Add RSA encryption and decryption support.
This change was already reviewed, merged and reverted, so I'm skipping
the review step this time.
Change-Id: Ie5b7dba86a7ae7f62eedbdb6eec7b61ef83d0c73
diff --git a/google_keymaster.cpp b/google_keymaster.cpp
index da606e5..47f22cf 100644
--- a/google_keymaster.cpp
+++ b/google_keymaster.cpp
@@ -93,10 +93,12 @@
response->error = KM_ERROR_UNSUPPORTED_BLOCK_MODE;
}
+keymaster_padding_t supported_rsa_crypt_padding[] = {KM_PAD_RSA_OAEP, KM_PAD_RSA_PKCS1_1_5_ENCRYPT};
+keymaster_padding_t supported_rsa_sign_padding[] = {KM_PAD_NONE};
keymaster_padding_t supported_padding[] = {KM_PAD_NONE};
void GoogleKeymaster::SupportedPaddingModes(
- keymaster_algorithm_t algorithm, keymaster_purpose_t /* purpose */,
+ keymaster_algorithm_t algorithm, keymaster_purpose_t purpose,
SupportedResponse<keymaster_padding_t>* response) const {
if (response == NULL || !check_supported(algorithm, response))
return;
@@ -104,6 +106,17 @@
response->error = KM_ERROR_OK;
switch (algorithm) {
case KM_ALGORITHM_RSA:
+ switch (purpose) {
+ case KM_PURPOSE_ENCRYPT:
+ case KM_PURPOSE_DECRYPT:
+ response->SetResults(supported_rsa_crypt_padding);
+ break;
+ case KM_PURPOSE_SIGN:
+ case KM_PURPOSE_VERIFY:
+ response->SetResults(supported_rsa_sign_padding);
+ break;
+ }
+ break;
case KM_ALGORITHM_DSA:
case KM_ALGORITHM_ECDSA:
response->SetResults(supported_padding);