59c6af81b6b510dd991ab04b8d65f1bab966d0c8 |
|
01-Jun-2017 |
Janis Danisevskis <jdanis@google.com> |
Key class takes ownership of AuthorizationSets The key object is constantly passed around together with the two authorization sets, while the Key class has a field for the combined authorizations sets. This is doubly awkward. 1. In the combined authorization list the information about the level of enforcement is lost. 2. The combined authorization list takes up memory that is up to the same size as the two separate authorization list which have roughly the same life cycle. Also the allocation of the additional memory can cause the constructor of Key to fail (i.e., in the TEE environment) which gave rise to the error [out] parameter to communicate the failure to the caller. With this patch, the constructor of Key takes ownership of the individual authorization lists. This preserves the information about the enforcement levels (1). The AuthorizationSets can now be passed around conveniently with the key it belongs to. The memory for authorizations is no longer duplicated (2). And the move semantic of the constructor guarantees that it can no longer fail obviating the need for the error [out] parameter. Additionally the Key class now keeps the original key blob around. It also got a key_factory_ field allowing a key to be associated with its factory. This is particularly useful for hybrid keymaster implementation where keys can have different factories, depending on their authorizations. Test: VtsHalKeymasterV3_0TargetTest Bug: 67358942 Change-Id: I1d235e16f9120b3d29ef4c71ff7a19d98700559f
/system/keymaster/km_openssl/attestation_utils.cpp
|