tequilaOS/platform_hardware_interfaces
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge "Activate HMAC sharing check." into pi-dev

Browse source
This commit is contained in:
TreeHugger Robot 2018-05-24 01:18:01 +00:00 committed by Android (Google) Code Review
commit c2ac8a636e
1 changed files with 13 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

24
keymaster/4.0/support/Keymaster.cpp
View file

@ -156,17 +156,19 @@ static void computeHmac(const Keymaster::KeymasterSet& keymasters,
for (auto& keymaster : keymasters) { for (auto& keymaster : keymasters) {
if (keymaster->halVersion().majorVersion < 4) continue; if (keymaster->halVersion().majorVersion < 4) continue;
LOG(DEBUG) << "Computing HMAC for " << *keymaster; LOG(DEBUG) << "Computing HMAC for " << *keymaster;
auto rc = keymaster->computeSharedHmac(params, [&](auto error, auto& curSharingCheck) { auto rc = keymaster->computeSharedHmac(
CHECK(error == ErrorCode::OK) params, [&](ErrorCode error, const hidl_vec<uint8_t>& curSharingCheck) {
<< "Failed to get HMAC parameters from " << *keymaster << " error " << error; CHECK(error == ErrorCode::OK)
if (firstKeymaster) { << "Failed to get HMAC parameters from " << *keymaster << " error " << error;
sharingCheck = curSharingCheck; if (firstKeymaster) {
firstKeymaster = false; sharingCheck = curSharingCheck;
} firstKeymaster = false;
// TODO: Validate that curSharingCheck == sharingCheck. b/77588764 }
// CHECK(curSharingCheck == sharingCheck) << "HMAC computation failed for " << CHECK(curSharingCheck == sharingCheck)
// *keymaster; << "HMAC computation failed for " << *keymaster //
}); << " Expected: " << sharingCheck //
<< " got: " << curSharingCheck;
});
CHECK(rc.isOk()) << "Failed to communicate with " << *keymaster CHECK(rc.isOk()) << "Failed to communicate with " << *keymaster
<< " error: " << rc.description(); << " error: " << rc.description();
} }