diff options
author | Jocelyn Bohr <bohr@google.com> | 2017-02-09 17:35:32 -0800 |
---|---|---|
committer | Jocelyn Bohr <bohr@google.com> | 2017-04-10 17:33:49 -0700 |
commit | 22812e9a30e6b8b7c17acb12f2951cf7b05db7a9 (patch) | |
tree | ba0e19e27b7da7d1dc03bd616af248f0e4d42044 /trusty | |
parent | a256198b92f39dd93a20a2599990c087f7dbba73 (diff) | |
download | core-22812e9a30e6b8b7c17acb12f2951cf7b05db7a9.tar.gz core-22812e9a30e6b8b7c17acb12f2951cf7b05db7a9.tar.bz2 core-22812e9a30e6b8b7c17acb12f2951cf7b05db7a9.zip |
trusty: keymaster: Implement upgrade_key
Test: builds
Change-Id: I2ce86be1cd2c2c35ded371b21cb6546c31e0014e
Diffstat (limited to 'trusty')
-rw-r--r-- | trusty/keymaster/keymaster_ipc.h | 1 | ||||
-rw-r--r-- | trusty/keymaster/trusty_keymaster_device.cpp | 28 |
2 files changed, 29 insertions, 0 deletions
diff --git a/trusty/keymaster/keymaster_ipc.h b/trusty/keymaster/keymaster_ipc.h index 6a7378c31..b38eb0592 100644 --- a/trusty/keymaster/keymaster_ipc.h +++ b/trusty/keymaster/keymaster_ipc.h @@ -43,6 +43,7 @@ enum keymaster_command : uint32_t { KM_GET_SUPPORTED_EXPORT_FORMATS = (14 << KEYMASTER_REQ_SHIFT), KM_GET_KEY_CHARACTERISTICS = (15 << KEYMASTER_REQ_SHIFT), KM_ATTEST_KEY = (16 << KEYMASTER_REQ_SHIFT), + KM_UPGRADE_KEY = (17 << KEYMASTER_REQ_SHIFT), KM_CONFIGURE = (18 << KEYMASTER_REQ_SHIFT), }; diff --git a/trusty/keymaster/trusty_keymaster_device.cpp b/trusty/keymaster/trusty_keymaster_device.cpp index 08a1c6ac7..2132ae176 100644 --- a/trusty/keymaster/trusty_keymaster_device.cpp +++ b/trusty/keymaster/trusty_keymaster_device.cpp @@ -426,6 +426,34 @@ keymaster_error_t TrustyKeymasterDevice::upgrade_key(const keymaster_key_blob_t* const keymaster_key_param_set_t* upgrade_params, keymaster_key_blob_t* upgraded_key) { ALOGD("Device received upgrade_key"); + + if (error_ != KM_ERROR_OK) { + return error_; + } + if (!key_to_upgrade || !upgrade_params) { + return KM_ERROR_UNEXPECTED_NULL_POINTER; + } + if (!upgraded_key) { + return KM_ERROR_OUTPUT_PARAMETER_NULL; + } + + UpgradeKeyRequest request; + request.SetKeyMaterial(*key_to_upgrade); + request.upgrade_params.Reinitialize(*upgrade_params); + + UpgradeKeyResponse response; + keymaster_error_t err = Send(KM_UPGRADE_KEY, request, &response); + if (err != KM_ERROR_OK) { + return err; + } + + upgraded_key->key_material_size = response.upgraded_key.key_material_size; + upgraded_key->key_material = DuplicateBuffer(response.upgraded_key.key_material, + response.upgraded_key.key_material_size); + if (!upgraded_key->key_material) { + return KM_ERROR_MEMORY_ALLOCATION_FAILED; + } + return KM_ERROR_OK; } |