commit 72014adef83b0346859dbe82d77b09b4756d8e64
author Shawn Willden <swillden@google.com> Wed Sep 17 13:04:10 2014 -0600
committer Shawn Willden <swillden@google.com> Tue Sep 23 07:54:57 2014 -0600
tree 0b2abe1d57d52773ddae43db080c799f999f3082
parent 7c0a82b7528c51299bf8dda6beb5e1fc8bf54b23

Refactor KeyBlob to separate encryption functionality.

This CL is in preparation for another which will refactor libkeymaster
into libkeymaster and libkeymasterclient, the latter for use by programs
which merely interface with keymaster and don't do any crypto on their
own, but do need to parse key blobs to extract authorization list
entries.  To make that possible it moves KeyBlob's key encryption and
decryption capabilities into a subclass, PlaintextKeyBlob.

Change-Id: Ic6a65b6f237c122796ea70458655111316f902d8

asymmetric_key.cpp

diff --git a/asymmetric_key.cpp b/asymmetric_key.cpp
index 12f41b1..897fe75 100644
--- a/asymmetric_key.cpp
+++ b/asymmetric_key.cpp
@@ -17,7 +17,6 @@
 #include <openssl/evp.h>
 #include <openssl/x509.h>
 
-#include <keymaster/key_blob.h>
 #include <keymaster/keymaster_defs.h>
 
 #include "asymmetric_key.h"
@@ -25,6 +24,7 @@
 #include "ecdsa_operation.h"
 #include "openssl_utils.h"
 #include "rsa_operation.h"
+#include "unencrypted_key_blob.h"
 
 namespace keymaster {
 
@@ -35,13 +35,13 @@
 
 const uint32_t ECDSA_DEFAULT_KEY_SIZE = 192;
 
-keymaster_error_t AsymmetricKey::LoadKey(const KeyBlob& blob) {
+keymaster_error_t AsymmetricKey::LoadKey(const UnencryptedKeyBlob& blob) {
     UniquePtr<EVP_PKEY, EVP_PKEY_Delete> evp_key(EVP_PKEY_new());
     if (evp_key.get() == NULL)
         return KM_ERROR_MEMORY_ALLOCATION_FAILED;
 
     EVP_PKEY* tmp_pkey = evp_key.get();
-    const uint8_t* key_material = blob.key_material();
+    const uint8_t* key_material = blob.unencrypted_key_material();
     if (d2i_PrivateKey(evp_key_type(), &tmp_pkey, &key_material, blob.key_material_length()) ==
         NULL) {
         return KM_ERROR_INVALID_KEY_BLOB;
@@ -218,7 +218,7 @@
     return new RsaKey(rsa_key.release(), authorizations, logger);
 }
 
-RsaKey::RsaKey(const KeyBlob& blob, const Logger& logger, keymaster_error_t* error)
+RsaKey::RsaKey(const UnencryptedKeyBlob& blob, const Logger& logger, keymaster_error_t* error)
     : AsymmetricKey(blob, logger) {
     if (error)
         *error = LoadKey(blob);
@@ -422,7 +422,7 @@
     return new DsaKey(dsa_key.release(), authorizations, logger);
 }
 
-DsaKey::DsaKey(const KeyBlob& blob, const Logger& logger, keymaster_error_t* error)
+DsaKey::DsaKey(const UnencryptedKeyBlob& blob, const Logger& logger, keymaster_error_t* error)
     : AsymmetricKey(blob, logger) {
     if (error)
         *error = LoadKey(blob);
@@ -590,7 +590,7 @@
     return KM_ERROR_OK;
 }
 
-EcdsaKey::EcdsaKey(const KeyBlob& blob, const Logger& logger, keymaster_error_t* error)
+EcdsaKey::EcdsaKey(const UnencryptedKeyBlob& blob, const Logger& logger, keymaster_error_t* error)
     : AsymmetricKey(blob, logger) {
     if (error)
         *error = LoadKey(blob);