Fix int truncation in auth token handling
HardwareAuthToken.timestamp is uint64_t but got truncated to uint32_t by
timestamp_host_order(). Also add some logging to undertand the issue of
bad auth token on ryu.
Bug: 65283496
Test: builds and runs
Change-Id: Ia51d0880f47594e6ab02e46bec270ee68dc5823f
diff --git a/keystore/auth_token_table.cpp b/keystore/auth_token_table.cpp
index eea24c9..8b81e47 100644
--- a/keystore/auth_token_table.cpp
+++ b/keystore/auth_token_table.cpp
@@ -14,6 +14,8 @@
* limitations under the License.
*/
+#define LOG_TAG "keystore"
+
#include "auth_token_table.h"
#include <assert.h>
@@ -77,6 +79,12 @@
void AuthTokenTable::AddAuthenticationToken(const HardwareAuthToken* auth_token) {
Entry new_entry(auth_token, clock_function_());
+ //STOPSHIP: debug only, to be removed
+ ALOGD("AddAuthenticationToken: timestamp = %llu (%llu), time_received = %lld",
+ static_cast<unsigned long long>(new_entry.timestamp_host_order()),
+ static_cast<unsigned long long>(auth_token->timestamp),
+ static_cast<long long>(new_entry.time_received()));
+
RemoveEntriesSupersededBy(new_entry);
if (entries_.size() >= max_entries_) {
ALOGW("Auth token table filled up; replacing oldest entry");
@@ -207,7 +215,7 @@
: token_(token), time_received_(current_time), last_use_(current_time),
operation_completed_(token_->challenge == 0) {}
-uint32_t AuthTokenTable::Entry::timestamp_host_order() const {
+uint64_t AuthTokenTable::Entry::timestamp_host_order() const {
return ntoh(token_->timestamp);
}
diff --git a/keystore/auth_token_table.h b/keystore/auth_token_table.h
index 6f7aab1..422c710 100644
--- a/keystore/auth_token_table.h
+++ b/keystore/auth_token_table.h
@@ -124,7 +124,7 @@
const HardwareAuthToken* token() { return token_.get(); }
time_t time_received() const { return time_received_; }
bool completed() const { return operation_completed_; }
- uint32_t timestamp_host_order() const;
+ uint64_t timestamp_host_order() const;
HardwareAuthenticatorType authenticator_type() const;
private:
diff --git a/keystore/key_store_service.cpp b/keystore/key_store_service.cpp
index 85de181..eb5fe86 100644
--- a/keystore/key_store_service.cpp
+++ b/keystore/key_store_service.cpp
@@ -1717,6 +1717,7 @@
case AuthTokenTable::AUTH_TOKEN_NOT_FOUND:
case AuthTokenTable::AUTH_TOKEN_EXPIRED:
case AuthTokenTable::AUTH_TOKEN_WRONG_SID:
+ ALOGE("getAuthToken failed: %d", err); //STOPSHIP: debug only, to be removed
return ErrorCode::KEY_USER_NOT_AUTHENTICATED;
case AuthTokenTable::OP_HANDLE_REQUIRED:
return failOnTokenMissing ? KeyStoreServiceReturnCode(ErrorCode::KEY_USER_NOT_AUTHENTICATED)