tequilaOS/platform_hardware_interfaces
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge "Activate HMAC sharing check." into pi-dev

Browse source
This commit is contained in:
TreeHugger Robot 2018-05-24 01:18:01 +00:00 committed by Android (Google) Code Review
commit c2ac8a636e
1 changed files with 13 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

24
keymaster/4.0/support/Keymaster.cpp
View file

@ -156,17 +156,19 @@ static void computeHmac(const Keymaster::KeymasterSet& keymasters,
for (auto& keymaster : keymasters) {
if (keymaster->halVersion().majorVersion < 4) continue;
LOG(DEBUG) << "Computing HMAC for " << *keymaster;
auto rc = keymaster->computeSharedHmac(params, [&](auto error, auto& curSharingCheck) {
CHECK(error == ErrorCode::OK)
<< "Failed to get HMAC parameters from " << *keymaster << " error " << error;
if (firstKeymaster) {
sharingCheck = curSharingCheck;
firstKeymaster = false;
}
// TODO: Validate that curSharingCheck == sharingCheck. b/77588764
// CHECK(curSharingCheck == sharingCheck) << "HMAC computation failed for " <<
// *keymaster;
});
auto rc = keymaster->computeSharedHmac(
params, [&](ErrorCode error, const hidl_vec<uint8_t>& curSharingCheck) {
CHECK(error == ErrorCode::OK)
<< "Failed to get HMAC parameters from " << *keymaster << " error " << error;
if (firstKeymaster) {
sharingCheck = curSharingCheck;
firstKeymaster = false;
}
CHECK(curSharingCheck == sharingCheck)
<< "HMAC computation failed for " << *keymaster //
<< " Expected: " << sharingCheck //
<< " got: " << curSharingCheck;
});
CHECK(rc.isOk()) << "Failed to communicate with " << *keymaster
<< " error: " << rc.description();
}