commit 0329a82c48aeea98b87a9ea4598a3a49619a482e
author Shawn Willden <swillden@google.com> Mon Dec 04 13:55:14 2017 -0700
committer Shawn Willden <swillden@google.com> Wed Dec 20 09:01:01 2017 -0700
tree cf6362ee88242a3f10c8f982d45294e4e623cdfe
parent c67a8aa3f536904264e64feca9009b79788ea2ae

Move keystore to Keymaster4

Test: CTS
Change-Id: I6b7fa300f505ee685b1fe503edea3188225a98e3

keystore/auth_token_table.cpp

diff --git a/keystore/auth_token_table.cpp b/keystore/auth_token_table.cpp
index e54febe..3c51c70 100644
--- a/keystore/auth_token_table.cpp
+++ b/keystore/auth_token_table.cpp
@@ -77,13 +77,12 @@
     return time.tv_sec;
 }
 
-void AuthTokenTable::AddAuthenticationToken(std::unique_ptr<const HardwareAuthToken>&& auth_token) {
+void AuthTokenTable::AddAuthenticationToken(HardwareAuthToken&& auth_token) {
     Entry new_entry(std::move(auth_token), clock_function_());
-    //STOPSHIP: debug only, to be removed
-    ALOGD("AddAuthenticationToken: timestamp = %llu (%llu), time_received = %lld",
-        static_cast<unsigned long long>(new_entry.timestamp_host_order()),
-        static_cast<unsigned long long>(new_entry.token().timestamp),
-        static_cast<long long>(new_entry.time_received()));
+    // STOPSHIP: debug only, to be removed
+    ALOGD("AddAuthenticationToken: timestamp = %llu, time_received = %lld",
+          static_cast<unsigned long long>(new_entry.token().timestamp),
+          static_cast<long long>(new_entry.time_received()));
 
     RemoveEntriesSupersededBy(new_entry);
     if (entries_.size() >= max_entries_) {
@@ -95,10 +94,8 @@
 }
 
 inline bool is_secret_key_operation(Algorithm algorithm, KeyPurpose purpose) {
-    if ((algorithm != Algorithm::RSA && algorithm != Algorithm::EC))
-        return true;
-    if (purpose == KeyPurpose::SIGN || purpose == KeyPurpose::DECRYPT)
-        return true;
+    if ((algorithm != Algorithm::RSA && algorithm != Algorithm::EC)) return true;
+    if (purpose == KeyPurpose::SIGN || purpose == KeyPurpose::DECRYPT) return true;
     return false;
 }
 
@@ -211,26 +208,15 @@
     if (IsSupersededBySomeEntry(*found)) entries_.erase(found);
 }
 
-AuthTokenTable::Entry::Entry(std::unique_ptr<const HardwareAuthToken>&& token, time_t current_time)
+AuthTokenTable::Entry::Entry(HardwareAuthToken&& token, time_t current_time)
     : token_(std::move(token)), time_received_(current_time), last_use_(current_time),
-      operation_completed_(token_->challenge == 0) {}
-
-uint64_t AuthTokenTable::Entry::timestamp_host_order() const {
-    return ntoh(token_->timestamp);
-}
-
-HardwareAuthenticatorType AuthTokenTable::Entry::authenticator_type() const {
-    HardwareAuthenticatorType result = static_cast<HardwareAuthenticatorType>(
-        ntoh(static_cast<uint32_t>(token_->authenticatorType)));
-    return result;
-}
+      operation_completed_(token_.challenge == 0) {}
 
 bool AuthTokenTable::Entry::SatisfiesAuth(const std::vector<uint64_t>& sids,
                                           HardwareAuthenticatorType auth_type) {
-    for (auto sid : sids)
-        if ((sid == token_->authenticatorId) ||
-            (sid == token_->userId && (auth_type & authenticator_type()) != 0))
-            return true;
+    for (auto sid : sids) {
+        if (SatisfiesAuth(sid, auth_type)) return true;
+    }
     return false;
 }
 
@@ -241,10 +227,9 @@
 bool AuthTokenTable::Entry::Supersedes(const Entry& entry) const {
     if (!entry.completed()) return false;
 
-    return (token_->userId == entry.token_->userId &&
-            token_->authenticatorType == entry.token_->authenticatorType &&
-            token_->authenticatorId == entry.token_->authenticatorId &&
-            is_newer_than(&entry));
+    return (token_.userId == entry.token_.userId &&
+            token_.authenticatorType == entry.token_.authenticatorType &&
+            token_.authenticatorId == entry.token_.authenticatorId && is_newer_than(&entry));
 }
 
-}  // namespace keymaster
+}  // namespace keystore