Merge "C++17 is now the default."
diff --git a/keystore-engine/keystore_backend_binder.cpp b/keystore-engine/keystore_backend_binder.cpp
index f6ae7f5..590f005 100644
--- a/keystore-engine/keystore_backend_binder.cpp
+++ b/keystore-engine/keystore_backend_binder.cpp
@@ -156,7 +156,7 @@
OperationResult result = future.get();
if (!result.resultCode.isOk()) {
- LOG(ERROR) << AT << "begin failed: " << int32_t(result.resultCode);
+ LOG(ERROR) << AT << "begin failed: " << result.resultCode;
return -1;
}
auto handle = std::move(result.token);
@@ -180,7 +180,7 @@
result = future.get();
if (!result.resultCode.isOk()) {
- LOG(ERROR) << AT << "update failed: " << int32_t(result.resultCode);
+ LOG(ERROR) << AT << "update failed: " << result.resultCode;
return -1;
}
@@ -199,7 +199,7 @@
if (!KSReturn(error_code).isOk()) {
LOG(ERROR) << AT << "abort failed: " << error_code;
} else if (!(rc = KSReturn(abortFuture.get().response_code())).isOk()) {
- LOG(ERROR) << AT << "abort failed: " << int32_t(rc);
+ LOG(ERROR) << AT << "abort failed: " << rc;
}
return -1;
}
@@ -228,7 +228,7 @@
result = future.get();
if (!result.resultCode.isOk()) {
- LOG(ERROR) << AT << "finish failed: " << int32_t(result.resultCode);
+ LOG(ERROR) << AT << "finish failed: " << result.resultCode;
return -1;
}
@@ -272,7 +272,7 @@
auto export_result = future.get();
if (!export_result.resultCode.isOk()) {
- LOG(ERROR) << AT << "exportKey failed: " << int32_t(export_result.resultCode);
+ LOG(ERROR) << AT << "exportKey failed: " << export_result.resultCode;
return -1;
}
diff --git a/keystore/Android.bp b/keystore/Android.bp
index 295d605..366f591 100644
--- a/keystore/Android.bp
+++ b/keystore/Android.bp
@@ -234,6 +234,7 @@
srcs: [
":IKeyAttestationApplicationIdProvider.aidl",
"auth_token_table.cpp",
+ "blob.cpp",
"keystore_attestation_id.cpp",
"KeyAttestationApplicationId.cpp",
"KeyAttestationPackageInfo.cpp",
diff --git a/keystore/OperationResult.cpp b/keystore/OperationResult.cpp
index f4d2cc6..3ff8bc3 100644
--- a/keystore/OperationResult.cpp
+++ b/keystore/OperationResult.cpp
@@ -46,7 +46,7 @@
}
status_t OperationResult::writeToParcel(Parcel* out) const {
- out->writeInt32(resultCode);
+ out->writeInt32(resultCode.getErrorCode());
out->writeStrongBinder(token);
out->writeInt64(handle);
out->writeInt32(inputConsumed);
diff --git a/keystore/blob.cpp b/keystore/blob.cpp
index f08e08d..f887e80 100644
--- a/keystore/blob.cpp
+++ b/keystore/blob.cpp
@@ -559,15 +559,23 @@
* [0-o]. Therefore in the worst case the length of a key gets doubled. Note
* that Base64 cannot be used here due to the need of prefix match on keys. */
-static std::string encodeKeyName(const std::string& keyName) {
+std::string encodeKeyName(const std::string& keyName) {
std::string encodedName;
encodedName.reserve(keyName.size() * 2);
auto in = keyName.begin();
while (in != keyName.end()) {
+ // Input character needs to be encoded.
if (*in < '0' || *in > '~') {
+ // Encode the two most-significant bits of the input char in the first
+ // output character, by counting up from 43 ('+').
encodedName.append(1, '+' + (uint8_t(*in) >> 6));
+ // Encode the six least-significant bits of the input char in the second
+ // output character, by counting up from 48 ('0').
