Add authorization binder methods Add methods for sending an auth token to keystore and to query the authorization state of a given operation. These methods are currently stubs until authorization is implemented. Change-Id: I0f97ffb3afe19c1f1d8a00bfc95e27616e7cb06c

commit: 2ed2baa7de690b09430b40625e6b18d10757a2fd [log] [tgz]
author: Chad Brubaker <cbrubaker@google.com> Sat Mar 21 21:20:10 2015 -0700
committer: Chad Brubaker <cbrubaker@google.com> Sat Mar 21 21:20:10 2015 -0700
tree: 9d2945654ecadd0d731ba26a5a83ad93518109aa
parent: 9576d286c04437b88902af1ad0ed93c8e24f5c82 [diff] [blame]
diff --git a/keystore/keystore.cpp b/keystore/keystore.cpp
index 46bc174..fc7aa5d 100644
--- a/keystore/keystore.cpp
+++ b/keystore/keystore.cpp

@@ -2793,6 +2793,20 @@
         return ::NO_ERROR;
     }
 
+    bool isOperationAuthorized(const sp<IBinder>& token) {
+        const keymaster1_device_t* dev;
+        keymaster_operation_handle_t handle;
+        if(!mOperationMap.getOperation(token, &handle, &dev)) {
+            return false;
+        }
+        // TODO: Check authorization.
+        return true;
+    }
+
+    int32_t addAuthToken(const uint8_t* /*token*/, size_t /*length*/) {
+        return KM_ERROR_UNIMPLEMENTED;
+    }
+
 private:
     inline bool isKeystoreUnlocked(State state) {
         switch (state) {
commit	2ed2baa7de690b09430b40625e6b18d10757a2fd	[log] [tgz]
author	Chad Brubaker <cbrubaker@google.com>	Sat Mar 21 21:20:10 2015 -0700
committer	Chad Brubaker <cbrubaker@google.com>	Sat Mar 21 21:20:10 2015 -0700
tree	9d2945654ecadd0d731ba26a5a83ad93518109aa
parent	9576d286c04437b88902af1ad0ed93c8e24f5c82 [diff] [blame]