diff options
| author | Shawn Willden <swillden@google.com> | 2022-06-07 13:17:48 -0600 |
|---|---|---|
| committer | David Drysdale <drysdale@google.com> | 2022-06-14 10:22:43 +0100 |
| commit | 18cf62712cf3fd1197ca15e2a7d4d1dd67131213 (patch) | |
| tree | cf1c0393f63c14b2748a66c645e60e9de0bb8ebb | |
| parent | ae2837d80cfc64ae0c5a12737d4b480a479adb20 (diff) | |
| download | core-18cf62712cf3fd1197ca15e2a7d4d1dd67131213.tar.gz | |
Implement GetRootOfTrust
Bug: 219076736
Test: VtsAidlKeyMintTargetTest
Change-Id: I8485360f253ca20f008c5df5090e79c1781fbb4f
Merged-In: I8485360f253ca20f008c5df5090e79c1781fbb4f
Ignore-AOSP-First: already present in aosp/master
4 files changed, 22 insertions, 3 deletions
diff --git a/trusty/keymaster/TrustyKeymaster.cpp b/trusty/keymaster/TrustyKeymaster.cpp index cdfbd9003..e77940a1f 100644 --- a/trusty/keymaster/TrustyKeymaster.cpp +++ b/trusty/keymaster/TrustyKeymaster.cpp @@ -279,4 +279,10 @@ ConfigureVendorPatchlevelResponse TrustyKeymaster::ConfigureVendorPatchlevel( return response; } +GetRootOfTrustResponse TrustyKeymaster::GetRootOfTrust(const GetRootOfTrustRequest& request) { + GetRootOfTrustResponse response(message_version()); + ForwardCommand(KM_GET_ROOT_OF_TRUST, request, &response); + return response; +} + } // namespace keymaster diff --git a/trusty/keymaster/include/trusty_keymaster/TrustyKeymaster.h b/trusty/keymaster/include/trusty_keymaster/TrustyKeymaster.h index f80e02f37..9f4f39bf5 100644 --- a/trusty/keymaster/include/trusty_keymaster/TrustyKeymaster.h +++ b/trusty/keymaster/include/trusty_keymaster/TrustyKeymaster.h @@ -66,6 +66,7 @@ class TrustyKeymaster { DeviceLockedResponse DeviceLocked(const DeviceLockedRequest& request); ConfigureVendorPatchlevelResponse ConfigureVendorPatchlevel( const ConfigureVendorPatchlevelRequest& request); + GetRootOfTrustResponse GetRootOfTrust(const GetRootOfTrustRequest& request); uint32_t message_version() const { return message_version_; } diff --git a/trusty/keymaster/include/trusty_keymaster/ipc/keymaster_ipc.h b/trusty/keymaster/include/trusty_keymaster/ipc/keymaster_ipc.h index fa475ae90..bf0cb703f 100644 --- a/trusty/keymaster/include/trusty_keymaster/ipc/keymaster_ipc.h +++ b/trusty/keymaster/include/trusty_keymaster/ipc/keymaster_ipc.h @@ -59,6 +59,7 @@ enum keymaster_command : uint32_t { KM_GENERATE_RKP_KEY = (31 << KEYMASTER_REQ_SHIFT), KM_GENERATE_CSR = (32 << KEYMASTER_REQ_SHIFT), KM_CONFIGURE_VENDOR_PATCHLEVEL = (33 << KEYMASTER_REQ_SHIFT), + KM_GET_ROOT_OF_TRUST = (34 << KEYMASTER_REQ_SHIFT), // Bootloader/provisioning calls. KM_SET_BOOT_PARAMS = (0x1000 << KEYMASTER_REQ_SHIFT), diff --git a/trusty/keymaster/keymint/TrustyKeyMintDevice.cpp b/trusty/keymaster/keymint/TrustyKeyMintDevice.cpp index 44780e835..7d58162cc 100644 --- a/trusty/keymaster/keymint/TrustyKeyMintDevice.cpp +++ b/trusty/keymaster/keymint/TrustyKeyMintDevice.cpp @@ -325,9 +325,20 @@ ScopedAStatus TrustyKeyMintDevice::getRootOfTrustChallenge(array<uint8_t, 16>* / return kmError2ScopedAStatus(KM_ERROR_UNIMPLEMENTED); } -ScopedAStatus TrustyKeyMintDevice::getRootOfTrust(const array<uint8_t, 16>& /* challenge */, - vector<uint8_t>* /* rootOfTrust */) { - return kmError2ScopedAStatus(KM_ERROR_UNIMPLEMENTED); +ScopedAStatus TrustyKeyMintDevice::getRootOfTrust(const array<uint8_t, 16>& challenge, + vector<uint8_t>* rootOfTrust) { + if (!rootOfTrust) { + return kmError2ScopedAStatus(KM_ERROR_UNEXPECTED_NULL_POINTER); + } + keymaster::GetRootOfTrustRequest request(impl_->message_version(), + {challenge.begin(), challenge.end()}); + keymaster::GetRootOfTrustResponse response = impl_->GetRootOfTrust(request); + if (response.error != KM_ERROR_OK) { + return kmError2ScopedAStatus(response.error); + } + + *rootOfTrust = std::move(response.rootOfTrust); + return ScopedAStatus::ok(); } ScopedAStatus TrustyKeyMintDevice::sendRootOfTrust(const vector<uint8_t>& /* rootOfTrust */) { |