+ // This is safe because the maximum value is 112, which is the
+ // character 'p'.
encodedName.append(1, '0' + (*in & 0x3F));
} else {
+ // No need to encode input char - append as-is.
encodedName.append(1, *in);
}
++in;
@@ -575,7 +583,7 @@
return encodedName;
}
-static std::string decodeKeyName(const std::string& encodedName) {
+std::string decodeKeyName(const std::string& encodedName) {
std::string decodedName;
decodedName.reserve(encodedName.size());
auto in = encodedName.begin();
@@ -583,12 +591,19 @@
char c;
while (in != encodedName.end()) {
if (multichar) {
+ // Second part of a multi-character encoding. Turn off the multichar
+ // flag and set the six least-significant bits of c to the value originally
+ // encoded by counting up from '0'.
multichar = false;
- decodedName.append(1, c | *in);
+ decodedName.append(1, c | (uint8_t(*in) - '0'));
} else if (*in >= '+' && *in <= '.') {
+ // First part of a multi-character encoding. Set the multichar flag
+ // and set the two most-significant bits of c to be the two bits originally
+ // encoded by counting up from '+'.
multichar = true;
c = (*in - '+') << 6;
} else {
+ // Regular character, append as-is.
decodedName.append(1, *in);
}
++in;
diff --git a/keystore/blob.h b/keystore/blob.h
index a7f9fd0..92e4514 100644
--- a/keystore/blob.h
+++ b/keystore/blob.h
@@ -272,4 +272,8 @@
inline const KeyBlobEntry* operator->() const { return entry_; }
};
+// Visible for testing
+std::string encodeKeyName(const std::string& keyName);
+std::string decodeKeyName(const std::string& encodedName);
+
#endif // KEYSTORE_BLOB_H_
diff --git a/keystore/include/keystore/KeystoreResponse.h b/keystore/include/keystore/KeystoreResponse.h
index f892585..5ad260d 100644
--- a/keystore/include/keystore/KeystoreResponse.h
+++ b/keystore/include/keystore/KeystoreResponse.h
@@ -35,7 +35,7 @@
explicit KeystoreResponse(const int response_code)
: response_code_(response_code), error_msg_() {}
KeystoreResponse(const ::keystore::KeyStoreServiceReturnCode& rc)
- : response_code_(int32_t(rc)), error_msg_() {}
+ : response_code_(rc.getErrorCode()), error_msg_() {}
KeystoreResponse(const KeystoreResponse& other)
: response_code_(other.response_code_), error_msg_() {
if (other.error_msg_) {
diff --git a/keystore/include/keystore/keystore_return_types.h b/keystore/include/keystore/keystore_return_types.h
index fa4a224..e091447 100644
--- a/keystore/include/keystore/keystore_return_types.h
+++ b/keystore/include/keystore/keystore_return_types.h
@@ -64,7 +64,7 @@
errorCode_ == static_cast<int32_t>(ErrorCode::OK);
}
- inline operator int32_t() const {
+ inline int32_t getErrorCode() const {
if (!errorCode_) return static_cast<int32_t>(ResponseCode::NO_ERROR /* 1 */);
return errorCode_;
}
@@ -99,7 +99,7 @@
}
inline std::ostream& operator<<(std::ostream& out, const KeyStoreServiceReturnCode& error) {
- return out << int32_t(error);
+ return out << error.getErrorCode();
}
/**
@@ -137,7 +137,7 @@
return errorCode_ == static_cast<int32_t>(ResponseCode::NO_ERROR) ||
errorCode_ == static_cast<int32_t>(ErrorCode::OK);
}
- inline operator int32_t() const {
+ inline int32_t getErrorCode() const {
if (errorCode_ == static_cast<int32_t>(ResponseCode::NO_ERROR) /* 1 */) {
return static_cast<int32_t>(ErrorCode::OK) /* 0 */;
}
@@ -175,13 +175,13 @@
