Gitiles
Code Review Sign In
gerrit-public.fairphone.software / fp2-dev / platform / system / keymaster / 00aa794186c2e2f2b8366a39b7c3f40a72467f34^! / .
commit00aa794186c2e2f2b8366a39b7c3f40a72467f34[log] [tgz]
authorShawn Willden <swillden@google.com>Wed Sep 10 07:57:43 2014 -0600
committerShawn Willden <swillden@google.com>Wed Sep 10 08:07:29 2014 -0600
tree8eba8cab1e815749731aa4ed448c2eb126340140
parent2b3bbf8d918010de02cbf5b6093cda8bcd812ffe [diff]
Remove message size checks for RSA and DSA signing operations.

There appears to be too much code, both production and tests, that
assumes it can feed various-sized messages to signing ops.  This change
essentially just falls back on openssl, letting it decide what is
acceptable and what is not.  That should make it bug-compatible with
softkeymaster, and perhaps with other TEE implementations.

Change-Id: I6185fdef3abf19321029d0b192669b722b363cf8

diff --git a/dsa_operation.cpp b/dsa_operation.cpp
index c2e0fb1..dc64343 100644
--- a/dsa_operation.cpp
+++ b/dsa_operation.cpp

@@ -45,9 +45,6 @@
 
 keymaster_error_t DsaSignOperation::Finish(const Buffer& /* signature */, Buffer* output) {
     output->Reinitialize(DSA_size(dsa_key_));
-    if (data_.available_read() != output->buffer_size())
-        return KM_ERROR_INVALID_INPUT_LENGTH;
-
     unsigned int siglen;
     if (!DSA_sign(0 /* type -- ignored */, data_.peek_read(), data_.available_read(),
                   output->peek_write(), &siglen, dsa_key_))

diff --git a/google_keymaster_test.cpp b/google_keymaster_test.cpp
index a492743..18befde 100644
--- a/google_keymaster_test.cpp
+++ b/google_keymaster_test.cpp

@@ -657,7 +657,7 @@
     finish_request.op_handle = begin_response.op_handle;
     FinishOperationResponse finish_response;
     device.FinishOperation(finish_request, &finish_response);
-    ASSERT_EQ(KM_ERROR_INVALID_INPUT_LENGTH, finish_response.error);
+    ASSERT_EQ(KM_ERROR_UNKNOWN_ERROR, finish_response.error);
     EXPECT_EQ(0U, finish_response.output.available_read());
 
     EXPECT_EQ(KM_ERROR_INVALID_OPERATION_HANDLE, device.AbortOperation(begin_response.op_handle));

diff --git a/rsa_operation.cpp b/rsa_operation.cpp
index 816c234..4eef5c1 100644
--- a/rsa_operation.cpp
+++ b/rsa_operation.cpp

@@ -50,9 +50,6 @@
 
 keymaster_error_t RsaSignOperation::Finish(const Buffer& /* signature */, Buffer* output) {
     output->Reinitialize(RSA_size(rsa_key_));
-    if (data_.available_read() != output->buffer_size())
-        return KM_ERROR_INVALID_INPUT_LENGTH;
-
     int bytes_encrypted = RSA_private_encrypt(data_.available_read(), data_.peek_read(),
                                               output->peek_write(), rsa_key_, RSA_NO_PADDING);
     if (bytes_encrypted < 0)