diff options
| author | Matthew Maurer <mmaurer@google.com> | 2019-04-24 10:53:17 -0700 |
|---|---|---|
| committer | chrmhoffmann <chrmhoffmann@gmail.com> | 2019-12-07 19:06:55 +0100 |
| commit | 4630f341d0c65f7803b7feab5db1a830a8e61963 (patch) | |
| tree | 6b92421bb92d3f3090acf51436f90d56f02f312f | |
| parent | cd1a0026cb360446a50b0f49373f19a154e02973 (diff) | |
| download | android_system_keymaster-lineage-17.0.tar.gz android_system_keymaster-lineage-17.0.tar.bz2 android_system_keymaster-lineage-17.0.zip | |
Don't check token for NO_AUTH_REQUIREDlineage-17.0
IF NO_AUTH_REQUIRED or AUTH_TIMEOUT is specified, we don't need to check
the auth token. We began checking the auth token even in those cases
when the TRUSTED_CONFIRMATION_REQUIRED tag was introduced because the
TRUSTED_CONFIRMATION_REQUIRED tag must still be checked in those cases.
Bug: 129569848
Change-Id: I7b1fe55527f344759480330c2bb6f0a75ef15cfc
| -rw-r--r-- | android_keymaster/keymaster_enforcement.cpp | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/android_keymaster/keymaster_enforcement.cpp b/android_keymaster/keymaster_enforcement.cpp index bc42511..dc533a0 100644 --- a/android_keymaster/keymaster_enforcement.cpp +++ b/android_keymaster/keymaster_enforcement.cpp @@ -148,6 +148,7 @@ KeymasterEnforcement::AuthorizeUpdateOrFinish(const AuthProxy& auth_set, keymaster_operation_handle_t op_handle) { int auth_type_index = -1; int trusted_confirmation_index = -1; + bool no_auth_required = false; for (size_t pos = 0; pos < auth_set.size(); ++pos) { switch (auth_set[pos].tag) { case KM_TAG_USER_AUTH_TYPE: @@ -159,7 +160,9 @@ KeymasterEnforcement::AuthorizeUpdateOrFinish(const AuthProxy& auth_set, break; case KM_TAG_NO_AUTH_REQUIRED: case KM_TAG_AUTH_TIMEOUT: - // If no auth is required or if auth is timeout-based, we have nothing to check. + // If no auth is required or if auth is timeout-based, we have nothing to check. + no_auth_required = true; + break; default: break; } @@ -171,6 +174,11 @@ KeymasterEnforcement::AuthorizeUpdateOrFinish(const AuthProxy& auth_set, return KM_ERROR_NO_USER_CONFIRMATION; } + // If NO_AUTH_REQUIRED or AUTH_TIMEOUT was set, we need not check an auth token. + if (no_auth_required) { + return KM_ERROR_OK; + } + // Note that at this point we should be able to assume that authentication is required, because // authentication is required if KM_TAG_NO_AUTH_REQUIRED is absent. However, there are legacy // keys which have no authentication-related tags, so we assume that absence is equivalent to |