Zero memory used for encryuption keys.
std::vector with custom zeroing allocator is used instead of
std::string for data that can contain encryption keys.
Bug: 64201177
Test: manually created a managed profile, changed it's credentials
Test: manually upgraded a phone with profile from O to MR1.
Change-Id: Ic31877049f69eba9f8ea64fd99acaaca5a01d3dd
diff --git a/Keymaster.h b/Keymaster.h
index 4bc0df7..dc6f1bc 100644
--- a/Keymaster.h
+++ b/Keymaster.h
@@ -19,6 +19,8 @@
#ifdef __cplusplus
+#include "KeyBuffer.h"
+
#include <memory>
#include <string>
#include <utility>
@@ -51,7 +53,14 @@
ErrorCode errorCode() { return mError; }
// Call "update" repeatedly until all of the input is consumed, and
// concatenate the output. Return true on success.
- bool updateCompletely(const std::string& input, std::string* output);
+ template <class TI, class TO>
+ bool updateCompletely(TI& input, TO* output) {
+ if (output) output->clear();
+ return updateCompletely(input.data(), input.size(), [&](const char* b, size_t n) {
+ if (output) std::copy(b, b+n, std::back_inserter(*output));
+ });
+ }
+
// Finish and write the output to this string, unless pointer is null.
bool finish(std::string* output);
// Move constructor
@@ -80,6 +89,10 @@
KeymasterOperation(ErrorCode error)
: mDevice{nullptr}, mOpHandle{0},
mError {error} {}
+
+ bool updateCompletely(const char* input, size_t inputLen,
+ const std::function<void(const char*, size_t)> consumer);
+
sp<IKeymasterDevice> mDevice;
uint64_t mOpHandle;
ErrorCode mError;