Revert "Revert "Add attestation support to AndroidKeymaster.""

This reverts commit 8fb3fc2f4cb54c046a1d22a1dad6deeef23268ac. Change-Id: I94a709f4576e3d3152e7a665e4ed106f67760846
author: Shawn Willden <swillden@google.com> 2016-01-28 12:13:18 -0700
committer: Shawn Willden <swillden@google.com> 2016-01-28 16:08:43 -0700
commit: 8b7b73c207a578d01c14f52176c3cee4d60f3705 (patch)
tree: 0848f6fdacde240790f3246ad3e7a865037735a6
parent: aa58329b5bc3b30c6a01221b2a89808ebf347650 (diff)
download: keymaster-8b7b73c207a578d01c14f52176c3cee4d60f3705.tar.gz
2 files changed, 19 insertions, 1 deletions
diff --git a/android_keymaster.cpp b/android_keymaster.cpp
index f60d6ee..c2ff8e6 100644
--- a/android_keymaster.cpp
+++ b/android_keymaster.cpp
@@ -364,6 +364,23 @@ void AndroidKeymaster::ExportKey(const ExportKeyRequest& request, ExportKeyRespo
     }
 }
 
+void AndroidKeymaster::AttestKey(const AttestKeyRequest& request, AttestKeyResponse* response) {
+    if (!response)
+        return;
+
+    AuthorizationSet tee_enforced;
+    AuthorizationSet sw_enforced;
+    const KeyFactory* key_factory;
+    UniquePtr<Key> key;
+    response->error = LoadKey(request.key_blob, request.attest_params, &tee_enforced, &sw_enforced,
+                              &key_factory, &key);
+    if (response->error != KM_ERROR_OK)
+        return;
+
+    response->error = key->GenerateAttestation(*context_, request.attest_params, tee_enforced,
+                                               sw_enforced, &response->certificate_chain);
+}
+
 void AndroidKeymaster::ImportKey(const ImportKeyRequest& request, ImportKeyResponse* response) {
     if (response == NULL)
         return;
diff --git a/include/keymaster/android_keymaster.h b/include/keymaster/android_keymaster.h
index 24954d9..c7ecfad 100644
--- a/include/keymaster/android_keymaster.h
+++ b/include/keymaster/android_keymaster.h
@@ -50,6 +50,7 @@ class AndroidKeymaster {
     AndroidKeymaster(KeymasterContext* context, size_t operation_table_size);
     virtual ~AndroidKeymaster();
 
+    void GetVersion(const GetVersionRequest& request, GetVersionResponse* response);
     void SupportedAlgorithms(const SupportedAlgorithmsRequest& request,
                              SupportedAlgorithmsResponse* response);
     void SupportedBlockModes(const SupportedBlockModesRequest& request,
@@ -69,13 +70,13 @@ class AndroidKeymaster {
                                GetKeyCharacteristicsResponse* response);
     void ImportKey(const ImportKeyRequest& request, ImportKeyResponse* response);
     void ExportKey(const ExportKeyRequest& request, ExportKeyResponse* response);
+    void AttestKey(const AttestKeyRequest& request, AttestKeyResponse* response);
     void DeleteKey(const DeleteKeyRequest& request, DeleteKeyResponse* response);
     void DeleteAllKeys(const DeleteAllKeysRequest& request, DeleteAllKeysResponse* response);
     void BeginOperation(const BeginOperationRequest& request, BeginOperationResponse* response);
     void UpdateOperation(const UpdateOperationRequest& request, UpdateOperationResponse* response);
     void FinishOperation(const FinishOperationRequest& request, FinishOperationResponse* response);
     void AbortOperation(const AbortOperationRequest& request, AbortOperationResponse* response);
-    void GetVersion(const GetVersionRequest& request, GetVersionResponse* response);
 
     bool has_operation(keymaster_operation_handle_t op_handle) const;
author	Shawn Willden <swillden@google.com>	2016-01-28 12:13:18 -0700
committer	Shawn Willden <swillden@google.com>	2016-01-28 16:08:43 -0700
commit	8b7b73c207a578d01c14f52176c3cee4d60f3705 (patch)
tree	0848f6fdacde240790f3246ad3e7a865037735a6
parent	aa58329b5bc3b30c6a01221b2a89808ebf347650 (diff)
download	keymaster-8b7b73c207a578d01c14f52176c3cee4d60f3705.tar.gz