Provide alternate SE RoT provisioning path. (0f89bc12) · Commits · e / os / android_system_core

trusty/keymaster/include/trusty_keymaster/TrustyKeyMintDevice.h

+8 −2

Original line number	Diff line number	Diff line
		@@ -27,6 +27,7 @@ namespace aidl::android::hardware::security::keymint::trusty {
		using ::keymaster::TrustyKeymaster;
		using ::ndk::ScopedAStatus;
		using secureclock::TimeStampToken;
		using ::std::array;
		using ::std::optional;
		using ::std::shared_ptr;
		using ::std::vector;
		@@ -77,8 +78,13 @@ class TrustyKeyMintDevice : public BnKeyMintDevice {
		const optional<TimeStampToken>& timestampToken) override;
		ScopedAStatus earlyBootEnded() override;

		ScopedAStatus convertStorageKeyToEphemeral(const std::vector<uint8_t>& storageKeyBlob,
		std::vector<uint8_t>* ephemeralKeyBlob) override;
		ScopedAStatus convertStorageKeyToEphemeral(const vector<uint8_t>& storageKeyBlob,
		vector<uint8_t>* ephemeralKeyBlob) override;

		ScopedAStatus getRootOfTrustChallenge(array<uint8_t, 16>* challenge) override;
		ScopedAStatus getRootOfTrust(const array<uint8_t, 16>& challenge,
		vector<uint8_t>* rootOfTrust) override;
		ScopedAStatus sendRootOfTrust(const vector<uint8_t>& rootOfTrust) override;

		protected:
		std::shared_ptr<TrustyKeymaster> impl_;

+14 −1

Original line number	Diff line number	Diff line
		@@ -306,7 +306,7 @@ ScopedAStatus TrustyKeyMintDevice::earlyBootEnded() {
		}

		ScopedAStatus TrustyKeyMintDevice::convertStorageKeyToEphemeral(
		const std::vector<uint8_t>& storageKeyBlob, std::vector<uint8_t>* ephemeralKeyBlob) {
		const vector<uint8_t>& storageKeyBlob, vector<uint8_t>* ephemeralKeyBlob) {
		keymaster::ExportKeyRequest request(impl_->message_version());
		request.SetKeyMaterial(storageKeyBlob.data(), storageKeyBlob.size());
		request.key_format = KM_KEY_FORMAT_RAW;
		@@ -321,4 +321,17 @@ ScopedAStatus TrustyKeyMintDevice::convertStorageKeyToEphemeral(
		return ScopedAStatus::ok();
		}

		ScopedAStatus TrustyKeyMintDevice::getRootOfTrustChallenge(array<uint8_t, 16>* /* challenge */) {
		return kmError2ScopedAStatus(KM_ERROR_UNIMPLEMENTED);
		}

		ScopedAStatus TrustyKeyMintDevice::getRootOfTrust(const array<uint8_t, 16>& /* challenge */,
		vector<uint8_t>* /* rootOfTrust */) {
		return kmError2ScopedAStatus(KM_ERROR_UNIMPLEMENTED);
		}

		ScopedAStatus TrustyKeyMintDevice::sendRootOfTrust(const vector<uint8_t>& /* rootOfTrust */) {
		return kmError2ScopedAStatus(KM_ERROR_UNIMPLEMENTED);
		}

		} // namespace aidl::android::hardware::security::keymint::trusty