keymaster: Check auth token key size
Bug: 222339795
Test: com.android.trusty.keymaster.secure.test
Change-Id: I4d7eb0c4129cc761449e700465ee37013f44abab
diff --git a/lib/keymaster/keymaster.c b/lib/keymaster/keymaster.c
index ff16211..549aaa4 100644
--- a/lib/keymaster/keymaster.c
+++ b/lib/keymaster/keymaster.c
@@ -31,6 +31,8 @@
#define HMAC_LEN (sizeof(((hw_auth_token_t*)0)->hmac))
+#define AUTH_TOKEN_KEY_LEN (32)
+
static long send_req(keymaster_session_t session, uint32_t cmd) {
struct keymaster_message msg = {
.cmd = cmd,
@@ -161,6 +163,20 @@
goto err_bad_read;
}
+ /*
+ * TODO: Return message of this API contains an error if one happened and a
+ * key on success. It may be impossible to distinguish the two if they are
+ * the same size. A proper fix would require changing the layout of the
+ * return message. However, that changes the ABI. So, just assume that the
+ * key is 32 bytes. We know that from KM code.
+ */
+ if (size != AUTH_TOKEN_KEY_LEN) {
+ TLOGE("%s: auth token key wrong length: %zu, expected %d", __func__,
+ size, AUTH_TOKEN_KEY_LEN);
+ rc = ERR_BAD_LEN;
+ goto err_bad_read;
+ }
+
*size_p = (uint32_t)size;
*key_buf_p = key_buf;
return NO_ERROR;