inline KeyStoreNativeReturnCode::KeyStoreNativeReturnCode(
const KeyStoreServiceReturnCode& errorCode)
- : errorCode_(int32_t(errorCode)) {}
+ : errorCode_(errorCode.getErrorCode()) {}
inline KeyStoreServiceReturnCode::KeyStoreServiceReturnCode(
const KeyStoreNativeReturnCode& errorCode)
- : errorCode_(int32_t(errorCode)) {}
+ : errorCode_(errorCode.getErrorCode()) {}
inline std::ostream& operator<<(std::ostream& out, const KeyStoreNativeReturnCode& error) {
- return out << int32_t(error);
+ return out << error.getErrorCode();
}
} // namespace keystore
diff --git a/keystore/key_store_service.cpp b/keystore/key_store_service.cpp
index 35530e1..2f17848 100644
--- a/keystore/key_store_service.cpp
+++ b/keystore/key_store_service.cpp
@@ -83,8 +83,7 @@
[&](const KeyParameter& param) { return param.tag == tag; });
}
-#define AIDL_RETURN(rc) \
- (*_aidl_return = static_cast<int32_t>(KeyStoreServiceReturnCode(rc)), Status::ok())
+#define AIDL_RETURN(rc) (*_aidl_return = KeyStoreServiceReturnCode(rc).getErrorCode(), Status::ok())
std::pair<KeyStoreServiceReturnCode, bool> hadFactoryResetSinceIdRotation() {
struct stat sbuf;
@@ -190,7 +189,7 @@
KeyStoreServiceReturnCode result =
checkBinderPermissionAndKeystoreState(P_INSERT, targetUid, flags & KEYSTORE_FLAG_ENCRYPTED);
if (!result.isOk()) {
- *aidl_return = static_cast<int32_t>(result);
+ *aidl_return = result.getErrorCode();
return Status::ok();
}
@@ -524,7 +523,7 @@
KeyStoreServiceReturnCode result =
checkBinderPermissionAndKeystoreState(P_GRANT, /*targetUid=*/-1, /*checkUnlocked=*/false);
if (!result.isOk()) {
- *aidl_return = static_cast<int32_t>(result);
+ *aidl_return = result.getErrorCode();
return Status::ok();
}
@@ -953,14 +952,14 @@
return Status::ok();
}
if (authTokenAsVector.size() != sizeof(hw_auth_token_t)) {
- *aidl_return = static_cast<int32_t>(KeyStoreServiceReturnCode(ErrorCode::INVALID_ARGUMENT));
+ *aidl_return = KeyStoreServiceReturnCode(ErrorCode::INVALID_ARGUMENT).getErrorCode();
return Status::ok();
}
hw_auth_token_t authToken;
memcpy(reinterpret_cast<void*>(&authToken), authTokenAsVector.data(), sizeof(hw_auth_token_t));
if (authToken.version != 0) {
- *aidl_return = static_cast<int32_t>(KeyStoreServiceReturnCode(ErrorCode::INVALID_ARGUMENT));
+ *aidl_return = KeyStoreServiceReturnCode(ErrorCode::INVALID_ARGUMENT).getErrorCode();
return Status::ok();
}
@@ -1176,7 +1175,7 @@
std::tie(rc, wrappingKeyBlob, wrappingCharBlob, wrappingLockedEntry) =
mKeyStore->getKeyForName(wrappingKeyName8, callingUid, TYPE_KEYMASTER_10);
- if (!rc) {
+ if (!rc.isOk()) {
return AIDL_RETURN(rc);
}
diff --git a/keystore/keymaster_worker.cpp b/keystore/keymaster_worker.cpp
index 2f2d8f5..c7d2671 100644
--- a/keystore/keymaster_worker.cpp
+++ b/keystore/keymaster_worker.cpp
@@ -108,7 +108,7 @@
error = keyStore_->del(lockedEntry);
if (!error.isOk()) {
- ALOGI("upgradeKeyBlob keystore->del failed %d", (int)error);
+ ALOGI("upgradeKeyBlob keystore->del failed %d", error.getErrorCode());
return;
}
@@ -121,7 +121,7 @@
error = keyStore_->put(lockedEntry, newBlob, charBlob);
if (!error.isOk()) {
- ALOGI("upgradeKeyBlob keystore->put failed %d", (int)error);
+ ALOGI("upgradeKeyBlob keystore->put failed %d", error.getErrorCode());
return;
}
blob = std::move(newBlob);
@@ -316,7 +316,7 @@
// one operation has been removed.
