Fix KM3.0 deleteKey behavior inconsistent with VTS test.
Keymaster 3.0 VTS test required that deleteKey returns
ErrorCode::OK even if the key blob parameter is invalid or garbage.
The rationale is that deleteKey shall have the invariant that
key blobs are unusable after the deleteKey call. If it was unusable
before, this invariant is upheld.
This patch makes the legacy wrapper for the Keymaster HAL translate
an ErrorCode::INVALID_KEY_BLOB retuned by the legacy delete_key to
ErrorCode::OK.
Bug: 37351644
Test: Manually run VtsHalKeymasterV3_0TargetTest with legacy keymaster
HAL installed (tested with sailfish)
Change-Id: Ib22c8b8e10334770a1d4a5570acf16c2c52a6c60
diff --git a/keymaster/3.0/default/KeymasterDevice.cpp b/keymaster/3.0/default/KeymasterDevice.cpp
index 9c7c860..219f419 100644
--- a/keymaster/3.0/default/KeymasterDevice.cpp
+++ b/keymaster/3.0/default/KeymasterDevice.cpp
@@ -603,7 +603,13 @@
return ErrorCode::UNIMPLEMENTED;
}
auto kmKeyBlob = hidlVec2KmKeyBlob(keyBlob);
- return legacy_enum_conversion(keymaster_device_->delete_key(keymaster_device_, &kmKeyBlob));
+ auto rc = legacy_enum_conversion(
+ keymaster_device_->delete_key(keymaster_device_, &kmKeyBlob));
+ // Keymaster 3.0 requires deleteKey to return ErrorCode::OK if the key
+ // blob is unusable after the call. This is equally true if the key blob was
+ // unusable before.
+ if (rc == ErrorCode::INVALID_KEY_BLOB) return ErrorCode::OK;
+ return rc;
}
Return<ErrorCode> KeymasterDevice::deleteAllKeys() {