Snap for 5450365 from 97f37e99745f205b4bd3cece9f0470388587f14c to pi-platform-release

Change-Id: I9ca22748dc8f0598c4f25bd03a64a8af534c1aa4

1 files changed, 61 insertions, 22 deletions

diff --git a/hals/keymaster/KeymasterDevice.cpp b/hals/keymaster/KeymasterDevice.cpp
index daa17ee..cb3d6ff 100644
--- a/hals/keymaster/KeymasterDevice.cpp
+++ b/hals/keymaster/KeymasterDevice.cpp
@@ -130,6 +130,12 @@ class Finalize {
     void release() { f_ = {}; }
 };
 
+inline std::string hidlVec2String(const hidl_vec<uint8_t>& value) {
+    return std::string(
+        reinterpret_cast<const std::string::value_type*>(
+            &value[0]), value.size());
+}
+
 }  // namespace
 
 // std
@@ -229,6 +235,20 @@ static ErrorCode status_to_error_code(uint32_t status)
     }
 }
 
+static uint64_t ms_since_epoch(void)
+{
+    uint64_t seconds;
+    uint64_t milli_seconds;
+    struct timespec spec;
+
+    ::clock_gettime(CLOCK_REALTIME, &spec);
+
+    seconds = spec.tv_sec;
+    milli_seconds = spec.tv_nsec / (1000 * 1000);
+
+    return (seconds * 1000) + milli_seconds;
+}
+
 #define KM_CALL(meth, request, response) {                                    \
     const uint32_t status = _keymaster. meth (request, &response);            \
     const ErrorCode error_code = translate_error_code(response.error_code()); \
@@ -448,6 +468,7 @@ Return<void> KeymasterDevice::generateKey(
       _hidl_cb(ErrorCode::INVALID_ARGUMENT, blob, characteristics);
       return Void();
     }
+    request.set_creation_time_ms(ms_since_epoch());
 
     // Call device.
     KM_CALLV(GenerateKey, request, response,
@@ -512,6 +533,7 @@ Return<void> KeymasterDevice::importKey(
         _hidl_cb(error, hidl_vec<uint8_t>{}, KeyCharacteristics{});
         return Void();
     }
+    request.set_creation_time_ms(ms_since_epoch());
 
     KM_CALLV(ImportKey, request, response,
              hidl_vec<uint8_t>{}, KeyCharacteristics{});
@@ -1116,25 +1138,38 @@ Return<void> KeymasterDevice::finish(
     FinishOperationRequest request;
     FinishOperationResponse response;
 
-    if (input.size() > KM_MAX_PROTO_FIELD_SIZE) {
-        LOG(ERROR) << "Excess input length: " << input.size()
-                   << " max allowed: " << KM_MAX_PROTO_FIELD_SIZE;
-        if (this->abort(operationHandle) != ErrorCode::OK) {
-            LOG(ERROR) << "abort( " << operationHandle
-                       << ") failed";
-        }
-        _hidl_cb(ErrorCode::INVALID_INPUT_LENGTH,
-                 hidl_vec<KeyParameter>{}, hidl_vec<uint8_t>{});
-        return Void();
-    }
-
-    uint32_t consumed;
     ErrorCode error_code;
-    error_code = buffer_append(operationHandle, input, &consumed);
-    if (error_code != ErrorCode::OK) {
-        _hidl_cb(error_code,
-                 hidl_vec<KeyParameter>{}, hidl_vec<uint8_t>{});
-        return Void();
+    hidl_vec<uint8_t> output;
+
+    // Consume any input data via update calls.
+    size_t consumed = 0;
+    hidl_vec<KeyParameter> input_params = inParams;
+    string update_output_str;
+    while (consumed < input.size()) {
+        hidl_vec<KeyParameter> out_params;
+        update_cb _update_hidl_cb =
+            [&] (
+                ErrorCode error, uint32_t input_consumed,
+                const hidl_vec<KeyParameter>& params,
+                const hidl_vec<uint8_t>& update_output) {
+                    error_code = error;
+                    if (error == ErrorCode::OK) {
+                        consumed += input_consumed;
+                        input_params = params;  // Update the params.
+                        update_output_str += hidlVec2String(update_output);
+                    }
+            };
+
+        hidl_vec<uint8_t> input_data;
+        input_data.setToExternal(const_cast<uint8_t*>(&input.data()[consumed]),
+                                 input.size() - consumed);
+        update(operationHandle, input_params, input_data, authToken,
+               verificationToken, _update_hidl_cb);
+        if (error_code != ErrorCode::OK) {
+            _hidl_cb(error_code,
+                     hidl_vec<KeyParameter>{}, hidl_vec<uint8_t>{});
+            return Void();
+        }
     }
 
     hidl_vec<uint8_t> data;
@@ -1148,9 +1183,8 @@ Return<void> KeymasterDevice::finish(
     request.mutable_handle()->set_handle(operationHandle);
 
     hidl_vec<KeyParameter> params;
-    hidl_vec<uint8_t> output;
     if (hidl_params_to_pb(
-            inParams, request.mutable_params()) != ErrorCode::OK) {
+            input_params, request.mutable_params()) != ErrorCode::OK) {
       _hidl_cb(ErrorCode::INVALID_ARGUMENT, params, output);
       return Void();
     }
@@ -1170,9 +1204,13 @@ Return<void> KeymasterDevice::finish(
                    hidl_vec<KeyParameter>{}, hidl_vec<uint8_t>{});
 
     pb_to_hidl_params(response.params(), &params);
+    // Concatenate accumulated output from Update().
+    update_output_str += string(
+        response.output().data(), response.output().size());
     output.setToExternal(
-        reinterpret_cast<uint8_t*>(const_cast<char*>(response.output().data())),
-        response.output().size(), false);
+        reinterpret_cast<uint8_t*>(const_cast<char*>(
+                                       update_output_str.data())),
+        update_output_str.size(), false);
 
     _hidl_cb(ErrorCode::OK, params, output);
     return Void();
@@ -1221,6 +1259,7 @@ Return<void> KeymasterDevice::importWrappedKey(
         _hidl_cb(error, hidl_vec<uint8_t>{}, KeyCharacteristics{});
         return Void();
     }
+    request.set_creation_time_ms(ms_since_epoch());
 
     KM_CALLV(ImportWrappedKey, request, response,
              hidl_vec<uint8_t>{}, KeyCharacteristics{});