auto rc = abort(oldest);
if (operationMap_.getOperationCount() >= op_count_before_abort) {
- ALOGE("Failed to abort pruneable operation %p, error: %d", oldest.get(), int32_t(rc));
+ ALOGE("Failed to abort pruneable operation %p, error: %d", oldest.get(), rc.getErrorCode());
return false;
}
return true;
diff --git a/keystore/keystore_aidl_hidl_marshalling_utils.cpp b/keystore/keystore_aidl_hidl_marshalling_utils.cpp
index cdeaf32..49e18f0 100644
--- a/keystore/keystore_aidl_hidl_marshalling_utils.cpp
+++ b/keystore/keystore_aidl_hidl_marshalling_utils.cpp
@@ -219,7 +219,7 @@
}
status_t ExportResult::writeToParcel(Parcel* out) const {
- out->writeInt32(resultCode);
+ out->writeInt32(resultCode.getErrorCode());
return keystore::writeKeymasterBlob(exportData, out);
}
diff --git a/keystore/keystore_cli_v2.cpp b/keystore/keystore_cli_v2.cpp
index 777db33..0500da2 100644
--- a/keystore/keystore_cli_v2.cpp
+++ b/keystore/keystore_cli_v2.cpp
@@ -283,7 +283,7 @@
int AddEntropy(const std::string& input, int32_t flags) {
std::unique_ptr<KeystoreClient> keystore = CreateKeystoreInstance();
- int32_t result = keystore->addRandomNumberGeneratorEntropy(input, flags);
+ int32_t result = keystore->addRandomNumberGeneratorEntropy(input, flags).getErrorCode();
printf("AddEntropy: %d\n", result);
return result;
}
@@ -310,12 +310,12 @@
AuthorizationSet software_enforced_characteristics;
auto result = keystore->generateKey(name, params, flags, &hardware_enforced_characteristics,
&software_enforced_characteristics);
- printf("GenerateKey: %d\n", int32_t(result));
+ printf("GenerateKey: %d\n", result.getErrorCode());
if (result.isOk()) {
PrintKeyCharacteristics(hardware_enforced_characteristics,
software_enforced_characteristics);
}
- return result;
+ return result.getErrorCode();
}
int GetCharacteristics(const std::string& name) {
@@ -324,32 +324,32 @@
AuthorizationSet software_enforced_characteristics;
auto result = keystore->getKeyCharacteristics(name, &hardware_enforced_characteristics,
&software_enforced_characteristics);
- printf("GetCharacteristics: %d\n", int32_t(result));
+ printf("GetCharacteristics: %d\n", result.getErrorCode());
if (result.isOk()) {
PrintKeyCharacteristics(hardware_enforced_characteristics,
software_enforced_characteristics);
}
- return result;
+ return result.getErrorCode();
}
int ExportKey(const std::string& name) {
std::unique_ptr<KeystoreClient> keystore = CreateKeystoreInstance();
std::string data;
- int32_t result = keystore->exportKey(KeyFormat::X509, name, &data);
+ int32_t result = keystore->exportKey(KeyFormat::X509, name, &data).getErrorCode();
printf("ExportKey: %d (%zu)\n", result, data.size());
return result;
}
int DeleteKey(const std::string& name) {
std::unique_ptr<KeystoreClient> keystore = CreateKeystoreInstance();
- int32_t result = keystore->deleteKey(name);
+ int32_t result = keystore->deleteKey(name).getErrorCode();
printf("DeleteKey: %d\n", result);
return result;
}
int DeleteAllKeys() {
std::unique_ptr<KeystoreClient> keystore = CreateKeystoreInstance();
- int32_t result = keystore->deleteAllKeys();
+ int32_t result = keystore->deleteAllKeys().getErrorCode();
printf("DeleteAllKeys: %d\n", result);
return result;
}
@@ -413,8 +413,8 @@
auto result =
