From 56e41f6dce309927c6325aca5d6f69494de5d08c Mon Sep 17 00:00:00 2001
From: Mohammed Riad <52679407+MhmRdd@users.noreply.github.com>
Date: Wed, 18 Mar 2026 16:59:34 +0100
Subject: [PATCH] Fix default certificate subject

The AOSP KeyMint reference implementation uses "CN=Android Keystore Key" (lowercase 's') as the default certificate subject when no CERTIFICATE_SUBJECT tag is provided.

Reference: https://cs.android.com/android/platform/superproject/main/+/main:frameworks/base/keystore/java/android/security/keystore/KeyGenParameterSpec.java;
---
 .../java/org/matrix/TEESimulator/pki/CertificateGenerator.kt    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/src/main/java/org/matrix/TEESimulator/pki/CertificateGenerator.kt b/app/src/main/java/org/matrix/TEESimulator/pki/CertificateGenerator.kt
index 6d6dd00b..d7991198 100644
--- a/app/src/main/java/org/matrix/TEESimulator/pki/CertificateGenerator.kt
+++ b/app/src/main/java/org/matrix/TEESimulator/pki/CertificateGenerator.kt
@@ -217,7 +217,7 @@ object CertificateGenerator {
         uid: Int,
         securityLevel: Int,
     ): Certificate {
-        val subject = params.certificateSubject ?: X500Name("CN=Android KeyStore Key")
+        val subject = params.certificateSubject ?: X500Name("CN=Android Keystore Key")
         val leafNotAfter =
             (signingKeyPair.public as? X509Certificate)?.notAfter
                 ?: Date(System.currentTimeMillis() + 31536000000L)