Google Git
Sign in
android / platform / system / keymaster / 4263b591c4cc33d16cdbfb8b11d9cf5373ec89ba
commit4263b591c4cc33d16cdbfb8b11d9cf5373ec89ba[log] [tgz]
authorAdam Langley <agl@chromium.org>Thu Jan 14 10:46:42 2016 -0800
committerShawn Willden <swillden@google.com>Tue Feb 23 12:49:26 2016 +0000
tree1120d6cff64e89bc3c3f592d12b999219f3f60ed
parent4de9dbe8f533944656f421369cfd7d438d105cb5 [diff]
system/keymaster: don't pass a structure into |d2i_PrivateKey|.

Some OpenSSL parsing functions have, historically, allowed a structure
to be passed in to reuse that memory. There have been many bugs arising
from this corner case and it's generally best to avoid it.

This change just passes in NULL because a new structure was being
allocated anyway. Also, the API didn't guarantee that the memory would
always be reused – code had to check the updated pointer, which this
didn't do. So it might have broken in the future.

(This change mirrors
https://android-review.googlesource.com/#/c/196590/1)

Change-Id: I5fed1020997cb8708706bbeb37a1e9bb1e6f71d3
1 file changed
tree: 1120d6cff64e89bc3c3f592d12b999219f3f60ed
  1. include/
  2. .clang-format
  3. .gitignore
  4. ae.h
  5. aes_key.cpp
  6. aes_key.h
  7. aes_operation.cpp
  8. aes_operation.h
  9. Android.mk
  10. android_keymaster.cpp
  11. android_keymaster_messages.cpp
  12. android_keymaster_messages_test.cpp
  13. android_keymaster_test.cpp
  14. android_keymaster_test_utils.cpp
  15. android_keymaster_test_utils.h
  16. android_keymaster_utils.cpp
  17. asymmetric_key.cpp
  18. asymmetric_key.h
  19. asymmetric_key_factory.cpp
  20. attestation_record.cpp
  21. attestation_record.h
  22. attestation_record_test.cpp
  23. auth_encrypted_key_blob.cpp
  24. auth_encrypted_key_blob.h
  25. authorization_set.cpp
  26. authorization_set_test.cpp
  27. ec_key.cpp
  28. ec_key.h
  29. ec_key_factory.cpp
  30. ec_keymaster0_key.cpp
  31. ec_keymaster0_key.h
  32. ec_keymaster1_key.cpp
  33. ec_keymaster1_key.h
  34. ec_privkey_pk8.der
  35. ecdsa_keymaster1_operation.cpp
  36. ecdsa_keymaster1_operation.h
  37. ecdsa_operation.cpp
  38. ecdsa_operation.h
  39. ecies_kem.cpp
  40. ecies_kem.h
  41. ecies_kem_test.cpp
  42. gtest_main.cpp
  43. hkdf.cpp
  44. hkdf.h
  45. hkdf_test.cpp
  46. hmac.cpp
  47. hmac.h
  48. hmac_key.cpp
  49. hmac_key.h
  50. hmac_operation.cpp
  51. hmac_operation.h
  52. hmac_test.cpp
  53. integrity_assured_key_blob.cpp
  54. integrity_assured_key_blob.h
  55. iso18033kdf.cpp
  56. iso18033kdf.h
  57. kdf.cpp
  58. kdf.h
  59. kdf1.h
  60. kdf1_test.cpp
  61. kdf2.h
  62. kdf2_test.cpp
  63. kdf_test.cpp
  64. kem.h
  65. key.cpp
  66. key.h
  67. key_blob_test.cpp
  68. key_exchange.h
  69. keymaster0_engine.cpp
  70. keymaster0_engine.h
  71. keymaster1_engine.cpp
  72. keymaster1_engine.h
  73. keymaster_enforcement.cpp
  74. keymaster_enforcement_test.cpp
  75. keymaster_tags.cpp
  76. km0_sw_rsa_512.blob
  77. km1_sw_ecdsa_256.blob
  78. km1_sw_rsa_512.blob
  79. km1_sw_rsa_512_unversioned.blob
  80. List.h
  81. logger.cpp
  82. Makefile
  83. MODULE_LICENSE_APACHE2
  84. nist_curve_key_exchange.cpp
  85. nist_curve_key_exchange.h
  86. nist_curve_key_exchange_test.cpp
  87. NOTICE
  88. ocb.c
  89. ocb_utils.cpp
  90. ocb_utils.h
  91. openssl_err.cpp
  92. openssl_err.h
  93. openssl_utils.cpp
  94. openssl_utils.h
  95. operation.cpp
  96. operation.h
  97. operation_table.cpp
  98. operation_table.h
  99. rsa_key.cpp
  100. rsa_key.h
  101. rsa_key_factory.cpp
  102. rsa_keymaster0_key.cpp
  103. rsa_keymaster0_key.h
  104. rsa_keymaster1_key.cpp
  105. rsa_keymaster1_key.h
  106. rsa_keymaster1_operation.cpp
  107. rsa_keymaster1_operation.h
  108. rsa_operation.cpp
  109. rsa_operation.h
  110. rsa_privkey_pk8.der
  111. serializable.cpp
  112. soft_keymaster_context.cpp
  113. soft_keymaster_device.cpp
  114. soft_keymaster_logger.cpp
  115. sw_rsa_attest_root.key.pem
  116. symmetric_key.cpp
  117. symmetric_key.h
  118. valgrind.supp