keystore->beginOperation(KeyPurpose::SIGN, name, sign_params, &output_params, &handle);
if (!result.isOk()) {
- printf("Sign: BeginOperation failed: %d\n", int32_t(result));
- return result;
+ printf("Sign: BeginOperation failed: %d\n", result.getErrorCode());
+ return result.getErrorCode();
}
AuthorizationSet empty_params;
size_t num_input_bytes_consumed;
@@ -422,14 +422,14 @@
result = keystore->updateOperation(handle, empty_params, "data_to_sign",
&num_input_bytes_consumed, &output_params, &output_data);
if (!result.isOk()) {
- printf("Sign: UpdateOperation failed: %d\n", int32_t(result));
- return result;
+ printf("Sign: UpdateOperation failed: %d\n", result.getErrorCode());
+ return result.getErrorCode();
}
result = keystore->finishOperation(handle, empty_params, std::string() /*signature_to_verify*/,
&output_params, &output_data);
if (!result.isOk()) {
- printf("Sign: FinishOperation failed: %d\n", int32_t(result));
- return result;
+ printf("Sign: FinishOperation failed: %d\n", result.getErrorCode());
+ return result.getErrorCode();
}
printf("Sign: %zu bytes.\n", output_data.size());
// We have a signature, now verify it.
@@ -438,24 +438,24 @@
result =
keystore->beginOperation(KeyPurpose::VERIFY, name, sign_params, &output_params, &handle);
if (!result.isOk()) {
- printf("Verify: BeginOperation failed: %d\n", int32_t(result));
- return result;
+ printf("Verify: BeginOperation failed: %d\n", result.getErrorCode());
+ return result.getErrorCode();
}
result = keystore->updateOperation(handle, empty_params, "data_to_sign",
&num_input_bytes_consumed, &output_params, &output_data);
if (!result.isOk()) {
- printf("Verify: UpdateOperation failed: %d\n", int32_t(result));
- return result;
+ printf("Verify: UpdateOperation failed: %d\n", result.getErrorCode());
+ return result.getErrorCode();
}
result = keystore->finishOperation(handle, empty_params, signature_to_verify, &output_params,
&output_data);
if (result == ErrorCode::VERIFICATION_FAILED) {
printf("Verify: Failed to verify signature.\n");
- return result;
+ return result.getErrorCode();
}
if (!result.isOk()) {
- printf("Verify: FinishOperation failed: %d\n", int32_t(result));
- return result;
+ printf("Verify: FinishOperation failed: %d\n", result.getErrorCode());
+ return result.getErrorCode();
}
printf("Verify: OK\n");
return 0;
diff --git a/keystore/keystore_client_impl.cpp b/keystore/keystore_client_impl.cpp
index 6fe0f31..b9a142e 100644
--- a/keystore/keystore_client_impl.cpp
+++ b/keystore/keystore_client_impl.cpp
@@ -161,7 +161,7 @@
uint64_t handle;
auto result = beginOperation(purpose, key_name, input_parameters, output_parameters, &handle);
if (!result.isOk()) {
- ALOGE("BeginOperation failed: %d", int32_t(result));
+ ALOGE("BeginOperation failed: %d", result.getErrorCode());
return false;
}
AuthorizationSet empty_params;
@@ -170,13 +170,13 @@
result = updateOperation(handle, empty_params, input_data, &num_input_bytes_consumed,
&ignored_params, output_data);
if (!result.isOk()) {
- ALOGE("UpdateOperation failed: %d", int32_t(result));
+ ALOGE("UpdateOperation failed: %d", result.getErrorCode());
return false;
}
result =
finishOperation(handle, empty_params, signature_to_verify, &ignored_params, output_data);
