Gitiles
Code Review Sign In
gerrit-public.fairphone.software / fp2-dev / platform / system / keymaster / 58e1a5486219a1be9264d4e863a9dd3e393906c3^! / . / google_keymaster.cpp
commit58e1a5486219a1be9264d4e863a9dd3e393906c3[log] [tgz]
authorShawn Willden <swillden@google.com>Fri Aug 08 21:58:29 2014 -0600
committerShawn Willden <swillden@google.com>Fri Aug 08 21:58:29 2014 -0600
tree9c38723969b22071597e2b11f9dc97d42292e244
parent301646f55214ed693e79c7869d54033a74641907 [diff] [blame]
Eliminate in-place serialization.

Not doing in-place serialization will result in greater heap
consumption, but eliminates many alignment-related issues.  Given more
time, I'd prefer to solve the alignment issues by computing and
inserting appropriate padding, but we don't have the time.

Change-Id: I86e4bdf57263db26c73372ae2963f21c5f5f00aa

diff --git a/google_keymaster.cpp b/google_keymaster.cpp
index ff09c19..acfc1ee 100644
--- a/google_keymaster.cpp
+++ b/google_keymaster.cpp

@@ -195,19 +195,6 @@
     (message->*set)(buf.get(), bytes_written);
 }
 
-class Eraser {
-  public:
-    Eraser(uint8_t* buf, size_t size) : buf_(buf), size_(size) {}
-    ~Eraser() {
-        while (size_-- > 0)
-            *buf_++ = 0;
-    }
-
-  private:
-    uint8_t* buf_;
-    size_t size_;
-};
-
 void GoogleKeymaster::GenerateKey(const GenerateKeyRequest& request,
                                   GenerateKeyResponse* response) {
     if (response == NULL)
@@ -266,8 +253,8 @@
     KeyBlob(AuthorizationSet& enforced_set, AuthorizationSet& unenforced_set, size_t key_len)
         : enforced_length_(enforced_set.SerializedSize()),
           unenforced_length_(unenforced_set.SerializedSize()), key_length_(key_len) {
-        enforced_set.Serialize(enforced());
-        unenforced_set.Serialize(unenforced());
+        enforced_set.Serialize(enforced(), enforced() + enforced_length());
+        unenforced_set.Serialize(unenforced(), unenforced() + unenforced_length());
     }
 
     uint32_t enforced_length_;
@@ -397,8 +384,7 @@
 
 static keymaster_error_t CheckAuthorizationSet(const AuthorizationSet& set) {
     switch (set.is_valid()) {
-    case AuthorizationSet::OK_FULL:
-    case AuthorizationSet::OK_GROWABLE:
+    case AuthorizationSet::OK:
         return KM_ERROR_OK;
     case AuthorizationSet::ALLOCATION_FAILURE:
         return KM_ERROR_MEMORY_ALLOCATION_FAILED;