Merge "Allow for input_data on finish." am: 4a83b14ada am: 02c287a628
am: 51e842e43c
Change-Id: I3ed4477e925a203ae8a7b1dde9744ade4a32e93c
This commit is contained in:
Rob Barnes
@@ -922,15 +922,26 @@ public class KeyStore {
|
||||
}
|
||||
}
|
||||
|
||||
public OperationResult finish(IBinder token, KeymasterArguments arguments, byte[] signature,
|
||||
byte[] entropy) {
|
||||
/**
|
||||
* Android KeyStore finish operation.
|
||||
*
|
||||
* @param token Authentication token.
|
||||
* @param arguments Keymaster arguments
|
||||
* @param input Optional additional input data.
|
||||
* @param signature Optional signature to be verified.
|
||||
* @param entropy Optional additional entropy
|
||||
* @return OperationResult that will indicate success or error of the operation.
|
||||
*/
|
||||
public OperationResult finish(IBinder token, KeymasterArguments arguments, byte[] input,
|
||||
byte[] signature, byte[] entropy) {
|
||||
OperationPromise promise = new OperationPromise();
|
||||
try {
|
||||
mBinder.asBinder().linkToDeath(promise, 0);
|
||||
arguments = arguments != null ? arguments : new KeymasterArguments();
|
||||
entropy = entropy != null ? entropy : new byte[0];
|
||||
input = input != null ? input : new byte[0];
|
||||
signature = signature != null ? signature : new byte[0];
|
||||
int errorCode = mBinder.finish(promise, token, arguments, signature, entropy);
|
||||
int errorCode = mBinder.finish(promise, token, arguments, input, signature, entropy);
|
||||
if (errorCode == NO_ERROR) {
|
||||
return promise.getFuture().get();
|
||||
} else {
|
||||
@@ -948,7 +959,7 @@ public class KeyStore {
|
||||
}
|
||||
|
||||
public OperationResult finish(IBinder token, KeymasterArguments arguments, byte[] signature) {
|
||||
return finish(token, arguments, signature, null);
|
||||
return finish(token, arguments, null, signature, null);
|
||||
}
|
||||
|
||||
private class KeystoreResultPromise
|
||||
|
||||
@@ -432,7 +432,7 @@ abstract class AndroidKeyStoreAuthenticatedAESCipherSpi extends AndroidKeyStoreC
|
||||
}
|
||||
|
||||
@Override
|
||||
public OperationResult finish(byte[] signature, byte[] additionalEntropy) {
|
||||
public OperationResult finish(byte[] input, byte[] signature, byte[] additionalEntropy) {
|
||||
if ((additionalEntropy != null) && (additionalEntropy.length > 0)) {
|
||||
throw new ProviderException("AAD stream does not support additional entropy");
|
||||
}
|
||||
|
||||
@@ -62,7 +62,7 @@ class KeyStoreCryptoOperationChunkedStreamer implements KeyStoreCryptoOperationS
|
||||
* Returns the result of the KeyStore {@code finish} operation or null if keystore couldn't
|
||||
* be reached.
|
||||
*/
|
||||
OperationResult finish(byte[] siganture, byte[] additionalEntropy);
|
||||
OperationResult finish(byte[] input, byte[] siganture, byte[] additionalEntropy);
|
||||
}
|
||||
|
||||
// Binder buffer is about 1MB, but it's shared between all active transactions of the process.
|
||||
@@ -217,7 +217,8 @@ class KeyStoreCryptoOperationChunkedStreamer implements KeyStoreCryptoOperationS
|
||||
byte[] output = update(input, inputOffset, inputLength);
|
||||
output = ArrayUtils.concat(output, flush());
|
||||
|
||||
OperationResult opResult = mKeyStoreStream.finish(signature, additionalEntropy);
|
||||
OperationResult opResult = mKeyStoreStream.finish(EmptyArray.BYTE, signature,
|
||||
additionalEntropy);
|
||||
if (opResult == null) {
|
||||
throw new KeyStoreConnectException();
|
||||
} else if (opResult.resultCode != KeyStore.NO_ERROR) {
|
||||
@@ -334,8 +335,8 @@ class KeyStoreCryptoOperationChunkedStreamer implements KeyStoreCryptoOperationS
|
||||
}
|
||||
|
||||
@Override
|
||||
public OperationResult finish(byte[] signature, byte[] additionalEntropy) {
|
||||
return mKeyStore.finish(mOperationToken, null, signature, additionalEntropy);
|
||||
public OperationResult finish(byte[] input, byte[] signature, byte[] additionalEntropy) {
|
||||
return mKeyStore.finish(mOperationToken, null, input, signature, additionalEntropy);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user