Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 9ce30624 authored by Chad Brubaker's avatar Chad Brubaker
Browse files

Add optional additional entropy to finish 

If provided the extra entropy will be added to the device before calling
finish. If entropy is provided and the device does not support supplying
additional entropy then finish will fail with KM_ERROR_UNIMPLEMENTED.

Change-Id: If26be118bf382604f6f8e96e833b76e6f9e94d58
parent 4993da92

core/java/android/security/IKeystoreService.aidl

+2 −1
Original line number Original line Diff line number Diff line
@@ -67,7 +67,8 @@ interface IKeystoreService { 
    OperationResult begin(IBinder appToken, String alias, int purpose, boolean pruneable,

    OperationResult begin(IBinder appToken, String alias, int purpose, boolean pruneable,

        in KeymasterArguments params, in byte[] entropy, out KeymasterArguments operationParams);

        in KeymasterArguments params, in byte[] entropy, out KeymasterArguments operationParams);

    OperationResult update(IBinder token, in KeymasterArguments params, in byte[] input);

    OperationResult update(IBinder token, in KeymasterArguments params, in byte[] input);

    OperationResult finish(IBinder token, in KeymasterArguments params, in byte[] signature);

    OperationResult finish(IBinder token, in KeymasterArguments params, in byte[] signature,

        in byte[] entropy);

    int abort(IBinder handle);

    int abort(IBinder handle);

    boolean isOperationAuthorized(IBinder token);

    boolean isOperationAuthorized(IBinder token);

    int addAuthToken(in byte[] authToken);

    int addAuthToken(in byte[] authToken);

keystore/java/android/security/KeyStore.java

+7 −2
Original line number Original line Diff line number Diff line
@@ -474,15 +474,20 @@ public class KeyStore { 
        }

        }

    }

    }





    public OperationResult finish(IBinder token, KeymasterArguments arguments, byte[] signature) {

    public OperationResult finish(IBinder token, KeymasterArguments arguments, byte[] signature,

            byte[] entropy) {

        try {

        try {

            return mBinder.finish(token, arguments, signature);

            return mBinder.finish(token, arguments, signature, entropy);

        } catch (RemoteException e) {

        } catch (RemoteException e) {

            Log.w(TAG, "Cannot connect to keystore", e);

            Log.w(TAG, "Cannot connect to keystore", e);

            return null;

            return null;

        }

        }

    }

    }





    public OperationResult finish(IBinder token, KeymasterArguments arguments, byte[] signature) {

        return finish(token, arguments, signature, null);

    }



    public int abort(IBinder token) {

    public int abort(IBinder token) {

        try {

        try {

            return mBinder.abort(token);

            return mBinder.abort(token);