Add optional additional entropy to finish
If provided the extra entropy will be added to the device before calling
finish. If entropy is provided and the device does not support supplying
additional entropy then finish will fail with KM_ERROR_UNIMPLEMENTED.
(cherry-picked from commit 8cfb8ac6e9bd291e9d861a32de2719e3bc797191)
Change-Id: If26be118bf382604f6f8e96e833b76e6f9e94d58
diff --git a/keystore/IKeystoreService.cpp b/keystore/IKeystoreService.cpp
index fc0b8da..9d19b46 100644
--- a/keystore/IKeystoreService.cpp
+++ b/keystore/IKeystoreService.cpp
@@ -1129,7 +1129,9 @@
}
virtual void finish(const sp<IBinder>& token, const KeymasterArguments& params,
- const uint8_t* signature, size_t signatureLength, OperationResult* result)
+ const uint8_t* signature, size_t signatureLength,
+ const uint8_t* entropy, size_t entropyLength,
+ OperationResult* result)
{
if (!result) {
return;
@@ -1140,6 +1142,7 @@
data.writeInt32(1);
params.writeToParcel(&data);
data.writeByteArray(signatureLength, signature);
+ data.writeByteArray(entropyLength, entropy);
status_t status = remote()->transact(BnKeystoreService::FINISH, data, &reply);
if (status != NO_ERROR) {
ALOGD("finish() could not contact remote: %d\n", status);
@@ -1681,11 +1684,14 @@
if (data.readInt32() != 0) {
args.readFromParcel(data);
}
- const uint8_t* buf = NULL;
- size_t bufLength = 0;
- readByteArray(data, &buf, &bufLength);
+ const uint8_t* signature = NULL;
+ size_t signatureLength = 0;
+ readByteArray(data, &signature, &signatureLength);
+ const uint8_t* entropy = NULL;
+ size_t entropyLength = 0;
+ readByteArray(data, &entropy, &entropyLength);
OperationResult result;
- finish(token, args, buf, bufLength, &result);
+ finish(token, args, signature, signatureLength, entropy, entropyLength, &result);
reply->writeNoException();
reply->writeInt32(1);
result.writeToParcel(reply);