Don't check authorizations for pubkey operations.
Bug: 21877150
Change-Id: I43dafb66fc3246f4d8e3bf4743fbdcbe072468d1
diff --git a/keystore/operation.cpp b/keystore/operation.cpp
index 74d65f6..087beff 100644
--- a/keystore/operation.cpp
+++ b/keystore/operation.cpp
@@ -25,12 +25,13 @@
}
sp<IBinder> OperationMap::addOperation(keymaster_operation_handle_t handle,
+ keymaster_purpose_t purpose,
const keymaster1_device_t* dev,
sp<IBinder> appToken,
keymaster_key_characteristics_t* characteristics,
bool pruneable) {
sp<IBinder> token = new BBinder();
- mMap[token] = std::move(Operation(handle, dev, characteristics, appToken));
+ mMap[token] = std::move(Operation(handle, purpose, dev, characteristics, appToken));
if (pruneable) {
mLru.push_back(token);
}
@@ -42,6 +43,7 @@
}
bool OperationMap::getOperation(sp<IBinder> token, keymaster_operation_handle_t* outHandle,
+ keymaster_purpose_t* outPurpose,
const keymaster1_device_t** outDevice,
const keymaster_key_characteristics_t** outCharacteristics) {
if (!outHandle || !outDevice) {
@@ -54,6 +56,7 @@
updateLru(token);
*outHandle = entry->second.handle;
+ *outPurpose = entry->second.purpose;
*outDevice = entry->second.device;
if (outCharacteristics) {
*outCharacteristics = entry->second.characteristics.get();
@@ -139,10 +142,12 @@
}
OperationMap::Operation::Operation(keymaster_operation_handle_t handle_,
+ keymaster_purpose_t purpose_,
const keymaster1_device_t* device_,
keymaster_key_characteristics_t* characteristics_,
sp<IBinder> appToken_)
: handle(handle_),
+ purpose(purpose_),
device(device_),
characteristics(characteristics_),
appToken(appToken_) {