Merge "Fix wrongly initialized test key." into pi-dev (ba2fa43d) · Commits · e / os / android_hardware_interfaces

confirmationui/1.0/default/PlatformSpecifics.cpp

+4 −4

Original line number	Diff line number	Diff line
		@@ -36,11 +36,11 @@ MonotonicClockTimeStamper::TimeStamp MonotonicClockTimeStamper::now() {
		}
		}

		support::NullOr<support::array<uint8_t, 32>> HMacImplementation::hmac256(
		const uint8_t key[32], std::initializer_list<support::ByteBufferProxy> buffers) {
		support::NullOr<support::hmac_t> HMacImplementation::hmac256(
		const support::auth_token_key_t& key, std::initializer_list<support::ByteBufferProxy> buffers) {
		HMAC_CTX hmacCtx;
		HMAC_CTX_init(&hmacCtx);
		if (!HMAC_Init_ex(&hmacCtx, key, 32, EVP_sha256(), nullptr)) {
		if (!HMAC_Init_ex(&hmacCtx, key.data(), key.size(), EVP_sha256(), nullptr)) {
		return {};
		}
		for (auto& buffer : buffers) {
		@@ -48,7 +48,7 @@ support::NullOr<support::array<uint8_t, 32>> HMacImplementation::hmac256(
		return {};
		}
		}
		support::array<uint8_t, 32> result;
		support::hmac_t result;
		if (!HMAC_Final(&hmacCtx, result.data(), nullptr)) {
		return {};
		}

confirmationui/1.0/default/PlatformSpecifics.h

+3 −2

Original line number	Diff line number	Diff line
		@@ -48,8 +48,9 @@ struct MonotonicClockTimeStamper {

		class HMacImplementation {
		public:
		static support::NullOr<support::array<uint8_t, 32>> hmac256(
		const uint8_t key[32], std::initializer_list<support::ByteBufferProxy> buffers);
		static support::NullOr<support::hmac_t> hmac256(
		const support::auth_token_key_t& key,
		std::initializer_list<support::ByteBufferProxy> buffers);
		};

		class MyOperation : public generic::Operation<sp<IConfirmationResultCallback>,

confirmationui/1.0/vts/functional/VtsHalConfirmationUIV1_0TargetTest.cpp

+9 −14

Original line number	Diff line number	Diff line
		@@ -46,13 +46,16 @@ namespace V1_0 {

		namespace test {
		namespace {
		const support::auth_token_key_t testKey(static_cast<uint8_t>(TestKeyBits::BYTE));

		class HMacImplementation {
		public:
		static support::NullOr<support::array<uint8_t, 32>> hmac256(
		const uint8_t key[32], std::initializer_list<support::ByteBufferProxy> buffers) {
		static support::NullOr<support::hmac_t> hmac256(
		const support::auth_token_key_t& key,
		std::initializer_list<support::ByteBufferProxy> buffers) {
		HMAC_CTX hmacCtx;
		HMAC_CTX_init(&hmacCtx);
		if (!HMAC_Init_ex(&hmacCtx, key, 32, EVP_sha256(), nullptr)) {
		if (!HMAC_Init_ex(&hmacCtx, key.data(), key.size(), EVP_sha256(), nullptr)) {
		return {};
		}
		for (auto& buffer : buffers) {
		@@ -60,7 +63,7 @@ class HMacImplementation {
		return {};
		}
		}
		support::array<uint8_t, 32> result;
		support::hmac_t result;
		if (!HMAC_Final(&hmacCtx, result.data(), nullptr)) {
		return {};
		}
		@@ -70,23 +73,15 @@ class HMacImplementation {

		using HMacer = support::HMac<HMacImplementation>;

		constexpr uint8_t testKeyByte = static_cast<uint8_t>(TestKeyBits::BYTE);

		template <typename... Data>
		hidl_vec<uint8_t> testHMAC(const Data&... data) {
		constexpr uint8_t testKey[32] = {testKeyByte, testKeyByte, testKeyByte, testKeyByte,
		testKeyByte, testKeyByte, testKeyByte, testKeyByte,
		testKeyByte, testKeyByte, testKeyByte, testKeyByte,
		testKeyByte, testKeyByte, testKeyByte, testKeyByte};
		constexpr uint8_t hmac_size_bytes = sizeof testKey;

		auto hmac = HMacer::hmac256(testKey, data...);
		if (!hmac.isOk()) {
		EXPECT_TRUE(false) << "Failed to compute test hmac. This is a self-test error.";
		return {};
		}
		hidl_vec<uint8_t> result(hmac_size_bytes);
		copy(hmac.value().data(), hmac.value().data() + hmac_size_bytes, result.data());
		hidl_vec<uint8_t> result(hmac.value().size());
		copy(hmac.value().data(), hmac.value().data() + hmac.value().size(), result.data());
		return result;
		}

confirmationui/support/include/android/hardware/confirmationui/1.0/generic/GenericOperation.h

