diff options
author | Shawn Willden <swillden@google.com> | 2016-01-28 12:13:18 -0700 |
---|---|---|
committer | Shawn Willden <swillden@google.com> | 2016-01-28 16:08:43 -0700 |
commit | 8b7b73c207a578d01c14f52176c3cee4d60f3705 (patch) | |
tree | 0848f6fdacde240790f3246ad3e7a865037735a6 | |
parent | aa58329b5bc3b30c6a01221b2a89808ebf347650 (diff) | |
download | keymaster-8b7b73c207a578d01c14f52176c3cee4d60f3705.tar.gz |
Revert "Revert "Add attestation support to AndroidKeymaster.""
This reverts commit 8fb3fc2f4cb54c046a1d22a1dad6deeef23268ac.
Change-Id: I94a709f4576e3d3152e7a665e4ed106f67760846
-rw-r--r-- | android_keymaster.cpp | 17 | ||||
-rw-r--r-- | include/keymaster/android_keymaster.h | 3 |
2 files changed, 19 insertions, 1 deletions
diff --git a/android_keymaster.cpp b/android_keymaster.cpp index f60d6ee..c2ff8e6 100644 --- a/android_keymaster.cpp +++ b/android_keymaster.cpp @@ -364,6 +364,23 @@ void AndroidKeymaster::ExportKey(const ExportKeyRequest& request, ExportKeyRespo } } +void AndroidKeymaster::AttestKey(const AttestKeyRequest& request, AttestKeyResponse* response) { + if (!response) + return; + + AuthorizationSet tee_enforced; + AuthorizationSet sw_enforced; + const KeyFactory* key_factory; + UniquePtr<Key> key; + response->error = LoadKey(request.key_blob, request.attest_params, &tee_enforced, &sw_enforced, + &key_factory, &key); + if (response->error != KM_ERROR_OK) + return; + + response->error = key->GenerateAttestation(*context_, request.attest_params, tee_enforced, + sw_enforced, &response->certificate_chain); +} + void AndroidKeymaster::ImportKey(const ImportKeyRequest& request, ImportKeyResponse* response) { if (response == NULL) return; diff --git a/include/keymaster/android_keymaster.h b/include/keymaster/android_keymaster.h index 24954d9..c7ecfad 100644 --- a/include/keymaster/android_keymaster.h +++ b/include/keymaster/android_keymaster.h @@ -50,6 +50,7 @@ class AndroidKeymaster { AndroidKeymaster(KeymasterContext* context, size_t operation_table_size); virtual ~AndroidKeymaster(); + void GetVersion(const GetVersionRequest& request, GetVersionResponse* response); void SupportedAlgorithms(const SupportedAlgorithmsRequest& request, SupportedAlgorithmsResponse* response); void SupportedBlockModes(const SupportedBlockModesRequest& request, @@ -69,13 +70,13 @@ class AndroidKeymaster { GetKeyCharacteristicsResponse* response); void ImportKey(const ImportKeyRequest& request, ImportKeyResponse* response); void ExportKey(const ExportKeyRequest& request, ExportKeyResponse* response); + void AttestKey(const AttestKeyRequest& request, AttestKeyResponse* response); void DeleteKey(const DeleteKeyRequest& request, DeleteKeyResponse* response); void DeleteAllKeys(const DeleteAllKeysRequest& request, DeleteAllKeysResponse* response); void BeginOperation(const BeginOperationRequest& request, BeginOperationResponse* response); void UpdateOperation(const UpdateOperationRequest& request, UpdateOperationResponse* response); void FinishOperation(const FinishOperationRequest& request, FinishOperationResponse* response); void AbortOperation(const AbortOperationRequest& request, AbortOperationResponse* response); - void GetVersion(const GetVersionRequest& request, GetVersionResponse* response); bool has_operation(keymaster_operation_handle_t op_handle) const; |