summaryrefslogtreecommitdiffstats
path: root/trusty
diff options
context:
space:
mode:
authorJocelyn Bohr2017-08-11 20:06:12 -0500
committerJocelyn Bohr2017-08-11 20:08:56 -0500
commit38b9b4994168b255caedf22597dc194a49ee0fc9 (patch)
tree704ac87837d40e4de231129d585c13811878bfcd /trusty
parentf95338f6346b125e6eb84007db09ef7c09b0a3d9 (diff)
downloadplatform-system-core-38b9b4994168b255caedf22597dc194a49ee0fc9.tar.gz
platform-system-core-38b9b4994168b255caedf22597dc194a49ee0fc9.tar.xz
platform-system-core-38b9b4994168b255caedf22597dc194a49ee0fc9.zip
Pass in message_version_ received from the secure side.
Without this there is the possibility of message version mismatch between the secure side and the non-secure side. Bug: 63746689 Test: cts passes Change-Id: I242974eb86dd86ba0f657e7ab3af4ac14c08bb5c
Diffstat (limited to 'trusty')
-rw-r--r--trusty/keymaster/trusty_keymaster_device.cpp36
1 files changed, 18 insertions, 18 deletions
diff --git a/trusty/keymaster/trusty_keymaster_device.cpp b/trusty/keymaster/trusty_keymaster_device.cpp
index cfe94cc6c..de6422efb 100644
--- a/trusty/keymaster/trusty_keymaster_device.cpp
+++ b/trusty/keymaster/trusty_keymaster_device.cpp
@@ -176,14 +176,14 @@ keymaster_error_t TrustyKeymasterDevice::configure(const keymaster_key_param_set
176 } 176 }
177 177
178 AuthorizationSet params_copy(*params); 178 AuthorizationSet params_copy(*params);
179 ConfigureRequest request; 179 ConfigureRequest request(message_version_);
180 if (!params_copy.GetTagValue(TAG_OS_VERSION, &request.os_version) || 180 if (!params_copy.GetTagValue(TAG_OS_VERSION, &request.os_version) ||
181 !params_copy.GetTagValue(TAG_OS_PATCHLEVEL, &request.os_patchlevel)) { 181 !params_copy.GetTagValue(TAG_OS_PATCHLEVEL, &request.os_patchlevel)) {
182 ALOGD("Configuration parameters must contain OS version and patch level"); 182 ALOGD("Configuration parameters must contain OS version and patch level");
183 return KM_ERROR_INVALID_ARGUMENT; 183 return KM_ERROR_INVALID_ARGUMENT;
184 } 184 }
185 185
186 ConfigureResponse response; 186 ConfigureResponse response(message_version_);
187 keymaster_error_t err = Send(KM_CONFIGURE, request, &response); 187 keymaster_error_t err = Send(KM_CONFIGURE, request, &response);
188 if (err != KM_ERROR_OK) { 188 if (err != KM_ERROR_OK) {
189 return err; 189 return err;
@@ -199,9 +199,9 @@ keymaster_error_t TrustyKeymasterDevice::add_rng_entropy(const uint8_t* data, si
199 return error_; 199 return error_;
200 } 200 }
201 201
202 AddEntropyRequest request; 202 AddEntropyRequest request(message_version_);
203 request.random_data.Reinitialize(data, data_length); 203 request.random_data.Reinitialize(data, data_length);
204 AddEntropyResponse response; 204 AddEntropyResponse response(message_version_);
205 return Send(KM_ADD_RNG_ENTROPY, request, &response); 205 return Send(KM_ADD_RNG_ENTROPY, request, &response);
206} 206}
207 207
@@ -260,11 +260,11 @@ keymaster_error_t TrustyKeymasterDevice::get_key_characteristics(
260 return KM_ERROR_OUTPUT_PARAMETER_NULL; 260 return KM_ERROR_OUTPUT_PARAMETER_NULL;
261 } 261 }
262 262
263 GetKeyCharacteristicsRequest request; 263 GetKeyCharacteristicsRequest request(message_version_);
264 request.SetKeyMaterial(*key_blob); 264 request.SetKeyMaterial(*key_blob);
265 AddClientAndAppData(client_id, app_data, &request); 265 AddClientAndAppData(client_id, app_data, &request);
266 266
267 GetKeyCharacteristicsResponse response; 267 GetKeyCharacteristicsResponse response(message_version_);
268 keymaster_error_t err = Send(KM_GET_KEY_CHARACTERISTICS, request, &response); 268 keymaster_error_t err = Send(KM_GET_KEY_CHARACTERISTICS, request, &response);
269 if (err != KM_ERROR_OK) { 269 if (err != KM_ERROR_OK) {
270 return err; 270 return err;
@@ -378,7 +378,7 @@ keymaster_error_t TrustyKeymasterDevice::attest_key(const keymaster_key_blob_t*
378 cert_chain->entry_count = 0; 378 cert_chain->entry_count = 0;
379 cert_chain->entries = nullptr; 379 cert_chain->entries = nullptr;
380 380
381 AttestKeyRequest request; 381 AttestKeyRequest request(message_version_);
382 request.SetKeyMaterial(*key_to_attest); 382 request.SetKeyMaterial(*key_to_attest);
383 request.attest_params.Reinitialize(*attest_params); 383 request.attest_params.Reinitialize(*attest_params);
384 384
@@ -390,7 +390,7 @@ keymaster_error_t TrustyKeymasterDevice::attest_key(const keymaster_key_blob_t*
390 return KM_ERROR_INVALID_INPUT_LENGTH; 390 return KM_ERROR_INVALID_INPUT_LENGTH;
391 } 391 }
392 392
393 AttestKeyResponse response; 393 AttestKeyResponse response(message_version_);
394 keymaster_error_t err = Send(KM_ATTEST_KEY, request, &response); 394 keymaster_error_t err = Send(KM_ATTEST_KEY, request, &response);
