow
the same rule for secret derivation and allow storing an exportable
secret (binary data), derived from TZ key, in TZ.
Change-Id: I61d202469a3df43e5f35746a0c09ca179d823336
* skey TRUE NONE
* akey - NONE
* cert - NONE
- * generate - binary FALSE TZ/SW
- * - binary TRUE SW
+ * generate - binary - TZ/SW
* - cert - NONE
* - skey FALSE TZ/SW
* - skey TRUE SW
if (!data.isCertificate() && !data.isChainCert()) {
addSW();
- if (!policy.extractable)
+ if (data.isBinaryData() || !policy.extractable)
addTZ();
}
}