Move keystore to Keymaster4
Test: CTS
Change-Id: I6b7fa300f505ee685b1fe503edea3188225a98e3
diff --git a/keystore/auth_token_table.cpp b/keystore/auth_token_table.cpp
index e54febe..3c51c70 100644
--- a/keystore/auth_token_table.cpp
+++ b/keystore/auth_token_table.cpp
@@ -77,13 +77,12 @@
return time.tv_sec;
}
-void AuthTokenTable::AddAuthenticationToken(std::unique_ptr<const HardwareAuthToken>&& auth_token) {
+void AuthTokenTable::AddAuthenticationToken(HardwareAuthToken&& auth_token) {
Entry new_entry(std::move(auth_token), clock_function_());
- //STOPSHIP: debug only, to be removed
- ALOGD("AddAuthenticationToken: timestamp = %llu (%llu), time_received = %lld",
- static_cast<unsigned long long>(new_entry.timestamp_host_order()),
- static_cast<unsigned long long>(new_entry.token().timestamp),
- static_cast<long long>(new_entry.time_received()));
+ // STOPSHIP: debug only, to be removed
+ ALOGD("AddAuthenticationToken: timestamp = %llu, time_received = %lld",
+ static_cast<unsigned long long>(new_entry.token().timestamp),
+ static_cast<long long>(new_entry.time_received()));
RemoveEntriesSupersededBy(new_entry);
if (entries_.size() >= max_entries_) {
@@ -95,10 +94,8 @@
}
inline bool is_secret_key_operation(Algorithm algorithm, KeyPurpose purpose) {
- if ((algorithm != Algorithm::RSA && algorithm != Algorithm::EC))
- return true;
- if (purpose == KeyPurpose::SIGN || purpose == KeyPurpose::DECRYPT)
- return true;
+ if ((algorithm != Algorithm::RSA && algorithm != Algorithm::EC)) return true;
+ if (purpose == KeyPurpose::SIGN || purpose == KeyPurpose::DECRYPT) return true;
return false;
}
@@ -211,26 +208,15 @@
if (IsSupersededBySomeEntry(*found)) entries_.erase(found);
}
-AuthTokenTable::Entry::Entry(std::unique_ptr<const HardwareAuthToken>&& token, time_t current_time)
+AuthTokenTable::Entry::Entry(HardwareAuthToken&& token, time_t current_time)
: token_(std::move(token)), time_received_(current_time), last_use_(current_time),
- operation_completed_(token_->challenge == 0) {}
-
-uint64_t AuthTokenTable::Entry::timestamp_host_order() const {
- return ntoh(token_->timestamp);
-}
-
-HardwareAuthenticatorType AuthTokenTable::Entry::authenticator_type() const {
- HardwareAuthenticatorType result = static_cast<HardwareAuthenticatorType>(
- ntoh(static_cast<uint32_t>(token_->authenticatorType)));
- return result;
-}
+ operation_completed_(token_.challenge == 0) {}
bool AuthTokenTable::Entry::SatisfiesAuth(const std::vector<uint64_t>& sids,
HardwareAuthenticatorType auth_type) {
- for (auto sid : sids)
- if ((sid == token_->authenticatorId) ||
- (sid == token_->userId && (auth_type & authenticator_type()) != 0))
- return true;
+ for (auto sid : sids) {
+ if (SatisfiesAuth(sid, auth_type)) return true;
+ }
return false;
}
@@ -241,10 +227,9 @@
bool AuthTokenTable::Entry::Supersedes(const Entry& entry) const {
if (!entry.completed()) return false;
- return (token_->userId == entry.token_->userId &&
- token_->authenticatorType == entry.token_->authenticatorType &&
- token_->authenticatorId == entry.token_->authenticatorId &&
- is_newer_than(&entry));
+ return (token_.userId == entry.token_.userId &&
+ token_.authenticatorType == entry.token_.authenticatorType &&
+ token_.authenticatorId == entry.token_.authenticatorId && is_newer_than(&entry));
}
-} // namespace keymaster
+} // namespace keystore