Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit e433a1b7 authored by Shawn Willden's avatar Shawn Willden Committed by android-build-merger
Browse files

Merge "Activate HMAC sharing check." into pi-dev 

am: c2ac8a63

Change-Id: I6a47402a1cd823d493749e3b6580ba3a69fa49d9
parents ff866b9b c2ac8a63

keymaster/4.0/support/Keymaster.cpp

+13 −11
Original line number Diff line number Diff line
@@ -156,16 +156,18 @@ static void computeHmac(const Keymaster::KeymasterSet& keymasters, 
    for (auto& keymaster : keymasters) {

        if (keymaster->halVersion().majorVersion < 4) continue;

        LOG(DEBUG) << "Computing HMAC for " << *keymaster;

        auto rc = keymaster->computeSharedHmac(params, [&](auto error, auto& curSharingCheck) {

        auto rc = keymaster->computeSharedHmac(

            params, [&](ErrorCode error, const hidl_vec<uint8_t>& curSharingCheck) {

                CHECK(error == ErrorCode::OK)

                    << "Failed to get HMAC parameters from " << *keymaster << " error " << error;

                if (firstKeymaster) {

                    sharingCheck = curSharingCheck;

                    firstKeymaster = false;

                }

            // TODO: Validate that curSharingCheck == sharingCheck.  b/77588764

            // CHECK(curSharingCheck == sharingCheck) << "HMAC computation failed for " <<

            // *keymaster;

                CHECK(curSharingCheck == sharingCheck)

                    << "HMAC computation failed for " << *keymaster  //

                    << " Expected: " << sharingCheck                 //

                    << " got: " << curSharingCheck;

            });

        CHECK(rc.isOk()) << "Failed to communicate with " << *keymaster

                         << " error: " << rc.description();