Google Git
Sign in
android / platform / system / keymaster / 856761d5b01da66c09dbc6cb339b5345bfe0a945
commit856761d5b01da66c09dbc6cb339b5345bfe0a945[log] [tgz]
authorJanis Danisevskis <jdanis@google.com>Thu Feb 09 12:31:05 2017 +0000
committerJanis Danisevskis <jdanis@google.com>Thu Feb 09 15:28:22 2017 +0000
tree05bd3fb948447fd5398fc02f1427cf1f7b9783c7
parenta87b169f15d536d1074d3b7a30bd4737a4b874a4 [diff]
Fix unsafe AuthorizationSet copy constructor

The copy constructor copies the internal error code after calling
Reinitialize which may fail. The implications are twofold.
A possible failure of Reinitialize may get masked.
Reinitialize may get called on unsafe data in the case where
the argument was invalid.

After this fix, the error state of the argument is copied first,
then checked, and iff OK, Reinitialize is called. A potential
failure of Reinitialize is exposed as expected.

Change-Id: I79d94109d9046ce101788e48c1ed108ec42d697f
1 file changed
tree: 05bd3fb948447fd5398fc02f1427cf1f7b9783c7
  1. include/
  2. .clang-format
  3. .gitignore
  4. ae.h
  5. aes_key.cpp
  6. aes_key.h
  7. aes_operation.cpp
  8. aes_operation.h
  9. Android.mk
  10. android_keymaster.cpp
  11. android_keymaster_messages.cpp
  12. android_keymaster_messages_test.cpp
  13. android_keymaster_test.cpp
  14. android_keymaster_test_utils.cpp
  15. android_keymaster_test_utils.h
  16. android_keymaster_utils.cpp
  17. asymmetric_key.cpp
  18. asymmetric_key.h
  19. asymmetric_key_factory.cpp
  20. attestation_record.cpp
  21. attestation_record.h
  22. attestation_record_test.cpp
  23. auth_encrypted_key_blob.cpp
  24. auth_encrypted_key_blob.h
  25. authorization_set.cpp
  26. authorization_set_test.cpp
  27. ec_key.cpp
  28. ec_key.h
  29. ec_key_factory.cpp
  30. ec_keymaster0_key.cpp
  31. ec_keymaster0_key.h
  32. ec_keymaster1_key.cpp
  33. ec_keymaster1_key.h
  34. ec_privkey_pk8.der
  35. ecdsa_keymaster1_operation.cpp
  36. ecdsa_keymaster1_operation.h
  37. ecdsa_operation.cpp
  38. ecdsa_operation.h
  39. ecies_kem.cpp
  40. ecies_kem.h
  41. ecies_kem_test.cpp
  42. gtest_main.cpp
  43. hkdf.cpp
  44. hkdf.h
  45. hkdf_test.cpp
  46. hmac.cpp
  47. hmac.h
  48. hmac_key.cpp
  49. hmac_key.h
  50. hmac_operation.cpp
  51. hmac_operation.h
  52. hmac_test.cpp
  53. integrity_assured_key_blob.cpp
  54. integrity_assured_key_blob.h
  55. iso18033kdf.cpp
  56. iso18033kdf.h
  57. kdf.cpp
  58. kdf.h
  59. kdf1.h
  60. kdf1_test.cpp
  61. kdf2.h
  62. kdf2_test.cpp
  63. kdf_test.cpp
  64. kem.h
  65. key.cpp
  66. key.h
  67. key_blob_test.cpp
  68. key_exchange.h
  69. keymaster0_engine.cpp
  70. keymaster0_engine.h
  71. keymaster1_engine.cpp
  72. keymaster1_engine.h
  73. keymaster_configuration.cpp
  74. keymaster_configuration_test.cpp
  75. keymaster_enforcement.cpp
  76. keymaster_enforcement_test.cpp
  77. keymaster_tags.cpp
  78. km0_sw_rsa_512.blob
  79. km1_sw_ecdsa_256.blob
  80. km1_sw_rsa_512.blob
  81. km1_sw_rsa_512_unversioned.blob
  82. List.h
  83. logger.cpp
  84. Makefile
  85. MODULE_LICENSE_APACHE2
  86. nist_curve_key_exchange.cpp
  87. nist_curve_key_exchange.h
  88. nist_curve_key_exchange_test.cpp
  89. NOTICE
  90. ocb.c
  91. ocb_utils.cpp
  92. ocb_utils.h
  93. openssl_err.cpp
  94. openssl_err.h
  95. openssl_utils.cpp
  96. openssl_utils.h
  97. operation.cpp
  98. operation.h
  99. operation_table.cpp
  100. operation_table.h
  101. rsa_key.cpp
  102. rsa_key.h
  103. rsa_key_factory.cpp
  104. rsa_keymaster0_key.cpp
  105. rsa_keymaster0_key.h
  106. rsa_keymaster1_key.cpp
  107. rsa_keymaster1_key.h
  108. rsa_keymaster1_operation.cpp
  109. rsa_keymaster1_operation.h
  110. rsa_operation.cpp
  111. rsa_operation.h
  112. rsa_privkey_pk8.der
  113. serializable.cpp
  114. soft_keymaster_context.cpp
  115. soft_keymaster_device.cpp
  116. soft_keymaster_logger.cpp
  117. sw_rsa_attest_root.key.pem
  118. symmetric_key.cpp
  119. symmetric_key.h
  120. valgrind.supp