commit 96599217f08532912bc0e26c1887549f6130669a
author Shawn Willden <swillden@google.com> Fri Sep 26 12:07:44 2014 -0600
committer Shawn Willden <swillden@google.com> Wed Dec 03 01:04:50 2014 +0000
tree 78aeee3603bac50c78c2865193fbab3e2db95ea7
parent f2aefdfc5adcc0a59bd51a7e4ec5ab92a513171c

Push padding and digest handling down to specific key types.

AsymmetricKey handled checking for digest and padding, but that doesn't
make sense because not all asymmetric key types need both.  This is in
preparation for adding asymmetric encryption/decryption support.

Change-Id: I7b9a4fc37b6d31ab25c56015c1df7d114affe882

ecdsa_key.cpp

diff --git a/ecdsa_key.cpp b/ecdsa_key.cpp
index 0077d0f..a3950f9 100644
--- a/ecdsa_key.cpp
+++ b/ecdsa_key.cpp
@@ -160,15 +160,20 @@
         *error = LoadKey(blob);
 }
 
-Operation* EcdsaKey::CreateOperation(keymaster_purpose_t purpose, keymaster_digest_t digest,
-                                     keymaster_padding_t padding, keymaster_error_t* error) {
+Operation* EcdsaKey::CreateOperation(keymaster_purpose_t purpose, keymaster_error_t* error) {
+    keymaster_digest_t digest = KM_DIGEST_NONE;
+    if (!authorizations().GetTagValue(TAG_DIGEST, &digest) || digest != KM_DIGEST_NONE) {
+        *error = KM_ERROR_UNSUPPORTED_DIGEST;
+        return NULL;
+    }
+
     Operation* op;
     switch (purpose) {
     case KM_PURPOSE_SIGN:
-        op = new EcdsaSignOperation(purpose, logger_, digest, padding, ecdsa_key_.release());
+        op = new EcdsaSignOperation(purpose, logger_, digest, ecdsa_key_.release());
         break;
     case KM_PURPOSE_VERIFY:
-        op = new EcdsaVerifyOperation(purpose, logger_, digest, padding, ecdsa_key_.release());
+        op = new EcdsaVerifyOperation(purpose, logger_, digest, ecdsa_key_.release());
         break;
     default:
         *error = KM_ERROR_UNIMPLEMENTED;