diff options
author | Shawn Willden <swillden@google.com> | 2015-05-23 03:36:30 +0000 |
---|---|---|
committer | Shawn Willden <swillden@google.com> | 2015-05-23 03:36:30 +0000 |
commit | 13fbe3e93247943c26e7ca2ed27b6d650282b8bf (patch) | |
tree | cd71086d18f6eb1ffc47d7f8cc3d92346ba639c6 /asymmetric_key.cpp | |
parent | 8ba2a043f0d44ad3f58d4af518f9391c03eca9c3 (diff) | |
download | keymaster-13fbe3e93247943c26e7ca2ed27b6d650282b8bf.tar.gz |
Revert "Large refactor to move context out of AndroidKeymaster."
This reverts commit 8ba2a043f0d44ad3f58d4af518f9391c03eca9c3.
I need to update the Volantis non-secure code in sync. Reverting while I get that done.
Change-Id: I0fb9f928e7e624ad678050a04bb873b43b1c9a48
Diffstat (limited to 'asymmetric_key.cpp')
-rw-r--r-- | asymmetric_key.cpp | 68 |
1 files changed, 26 insertions, 42 deletions
diff --git a/asymmetric_key.cpp b/asymmetric_key.cpp index 72c24a1..1af58ca 100644 --- a/asymmetric_key.cpp +++ b/asymmetric_key.cpp @@ -20,36 +20,28 @@ #include <hardware/keymaster_defs.h> +#include "ec_key.h" #include "openssl_err.h" #include "openssl_utils.h" +#include "rsa_key.h" +#include "unencrypted_key_blob.h" namespace keymaster { -keymaster_error_t -AsymmetricKeyFactory::KeyMaterialToEvpKey(keymaster_key_format_t key_format, - const KeymasterKeyBlob& key_material, - UniquePtr<EVP_PKEY, EVP_PKEY_Delete>* pkey) { +EVP_PKEY* AsymmetricKeyFactory::ExtractEvpKey(keymaster_key_format_t key_format, + keymaster_algorithm_t expected_algorithm, + const uint8_t* key_data, size_t key_data_length, + keymaster_error_t* error) { + *error = KM_ERROR_UNSUPPORTED_KEY_FORMAT; if (key_format != KM_KEY_FORMAT_PKCS8) - return KM_ERROR_UNSUPPORTED_KEY_FORMAT; - - return convert_pkcs8_blob_to_evp(key_material.key_material, key_material.key_material_size, - registry_key(), pkey); -} - -keymaster_error_t AsymmetricKeyFactory::EvpKeyToKeyMaterial(const EVP_PKEY* pkey, - KeymasterKeyBlob* key_blob) { - int key_data_size = i2d_PrivateKey(pkey, NULL /* key_data*/); - if (key_data_size <= 0) - return TranslateLastOpenSslError(); - - key_blob->Reset(key_data_size); - if (!key_blob->key_material) - return KM_ERROR_MEMORY_ALLOCATION_FAILED; + return NULL; - uint8_t* tmp = key_blob->writable_data(); - i2d_PrivateKey(pkey, &tmp); + UniquePtr<EVP_PKEY, EVP_PKEY_Delete> pkey; + *error = convert_pkcs8_blob_to_evp(key_data, key_data_length, expected_algorithm, &pkey); + if (*error != KM_ERROR_OK) + return NULL; - return KM_ERROR_OK; + return pkey.release(); } static const keymaster_key_format_t supported_import_formats[] = {KM_KEY_FORMAT_PKCS8}; @@ -64,28 +56,20 @@ const keymaster_key_format_t* AsymmetricKeyFactory::SupportedExportFormats(size_ return supported_export_formats; } -keymaster_error_t AsymmetricKeyFactory::LoadKey(const KeymasterKeyBlob& key_material, - const AuthorizationSet& hw_enforced, - const AuthorizationSet& sw_enforced, - UniquePtr<Key>* key) { - UniquePtr<AsymmetricKey> asymmetric_key; - keymaster_error_t error = CreateEmptyKey(hw_enforced, sw_enforced, &asymmetric_key); - if (error != KM_ERROR_OK) - return error; - - const uint8_t* tmp = key_material.key_material; - EVP_PKEY* pkey = - d2i_PrivateKey(evp_key_type(), NULL /* pkey */, &tmp, key_material.key_material_size); - if (!pkey) - return TranslateLastOpenSslError(); - UniquePtr<EVP_PKEY, EVP_PKEY_Delete> pkey_deleter(pkey); +keymaster_error_t AsymmetricKey::LoadKey(const UnencryptedKeyBlob& blob) { + UniquePtr<EVP_PKEY, EVP_PKEY_Delete> evp_key(EVP_PKEY_new()); + if (evp_key.get() == NULL) + return KM_ERROR_MEMORY_ALLOCATION_FAILED; - if (!asymmetric_key->EvpToInternal(pkey)) - error = TranslateLastOpenSslError(); - else - key->reset(asymmetric_key.release()); + EVP_PKEY* tmp_pkey = evp_key.get(); + const uint8_t* key_material = blob.unencrypted_key_material(); + if (d2i_PrivateKey(evp_key_type(), &tmp_pkey, &key_material, blob.key_material_length()) == + NULL) + return TranslateLastOpenSslError(); + if (!EvpToInternal(evp_key.get())) + return TranslateLastOpenSslError(); - return error; + return KM_ERROR_OK; } keymaster_error_t AsymmetricKey::key_material(UniquePtr<uint8_t[]>* material, size_t* size) const { |