if (!result.isOk()) {
- ALOGE("FinishOperation failed: %d", int32_t(result));
+ ALOGE("FinishOperation failed: %d", result.getErrorCode());
return false;
}
return true;
@@ -467,7 +467,7 @@
if (!verified) {
auto result = deleteKey(key_name);
if (!result.isOk()) {
- ALOGE("Failed to delete invalid encryption key: %d", int32_t(result));
+ ALOGE("Failed to delete invalid encryption key: %d", result.getErrorCode());
return false;
}
key_exists = false;
@@ -485,7 +485,7 @@
generateKey(key_name, key_parameters, flags, &hardware_enforced_characteristics,
&software_enforced_characteristics);
if (!result.isOk()) {
- ALOGE("Failed to generate encryption key: %d", int32_t(result));
+ ALOGE("Failed to generate encryption key: %d", result.getErrorCode());
return false;
}
if (hardware_enforced_characteristics.size() == 0) {
@@ -506,7 +506,7 @@
if (!verified) {
auto result = deleteKey(key_name);
if (!result.isOk()) {
- ALOGE("Failed to delete invalid authentication key: %d", int32_t(result));
+ ALOGE("Failed to delete invalid authentication key: %d", result.getErrorCode());
return false;
}
key_exists = false;
@@ -524,7 +524,7 @@
generateKey(key_name, key_parameters, flags, &hardware_enforced_characteristics,
&software_enforced_characteristics);
if (!result.isOk()) {
- ALOGE("Failed to generate authentication key: %d", int32_t(result));
+ ALOGE("Failed to generate authentication key: %d", result.getErrorCode());
return false;
}
if (hardware_enforced_characteristics.size() == 0) {
@@ -541,7 +541,7 @@
auto result = getKeyCharacteristics(key_name, &hardware_enforced_characteristics,
&software_enforced_characteristics);
if (!result.isOk()) {
- ALOGE("Failed to query encryption key: %d", int32_t(result));
+ ALOGE("Failed to query encryption key: %d", result.getErrorCode());
return false;
}
*verified = true;
@@ -582,7 +582,7 @@
auto result = getKeyCharacteristics(key_name, &hardware_enforced_characteristics,
&software_enforced_characteristics);
if (!result.isOk()) {
- ALOGE("Failed to query authentication key: %d", int32_t(result));
+ ALOGE("Failed to query authentication key: %d", result.getErrorCode());
return false;
}
*verified = true;
diff --git a/keystore/tests/Android.bp b/keystore/tests/Android.bp
index 103fa0e..1ce1210 100644
--- a/keystore/tests/Android.bp
+++ b/keystore/tests/Android.bp
@@ -11,6 +11,7 @@
"aaid_truncation_test.cpp",
"auth_token_table_test.cpp",
"auth_token_formatting_test.cpp",
+ "blob_test.cpp",
"confirmationui_rate_limiting_test.cpp",
"gtest_main.cpp",
],
diff --git a/keystore/tests/blob_test.cpp b/keystore/tests/blob_test.cpp
new file mode 100644
index 0000000..485bd88
--- /dev/null
+++ b/keystore/tests/blob_test.cpp
@@ -0,0 +1,42 @@
+/*
+ * Copyright (C) 2018 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <gtest/gtest.h>
+
+#include <string>
+#include <utils/String16.h>
+
+#include "../blob.h"
+
+namespace keystore {
+
+namespace test {
+
+namespace {
+
+constexpr const char* kNameToEncode = "some key name !\\ %#|\"";
+
+} // namespace
+
+TEST(BlobTest, nameEncodingAndDecodingTest) {
+ std::string toEncode(kNameToEncode);
+ std::string decoded(decodeKeyName(encodeKeyName(toEncode)));
+
+ ASSERT_EQ(toEncode, decoded);
+}
+
+} // namespace test
+} // namespace keystore