diff options
| author | Shawn Willden <swillden@google.com> | 2015-07-27 16:58:30 -0600 |
|---|---|---|
| committer | Shawn Willden <swillden@google.com> | 2015-08-13 07:49:10 -0600 |
| commit | d599b15c0693950bdc72fb867872044fdc484ef5 (patch) | |
| tree | 2bf64c790c2272d1ef6a7f7af95b0117d21b5577 /asymmetric_key.cpp | |
| parent | c0a63805e4f21e46cc533ec0938306ca997c9a2d (diff) | |
| download | android_system_keymaster-d599b15c0693950bdc72fb867872044fdc484ef5.tar.gz android_system_keymaster-d599b15c0693950bdc72fb867872044fdc484ef5.tar.bz2 android_system_keymaster-d599b15c0693950bdc72fb867872044fdc484ef5.zip | |
Do digesting, and sometimes padding, in SW when HW doesnt.
The keymaster1 specification only requires HW modules to implement
SHA256 out of the list of keymaster1 digest modes. That would force
many keys to be software only, and would break legacy scenarios. This
change uses SoftKeymasterDevice to front keymaster modules that don't
implement the full suite of digests, quietly inserting KM_DIGEST_NONE
and KM_PAD_NONE into key generation/import requests when necessary, then
performing the digesting, and sometimes padding, in software, then
delegating crypto operations to the hardware.
This is only done for RSA and EC keys. Software digesting isn't
possible for HMAC or AES-GCM keys.
Note that this is not the complete fix for the bug. Some changes in
keystore are also required, coming in another CL.
Bug: 22529223
Change-Id: I740572eb11341fb0659085309da01d5cbcd3854d
Diffstat (limited to 'asymmetric_key.cpp')
| -rw-r--r-- | asymmetric_key.cpp | 22 |
1 files changed, 0 insertions, 22 deletions
diff --git a/asymmetric_key.cpp b/asymmetric_key.cpp index 74751f7..2ead3c5 100644 --- a/asymmetric_key.cpp +++ b/asymmetric_key.cpp @@ -25,28 +25,6 @@ namespace keymaster { -keymaster_error_t AsymmetricKey::key_material(UniquePtr<uint8_t[]>* material, size_t* size) const { - if (material == NULL || size == NULL) - return KM_ERROR_OUTPUT_PARAMETER_NULL; - - UniquePtr<EVP_PKEY, EVP_PKEY_Delete> pkey(EVP_PKEY_new()); - if (pkey.get() == NULL) - return KM_ERROR_MEMORY_ALLOCATION_FAILED; - - if (!InternalToEvp(pkey.get())) - return TranslateLastOpenSslError(); - - *size = i2d_PrivateKey(pkey.get(), NULL /* key_data*/); - if (*size <= 0) - return TranslateLastOpenSslError(); - - material->reset(new (std::nothrow) uint8_t[*size]); - uint8_t* tmp = material->get(); - i2d_PrivateKey(pkey.get(), &tmp); - - return KM_ERROR_OK; -} - keymaster_error_t AsymmetricKey::formatted_key_material(keymaster_key_format_t format, UniquePtr<uint8_t[]>* material, size_t* size) const { |