Push padding and digest handling down to specific key types.

AsymmetricKey handled checking for digest and padding, but that doesn't
make sense because not all asymmetric key types need both.  This is in
preparation for adding asymmetric encryption/decryption support.

Change-Id: I7b9a4fc37b6d31ab25c56015c1df7d114affe882

1 files changed, 12 insertions, 2 deletions

diff --git a/rsa_key.cpp b/rsa_key.cpp
index aaab0c2..db50930 100644
--- a/rsa_key.cpp
+++ b/rsa_key.cpp
@@ -127,8 +127,18 @@ RsaKey::RsaKey(const UnencryptedKeyBlob& blob, const Logger& logger, keymaster_e
         *error = LoadKey(blob);
 }
 
-Operation* RsaKey::CreateOperation(keymaster_purpose_t purpose, keymaster_digest_t digest,
-                                   keymaster_padding_t padding, keymaster_error_t* error) {
+Operation* RsaKey::CreateOperation(keymaster_purpose_t purpose, keymaster_error_t* error) {
+    keymaster_digest_t digest = KM_DIGEST_NONE;
+    if (!authorizations().GetTagValue(TAG_DIGEST, &digest) || digest != KM_DIGEST_NONE) {
+        *error = KM_ERROR_UNSUPPORTED_DIGEST;
+        return NULL;
+    }
+    keymaster_padding_t padding = KM_PAD_NONE;
+    if (!authorizations().GetTagValue(TAG_PADDING, &padding) || padding != KM_PAD_NONE) {
+        *error = KM_ERROR_UNSUPPORTED_PADDING_MODE;
+        return NULL;
+    }
+
     Operation* op;
     switch (purpose) {
     case KM_PURPOSE_SIGN: