Merge changes from topic "full_spec_upgrade_sc" into sc-dev
* changes:
Adding plumbing for supported EC curve on impl
Always fall back to factory key on any RKP error
diff --git a/keystore2/src/security_level.rs b/keystore2/src/security_level.rs
index 365f8da..5cb3afc 100644
--- a/keystore2/src/security_level.rs
+++ b/keystore2/src/security_level.rs
@@ -914,7 +914,7 @@
"In convert_storage_key_to_ephemeral: calling convertStorageKeyToEphemeral (2)",
500,
);
- map_km_error(km_dev.convertStorageKeyToEphemeral(key_blob))
+ map_km_error(km_dev.convertStorageKeyToEphemeral(&upgraded_blob))
}
.context(concat!(
"In convert_storage_key_to_ephemeral: ",
diff --git a/ondevice-signing/VerityUtils.cpp b/ondevice-signing/VerityUtils.cpp
index 3d5243a..0bb3979 100644
--- a/ondevice-signing/VerityUtils.cpp
+++ b/ondevice-signing/VerityUtils.cpp
@@ -94,7 +94,12 @@
if (ret < 0) {
return ErrnoError() << "Failed to compute fs-verity digest for " << path;
}
- std::vector<uint8_t> digestVector(&digest->digest[0], &digest->digest[32]);
+ int expected_digest_size = libfsverity_get_digest_size(FS_VERITY_HASH_ALG_SHA256);
+ if (digest->digest_size != expected_digest_size) {
+ return Error() << "Digest does not have expected size: " << expected_digest_size
+ << " actual: " << digest->digest_size;
+ }
+ std::vector<uint8_t> digestVector(&digest->digest[0], &digest->digest[expected_digest_size]);
free(digest);
return digestVector;
}
@@ -114,7 +119,7 @@
template <typename T>
static trailing_unique_ptr<T> makeUniqueWithTrailingData(size_t trailing_data_size) {
- uint8_t* memory = new uint8_t[sizeof(T*) + trailing_data_size];
+ uint8_t* memory = new uint8_t[sizeof(T) + trailing_data_size];
T* ptr = new (memory) T;
return trailing_unique_ptr<T>{ptr};
}