+7 −10

Original line number	Diff line number	Diff line
		@@ -99,7 +99,8 @@ class Operation {

		void setPending() { error_ = ResponseCode::OK; }

		void setHmacKey(const uint8_t (&key)[32]) { hmacKey_ = {key}; }
		void setHmacKey(const auth_token_key_t& key) { hmacKey_ = key; }
		NullOr<auth_token_key_t> hmacKey() const { return hmacKey_; }

		void abort() {
		if (isPending()) {
		@@ -112,7 +113,7 @@ class Operation {
		if (isPending()) error_ = ResponseCode::Canceled;
		}

		void finalize(const uint8_t key[32]) {
		void finalize(const auth_token_key_t& key) {
		if (error_ == ResponseCode::Ignored) return;
		resultCB_->result(error_, getMessage(), userConfirm(key));
		error_ = ResponseCode::Ignored;
		@@ -127,11 +128,7 @@ class Operation {
		}

		ResponseCode deliverSecureInputEvent(const HardwareAuthToken& secureInputToken) {
		constexpr uint8_t testKeyByte = static_cast<uint8_t>(TestKeyBits::BYTE);
		constexpr uint8_t testKey[32] = {testKeyByte, testKeyByte, testKeyByte, testKeyByte,
		testKeyByte, testKeyByte, testKeyByte, testKeyByte,
		testKeyByte, testKeyByte, testKeyByte, testKeyByte,
		testKeyByte, testKeyByte, testKeyByte, testKeyByte};
		const auth_token_key_t testKey(static_cast<uint8_t>(TestKeyBits::BYTE));

		auto hmac = HMacer::hmac256(testKey, "\0", bytes_cast(secureInputToken.challenge),
		bytes_cast(secureInputToken.userId),
		@@ -171,7 +168,7 @@ class Operation {
		result.setToExternal(formattedMessageBuffer_, formattedMessageLength_);
		return result;
		}
		hidl_vec<uint8_t> userConfirm(const uint8_t key[32]) {
		hidl_vec<uint8_t> userConfirm(const auth_token_key_t& key) {
		if (error_ != ResponseCode::OK) return {};
		confirmationTokenScratchpad_ = HMacer::hmac256(key, "confirmation token", getMessage());
		if (!confirmationTokenScratchpad_.isOk()) {
		@@ -188,10 +185,10 @@ class Operation {
		uint8_t formattedMessageBuffer_[uint32_t(MessageSize::MAX)];
		char promptStringBuffer_[uint32_t(MessageSize::MAX)];
		size_t formattedMessageLength_ = 0;
		NullOr<array<uint8_t, 32>> confirmationTokenScratchpad_;
		NullOr<hmac_t> confirmationTokenScratchpad_;
		Callback resultCB_;
		typename TimeStamper::TimeStamp startTime_;
		NullOr<array<uint8_t, 32>> hmacKey_;
		NullOr<auth_token_key_t> hmacKey_;
		};

		} // namespace

confirmationui/support/include/android/hardware/confirmationui/support/confirmationui_utils.h

+13 −2

Original line number	Diff line number	Diff line
		@@ -81,17 +81,23 @@ class array {
		public:
		array() : data_{} {}
		array(const T (&data)[elements]) { std::copy(data, data + elements, data_); }
		explicit array(const T& v) { fill(v); }

		T* data() { return data_; }
		const T* data() const { return data_; }
		constexpr size_t size() const { return elements; }
		operator const array_type&() const { return data_; }

		T* begin() { return data_; }
		T* end() { return data_ + elements; }
		const T* begin() const { return data_; }
		const T* end() const { return data_ + elements; }

		void fill(const T& v) {
		for (size_t i = 0; i < elements; ++i) {
		data_[i] = v;
		}
		}

		private:
		array_type data_;
		};
		@@ -157,6 +163,11 @@ class ByteBufferProxy {
		size_t size_;
		};

		constexpr uint8_t auth_token_key_size = 32;
		constexpr uint8_t hmac_size_bytes = support::auth_token_key_size;
		using auth_token_key_t = array<uint8_t, auth_token_key_size>;
		using hmac_t = auth_token_key_t;

		/**
		* Implementer are expected to provide an implementation with the following prototype:
		* static NullOr<array<uint8_t, 32>> hmac256(const uint8_t key[32],
		@@ -166,7 +177,7 @@ template <typename Impl>
		class HMac {
		public:
		template <typename... Data>
		static NullOr<array<uint8_t, 32>> hmac256(const uint8_t key[32], const Data&... data) {
		static NullOr<hmac_t> hmac256(const auth_token_key_t& key, const Data&... data) {
		return Impl::hmac256(key, {data...});
		}
		};