From 50624e995d07b8fa214f8e0885696445df470018 Mon Sep 17 00:00:00 2001 From: Bartosz Fabianowski Date: Mon, 13 Feb 2017 16:50:24 +0100 Subject: [PATCH] Have generateKey() treat additional entropy as optional KeyStore.generateKey() takes an entropy parameter. This is optional and can be null. That is how KeyStore used to work but a recent refactor made us always feed the entropy to keymaster, even if it is empty (null or byte[0] on the Java side). This CL makes us ignore such empty entropy again. We only noticed this because a recently added GTS test that happens to set the entropy to null is failing on some hardware (other keymaster implementations silently ignore this invalid attempt to set entropy). Bug: 35156555 Test: gts-tradefed run gts --module GtsGmscoreHostTestCases --test com.google.android.gts.security.DeviceIdAttestationHostTest Change-Id: Iadaf40e69350c17dd18e4dc2a1dab97fa911e1bf --- keymaster/3.0/default/KeymasterDevice.cpp | 1 + 1 file changed, 1 insertion(+) diff --git a/keymaster/3.0/default/KeymasterDevice.cpp b/keymaster/3.0/default/KeymasterDevice.cpp index 563ff845..24cf53a6 100644 --- a/keymaster/3.0/default/KeymasterDevice.cpp +++ b/keymaster/3.0/default/KeymasterDevice.cpp @@ -375,6 +375,7 @@ Return KeymasterDevice::getHardwareFeatures(getHardwareFeatures_cb _hidl_c } Return KeymasterDevice::addRngEntropy(const hidl_vec& data) { + if (!data.size()) return ErrorCode::OK; return legacy_enum_conversion( keymaster_device_->add_rng_entropy(keymaster_device_, &data[0], data.size())); } -- 2.11.0