diff options
author | Janis Danisevskis <jdanis@google.com> | 2017-05-15 11:19:44 -0700 |
---|---|---|
committer | Janis Danisevskis <jdanis@google.com> | 2017-10-02 12:30:41 -0700 |
commit | f3dc0b841da2c8938e4a8081ef6c6199ed92c876 (patch) | |
tree | fed9136a7786822600147ee209d947521d17ac06 /include/keymaster | |
parent | 1eaf7bb024a6680b9140772dffa3f01a2265d8a6 (diff) | |
download | android_system_keymaster-f3dc0b841da2c8938e4a8081ef6c6199ed92c876.tar.gz android_system_keymaster-f3dc0b841da2c8938e4a8081ef6c6199ed92c876.tar.bz2 android_system_keymaster-f3dc0b841da2c8938e4a8081ef6c6199ed92c876.zip |
Moved operation handle generation into the begin operation
I moved the generation of a operation handle into the operation
implementation. Random number generation is highly
implementation dependent, and the bookkeeping of operations is
very generic.
An AndroidKeymaster implementation that uses another legacy
keymaster implementation does not need either. But while the
bookkeeping is very lightweight and self contained, the random
number generation pulls in dependencies (here openssl) which
are not needed. Therefore, I decided to move the generation of
operation handles out of the OperationTable (bookkeeping). And
into the begin operation, where dependencies to crypto functionality
already exists.
Edit: This patch now also includes the fix for Bug: 65286954
Previously fixed by CL: I320c5d03911942e873680ba0d7ea91044920e936
Bug: 65286954
Test: VtsHalKeymasterV3_0TargetTest
Bug: 67358942
Change-Id: Idd27915e4f3db816d3257144fb9e1c664920ffba
Diffstat (limited to 'include/keymaster')
-rw-r--r-- | include/keymaster/keymaster_context.h | 3 | ||||
-rw-r--r-- | include/keymaster/km_openssl/openssl_utils.h | 2 | ||||
-rw-r--r-- | include/keymaster/km_openssl/software_random_source.h | 2 | ||||
-rw-r--r-- | include/keymaster/operation.h | 2 | ||||
-rw-r--r-- | include/keymaster/operation_table.h | 22 |
5 files changed, 12 insertions, 19 deletions
diff --git a/include/keymaster/keymaster_context.h b/include/keymaster/keymaster_context.h index 1121d55..c45844e 100644 --- a/include/keymaster/keymaster_context.h +++ b/include/keymaster/keymaster_context.h @@ -21,7 +21,6 @@ #include <hardware/keymaster_defs.h> #include <keymaster/keymaster_enforcement.h> -#include <keymaster/random_source.h> #include <keymaster/android_keymaster_utils.h> namespace keymaster { @@ -62,7 +61,7 @@ class Key; * * More contexts are possible. */ -class KeymasterContext : public virtual RandomSource { +class KeymasterContext { public: KeymasterContext() {} virtual ~KeymasterContext(){}; diff --git a/include/keymaster/km_openssl/openssl_utils.h b/include/keymaster/km_openssl/openssl_utils.h index ee063e4..8586b35 100644 --- a/include/keymaster/km_openssl/openssl_utils.h +++ b/include/keymaster/km_openssl/openssl_utils.h @@ -96,6 +96,8 @@ keymaster_error_t EvpKeyToKeyMaterial(const EVP_PKEY* evp_pkey, KeymasterKeyBlob size_t ec_group_size_bits(EC_KEY* ec_key); +keymaster_error_t GenerateRandom(uint8_t* buf, size_t length); + } // namespace keymaster #endif // SYSTEM_KEYMASTER_OPENSSL_UTILS_H_ diff --git a/include/keymaster/km_openssl/software_random_source.h b/include/keymaster/km_openssl/software_random_source.h index f511e3e..ee472ef 100644 --- a/include/keymaster/km_openssl/software_random_source.h +++ b/include/keymaster/km_openssl/software_random_source.h @@ -22,7 +22,7 @@ namespace keymaster { -class SoftwareRandomSource : public virtual RandomSource { +class SoftwareRandomSource : public RandomSource { public: /** * Generates \p length random bytes, placing them in \p buf. diff --git a/include/keymaster/operation.h b/include/keymaster/operation.h index aadc406..d5488ed 100644 --- a/include/keymaster/operation.h +++ b/include/keymaster/operation.h @@ -94,6 +94,7 @@ class Operation { void set_key_id(uint64_t key_id) { key_id_ = key_id; } uint64_t key_id() const { return key_id_; } + virtual keymaster_operation_handle_t operation_handle() const { return operation_handle_; } void SetAuthorizations(const AuthorizationSet& auths) { key_auths_.Reinitialize(auths.data(), auths.size()); @@ -114,6 +115,7 @@ protected: // Helper function for implementing Finish() methods that need to call Update() to process // input, but don't expect any output. keymaster_error_t UpdateForFinish(const AuthorizationSet& input_params, const Buffer& input); + keymaster_operation_handle_t operation_handle_; private: const keymaster_purpose_t purpose_; diff --git a/include/keymaster/operation_table.h b/include/keymaster/operation_table.h index 643d6ac..f9856bb 100644 --- a/include/keymaster/operation_table.h +++ b/include/keymaster/operation_table.h @@ -28,27 +28,17 @@ class Operation; class OperationTable { public: - explicit OperationTable(size_t table_size, const RandomSource* random_source) : - table_size_(table_size), random_source_(*random_source) {} - - struct Entry { - Entry() { - handle = 0; - operation = NULL; - }; - ~Entry(); - keymaster_operation_handle_t handle; - Operation* operation; - }; - - keymaster_error_t Add(Operation* operation, keymaster_operation_handle_t* op_handle); + explicit OperationTable(size_t table_size) : + table_size_(table_size) {} + ~OperationTable(); + + keymaster_error_t Add(Operation* operation); Operation* Find(keymaster_operation_handle_t op_handle); bool Delete(keymaster_operation_handle_t); private: - UniquePtr<Entry[]> table_; + UniquePtr<Operation*[]> table_; size_t table_size_; - const RandomSource& random_source_; }; } // namespace keymaster |