commit 763166cf0911d6eac2aede877b94e96d85a90657
author Shawn Willden <swillden@google.com> Sun Jan 10 19:45:01 2021 -0700
committer Shawn Willden <swillden@google.com> Wed Jan 13 09:13:16 2021 -0700
tree 72efd7eff09cc802b232483d43470f1084388732
parent 503a565f3977a4200966c35d35ba777c196958ca

Change KeyMint KeyCharacteristics

Support key characteristics with three security levels, and don't
store unenforced authorizations with keys or bind them to keys.

Bug: 163606833
Test: atest VtsAidlKeyMintTargetTest
Change-Id: I5abadc892fe5909d297bd035cf6e582b21e57f5f

ng/KeyMintUtils.cpp

diff --git a/ng/KeyMintUtils.cpp b/ng/KeyMintUtils.cpp
index 4b2119b..730e282 100644
--- a/ng/KeyMintUtils.cpp
+++ b/ng/KeyMintUtils.cpp
@@ -122,49 +122,55 @@
     return result;
 }
 
+KeyParameter kmParam2Aidl(const keymaster_key_param_t& param) {
+    auto tag = legacy_enum_conversion(param.tag);
+    switch (typeFromTag(param.tag)) {
+    case KM_ENUM:
+    case KM_ENUM_REP:
+        return kmEnumParam2Aidl(param);
+        break;
+
+    case KM_UINT:
+    case KM_UINT_REP:
+        return KeyParameter{tag,
+                            KeyParameterValue::make<KeyParameterValue::integer>(param.integer)};
+
+    case KM_ULONG:
+    case KM_ULONG_REP:
+        return KeyParameter{
+            tag, KeyParameterValue::make<KeyParameterValue::longInteger>(param.long_integer)};
+        break;
+
+    case KM_DATE:
+        return KeyParameter{tag,
+                            KeyParameterValue::make<KeyParameterValue::dateTime>(param.date_time)};
+        break;
+
+    case KM_BOOL:
+        return KeyParameter{tag, param.boolean};
+        break;
+
+    case KM_BIGNUM:
+    case KM_BYTES:
+        return {tag, KeyParameterValue::make<KeyParameterValue::blob>(
+                         std::vector(param.blob.data, param.blob.data + param.blob.data_length))};
+        break;
+
+    case KM_INVALID:
+    default:
+        CHECK(false) << "Unknown or unused tag type: Something is broken";
+        return KeyParameter{Tag::INVALID, false};
+        break;
+    }
+}
+
 vector<KeyParameter> kmParamSet2Aidl(const keymaster_key_param_set_t& set) {
     vector<KeyParameter> result;
     if (set.length == 0 || set.params == nullptr) return result;
 
     result.reserve(set.length);
-    keymaster_key_param_t* params = set.params;
     for (size_t i = 0; i < set.length; ++i) {
-        auto tag = legacy_enum_conversion(params[i].tag);
-        switch (typeFromTag(params[i].tag)) {
-        case KM_ENUM:
-        case KM_ENUM_REP:
-            result.push_back(kmEnumParam2Aidl(params[i]));
-            break;
-        case KM_UINT:
-        case KM_UINT_REP:
-            result.push_back(KeyParameter{
-                tag, KeyParameterValue::make<KeyParameterValue::integer>(params[i].integer)});
-            break;
-        case KM_ULONG:
-        case KM_ULONG_REP:
-            result.push_back(KeyParameter{
-                tag,
-                KeyParameterValue::make<KeyParameterValue::longInteger>(params[i].long_integer)});
-            break;
-        case KM_DATE:
-            result.push_back(KeyParameter{
-                tag, KeyParameterValue::make<KeyParameterValue::dateTime>(params[i].date_time)});
-            break;
-        case KM_BOOL:
-            result.push_back(KeyParameter{tag, params[i].boolean});
-            break;
-        case KM_BIGNUM:
-        case KM_BYTES:
-            result.push_back(
-                {tag, KeyParameterValue::make<KeyParameterValue::blob>(std::vector(
-                          params[i].blob.data, params[i].blob.data + params[i].blob.data_length))});
-            break;
-        case KM_INVALID:
-        default:
-            CHECK(false) << "Unknown or unused enum tag: Something is broken";
-            result.push_back(KeyParameter{tag, false});
-            break;
-        }
+        result.push_back(kmParam2Aidl(set.params[i]));
     }
     return result;
 }