commit 48bbcaff28897031d84501ce9113f9fb066325de
author Orlando Arbildo <oarbildo@google.com> Tue Mar 04 21:44:22 2025 +0000
committer Orlando Arbildo <oarbildo@google.com> Wed Mar 05 17:48:42 2025 +0000
tree 6325db93d4d9fd4f71a9108358ee68becd0a0bcc
parent 046d51c0449c9f4089efc1b2299dd77081030f9a

hwcryptohal: Adding error types to binder calls

Returning error types to bidner calls that are not
allowed by android.

Bug: 393162614
Test: cf build/ manual test
Change-Id: I520fdca6e13390896ccd74d5e1b16246f7ca9e26

security/see/hwcrypto/default/hwcryptolib.cpp

diff --git a/security/see/hwcrypto/default/hwcryptolib.cpp b/security/see/hwcrypto/default/hwcryptolib.cpp
index 0e15883..b168707 100644
--- a/security/see/hwcrypto/default/hwcryptolib.cpp
+++ b/security/see/hwcrypto/default/hwcryptolib.cpp
@@ -271,7 +271,9 @@
     ndk::ScopedAStatus setProtectionId(
             const ndk_hwcrypto::types::ProtectionId /*protectionId*/,
             const ::std::vector<ndk_hwcrypto::types::OperationType>& /*allowedOperations*/) {
-        return ndk::ScopedAStatus::ok();
+        return ndk::ScopedAStatus::fromServiceSpecificErrorWithMessage(
+                ndk_hwcrypto::types::HalErrorCode::UNAUTHORIZED,
+                "android is not authorized to call setProtectionId");
     }
 };
 
@@ -308,24 +310,26 @@
 ndk::ScopedAStatus HwCryptoKey::deriveCurrentDicePolicyBoundKey(
         const ndk_hwcrypto::IHwCryptoKey::DiceBoundDerivationKey& /*derivationKey*/,
         ndk_hwcrypto::IHwCryptoKey::DiceCurrentBoundKeyResult* /*aidl_return*/) {
-    // return mHwCryptoServer->deriveCurrentDicePolicyBoundKey(derivationKey, aidl_return);
-    return ndk::ScopedAStatus::ok();
+    return ndk::ScopedAStatus::fromServiceSpecificErrorWithMessage(
+            ndk_hwcrypto::types::HalErrorCode::UNAUTHORIZED,
+            "android is not authorized to call deriveCurrentDicePolicyBoundKey");
 }
 
 ndk::ScopedAStatus HwCryptoKey::deriveDicePolicyBoundKey(
         const ndk_hwcrypto::IHwCryptoKey::DiceBoundDerivationKey& /*derivationKey*/,
         const ::std::vector<uint8_t>& /*dicePolicyForKeyVersion*/,
         ndk_hwcrypto::IHwCryptoKey::DiceBoundKeyResult* /*aidl_return*/) {
-    // return mHwCryptoServer->deriveDicePolicyBoundKey(derivationKey, dicePolicyForKeyVersion,
-    // aidl_return);
-    return ndk::ScopedAStatus::ok();
+    return ndk::ScopedAStatus::fromServiceSpecificErrorWithMessage(
+            ndk_hwcrypto::types::HalErrorCode::UNAUTHORIZED,
+            "android is not authorized to call deriveDicePolicyBoundKey");
 }
 
 ndk::ScopedAStatus HwCryptoKey::deriveKey(
         const ndk_hwcrypto::IHwCryptoKey::DerivedKeyParameters& /*parameters*/,
         ndk_hwcrypto::IHwCryptoKey::DerivedKey* /*aidl_return*/) {
-    // return mHwCryptoServer->deriveKey(parameters, aidl_return);
-    return ndk::ScopedAStatus::ok();
+    return ndk::ScopedAStatus::fromServiceSpecificErrorWithMessage(
+            ndk_hwcrypto::types::HalErrorCode::UNAUTHORIZED,
+            "android is not authorized to call deriveKey");
 }
 
 ndk::ScopedAStatus HwCryptoKey::getHwCryptoOperations(