395 if (err != KM_ERROR_OK) { 395 if (err != KM_ERROR_OK) {
396 return err; 396 return err;
@@ -438,11 +438,11 @@ keymaster_error_t TrustyKeymasterDevice::upgrade_key(const keymaster_key_blob_t*
438 return KM_ERROR_OUTPUT_PARAMETER_NULL; 438 return KM_ERROR_OUTPUT_PARAMETER_NULL;
439 } 439 }
440 440
441 UpgradeKeyRequest request; 441 UpgradeKeyRequest request(message_version_);
442 request.SetKeyMaterial(*key_to_upgrade); 442 request.SetKeyMaterial(*key_to_upgrade);
443 request.upgrade_params.Reinitialize(*upgrade_params); 443 request.upgrade_params.Reinitialize(*upgrade_params);
444 444
445 UpgradeKeyResponse response; 445 UpgradeKeyResponse response(message_version_);
446 keymaster_error_t err = Send(KM_UPGRADE_KEY, request, &response); 446 keymaster_error_t err = Send(KM_UPGRADE_KEY, request, &response);
447 if (err != KM_ERROR_OK) { 447 if (err != KM_ERROR_OK) {
448 return err; 448 return err;
@@ -479,12 +479,12 @@ keymaster_error_t TrustyKeymasterDevice::begin(keymaster_purpose_t purpose,
479 *out_params = {}; 479 *out_params = {};
480 } 480 }
481 481
482 BeginOperationRequest request; 482 BeginOperationRequest request(message_version_);
483 request.purpose = purpose; 483 request.purpose = purpose;
484 request.SetKeyMaterial(*key); 484 request.SetKeyMaterial(*key);
485 request.additional_params.Reinitialize(*in_params); 485 request.additional_params.Reinitialize(*in_params);
486 486
487 BeginOperationResponse response; 487 BeginOperationResponse response(message_version_);
488 keymaster_error_t err = Send(KM_BEGIN_OPERATION, request, &response); 488 keymaster_error_t err = Send(KM_BEGIN_OPERATION, request, &response);
489 if (err != KM_ERROR_OK) { 489 if (err != KM_ERROR_OK) {
490 return err; 490 return err;
@@ -527,7 +527,7 @@ keymaster_error_t TrustyKeymasterDevice::update(keymaster_operation_handle_t ope
527 *output = {}; 527 *output = {};
528 } 528 }
529 529
530 UpdateOperationRequest request; 530 UpdateOperationRequest request(message_version_);
531 request.op_handle = operation_handle; 531 request.op_handle = operation_handle;
532 if (in_params) { 532 if (in_params) {
533 request.additional_params.Reinitialize(*in_params); 533 request.additional_params.Reinitialize(*in_params);
@@ -537,7 +537,7 @@ keymaster_error_t TrustyKeymasterDevice::update(keymaster_operation_handle_t ope
537 request.input.Reinitialize(input->data, std::min(input->data_length, max_input_size)); 537 request.input.Reinitialize(input->data, std::min(input->data_length, max_input_size));
538 } 538 }
539 539
540 UpdateOperationResponse response; 540 UpdateOperationResponse response(message_version_);
541 keymaster_error_t err = Send(KM_UPDATE_OPERATION, request, &response); 541 keymaster_error_t err = Send(KM_UPDATE_OPERATION, request, &response);
542 if (err != KM_ERROR_OK) { 542 if (err != KM_ERROR_OK) {
543 return err; 543 return err;
@@ -588,7 +588,7 @@ keymaster_error_t TrustyKeymasterDevice::finish(keymaster_operation_handle_t ope
588 *output = {}; 588 *output = {};
589 } 589 }
590 590
591 FinishOperationRequest request; 591 FinishOperationRequest request(message_version_);
592 request.op_handle = operation_handle; 592 request.op_handle = operation_handle;
593 if (signature && signature->data && signature->data_length > 0) { 593 if (signature && signature->data && signature->data_length > 0) {
594 request.signature.Reinitialize(signature->data, signature->data_length); 594 request.signature.Reinitialize(signature->data, signature->data_length);
@@ -600,7 +600,7 @@ keymaster_error_t TrustyKeymasterDevice::finish(keymaster_operation_handle_t ope
600 request.additional_params.Reinitialize(*in_params); 600 request.additional_params.Reinitialize(*in_params);
601 } 601 }
602 602
603 FinishOperationResponse response; 603 FinishOperationResponse response(message_version_);
604 keymaster_error_t err = Send(KM_FINISH_OPERATION, request, &response); 604 keymaster_error_t err = Send(KM_FINISH_OPERATION, request, &response);
605 if (err != KM_ERROR_OK) { 605 if (err != KM_ERROR_OK) {
606 return err; 606 return err;
@@ -633,9 +633,9 @@ keymaster_error_t TrustyKeymasterDevice::abort(keymaster_operation_handle_t oper
633 return error_; 633 return error_;
634 } 634 }
635 635
636 AbortOperationRequest request; 636 AbortOperationRequest request(message_version_);
637 request.op_handle = operation_handle; 637 request.op_handle = operation_handle;
638 AbortOperationResponse response; 638 AbortOperationResponse response(message_version_);
639 return Send(KM_ABORT_OPERATION, request, &response); 639 return Send(KM_ABORT_OPERATION, request, &response);
640} 640}
641 641