Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_security / ad6514ab7a57504aa3b04bcc383f60940b923710^! / . / keystore / operation.cpp
commitad6514ab7a57504aa3b04bcc383f60940b923710[log] [tgz]
authorChad Brubaker <cbrubaker@google.com>Thu Apr 09 14:00:26 2015 -0700
committerChad Brubaker <cbrubaker@google.com>Thu Apr 09 14:00:26 2015 -0700
tree3d0e2d9363705459fe32e7595a55feac0aa09053
parentc1e78258bb0b5ea1f761f21c3f5e7305aa4cc8ea [diff] [blame]
Store the key characteristics for operations

Instead of storing the key blob and parsing the characteristics out,
which some implementations might not support, instead call get
characteristics on begin and store that result for subsequent auth
calls.

Change-Id: I75e39ee28cc440e4ed411b2daaa2744085e1aa12

diff --git a/keystore/operation.cpp b/keystore/operation.cpp
index 2fde0da..e871f83 100644
--- a/keystore/operation.cpp
+++ b/keystore/operation.cpp

@@ -27,9 +27,10 @@
 sp<IBinder> OperationMap::addOperation(keymaster_operation_handle_t handle,
                                        const keymaster1_device_t* dev,
                                        sp<IBinder> appToken,
-                                       const keymaster_key_blob_t& key, bool pruneable) {
+                                       keymaster_key_characteristics_t* characteristics,
+                                       bool pruneable) {
     sp<IBinder> token = new BBinder();
-    mMap[token] = Operation(handle, dev, key, appToken);
+    mMap[token] = std::move(Operation(handle, dev, characteristics, appToken));
     if (pruneable) {
         mLru.push_back(token);
     }
@@ -42,7 +43,7 @@
 
 bool OperationMap::getOperation(sp<IBinder> token, keymaster_operation_handle_t* outHandle,
                                 const keymaster1_device_t** outDevice,
-                                keymaster_key_blob_t* key) {
+                                const keymaster_key_characteristics_t** outCharacteristics) {
     if (!outHandle || !outDevice) {
         return false;
     }
@@ -54,12 +55,8 @@
 
     *outHandle = entry->second.handle;
     *outDevice = entry->second.device;
-    if (key) {
-        key->key_material_size = entry->second.key.key_material_size;
-        uint8_t* material = new uint8_t[key->key_material_size];
-        memcpy(reinterpret_cast<void*>(material), entry->second.key.key_material,
-               key->key_material_size);
-        key->key_material = material;
+    if (outCharacteristics) {
+        *outCharacteristics = entry->second.characteristics.get();
     }
     return true;
 }
@@ -78,7 +75,6 @@
         return false;
     }
     sp<IBinder> appToken = entry->second.appToken;
-    delete[] entry->second.key.key_material;
     mMap.erase(entry);
     auto lruEntry = std::find(mLru.begin(), mLru.end(), token);
     if (lruEntry != mLru.end()) {
@@ -125,19 +121,14 @@
 
 OperationMap::Operation::Operation(keymaster_operation_handle_t handle_,
                                    const keymaster1_device_t* device_,
-                                   const keymaster_key_blob_t& key_,
+                                   keymaster_key_characteristics_t* characteristics_,
                                    sp<IBinder> appToken_)
     : handle(handle_),
       device(device_),
+      characteristics(characteristics_),
       appToken(appToken_) {
-          uint8_t* material = new uint8_t[key_.key_material_size];
-          memcpy(material, key_.key_material, key_.key_material_size);
-          key.key_material = material;
-          key.key_material_size = key_.key_material_size;
 }
 
-OperationMap::Operation::Operation() : handle(0), device(NULL), appToken(NULL) {
-    key.key_material = NULL;
-    key.key_material_size = 0;
+OperationMap::Operation::Operation() : handle(0), device(NULL), characteristics(), appToken(NULL) {
 }
 } // namespace android