Handle keynames with special characters such as - and .

Bug: http://code.google.com/p/android/issues/detail?id=34577 Bug: 6837950 Change-Id: Id441e341073558ab8b20144a7e7f4f7a92c6a19e
author: Brian Carlstrom <bdc@google.com> 2012-07-17 14:43:46 -0700
committer: Brian Carlstrom <bdc@google.com> 2012-07-17 23:56:36 -0700
commit: 0114bd9f9bbc2458ca77bf3508e7c15992a432b1 (patch)
tree: 1eb961dcc531e0a0c98ac5fcb9973178b9dc3ff2
parent: c0ff10d48be65cbf498636539316cc378b1c9424 (diff)
download: system_security-0114bd9f9bbc2458ca77bf3508e7c15992a432b1.zip
system_security-0114bd9f9bbc2458ca77bf3508e7c15992a432b1.tar.gz
system_security-0114bd9f9bbc2458ca77bf3508e7c15992a432b1.tar.bz2
2 files changed, 20 insertions, 18 deletions
diff --git a/keystore-engine/eng_keystore.cpp b/keystore-engine/eng_keystore.cpp
index 9a3e7f4..ad2b638 100644
--- a/keystore-engine/eng_keystore.cpp
+++ b/keystore-engine/eng_keystore.cpp
@@ -36,7 +36,7 @@
 #include <openssl/engine.h>
 #include <openssl/evp.h>
 
-#define LOG_NDEBUG 0
+//#define LOG_NDEBUG 0
 #define LOG_TAG "OpenSSL-keystore"
 #include <cutils/log.h>
 
@@ -210,9 +210,14 @@ static int register_rsa_methods() {
     return 1;
 }
 
-static EVP_PKEY* keystore_loadkey(ENGINE* e, const char* key_id, UI_METHOD *ui_method,
-        void *callback_data) {
+static EVP_PKEY* keystore_loadkey(ENGINE* e, const char* key_id, UI_METHOD* ui_method,
+        void* callback_data) {
+#if LOG_NDEBUG
+    (void)ui_method;
+    (void)callback_data;
+#else
     ALOGV("keystore_loadkey(%p, \"%s\", %p, %p)", e, key_id, ui_method, callback_data);
+#endif
 
     Keystore_Reply reply;
     if (keystore_cmd(CommandCodes[GET_PUBKEY], &reply, 1, strlen(key_id), key_id) != NO_ERROR) {
diff --git a/keystore/keystore.cpp b/keystore/keystore.cpp
index af8c937..6f506dd 100644
--- a/keystore/keystore.cpp
+++ b/keystore/keystore.cpp
@@ -439,7 +439,7 @@ private:
 
 typedef struct {
     uint32_t uid;
-    const uint8_t* keyName;
+    const uint8_t* filename;
 
     struct listnode plist;
 } grant_t;
@@ -622,20 +622,18 @@ public:
         if (grant == NULL) {
             grant = new grant_t;
             grant->uid = uid;
-            grant->keyName = reinterpret_cast<const uint8_t*>(strdup(filename));
+            grant->filename = reinterpret_cast<const uint8_t*>(strdup(filename));
             list_add_tail(&mGrants, &grant->plist);
         }
     }
 
-    bool removeGrant(const Value* keyValue, const Value* uidValue) {
+    bool removeGrant(const char* filename, const Value* uidValue) {
         uid_t uid;
         if (!convertToUid(uidValue, &uid)) {
             return false;
         }
 
-        ValueString keyString(keyValue);
-
-        grant_t *grant = getGrant(keyString.c_str(), uid);
+        grant_t *grant = getGrant(filename, uid);
         if (grant != NULL) {
             list_remove(&grant->plist);
             delete grant;
@@ -645,9 +643,8 @@ public:
         return false;
     }
 
-    bool hasGrant(const Value* keyValue, const uid_t uid) const {
-        ValueString keyString(keyValue);
-        return getGrant(keyString.c_str(), uid) != NULL;
+    bool hasGrant(const char* filename, const uid_t uid) const {
+        return getGrant(filename, uid) != NULL;
     }
 
     ResponseCode importKey(const Value* key, const char* filename) {
@@ -748,15 +745,15 @@ private:
                 && (strcmp(filename, "..") != 0));
     }
 
-    grant_t* getGrant(const char* keyName, uid_t uid) const {
+    grant_t* getGrant(const char* filename, uid_t uid) const {
         struct listnode *node;
         grant_t *grant;
 
         list_for_each(node, &mGrants) {
             grant = node_to_item(node, grant_t, plist);
             if (grant->uid == uid
-                    && !strcmp(reinterpret_cast<const char*>(grant->keyName),
-                               keyName)) {
+                    && !strcmp(reinterpret_cast<const char*>(grant->filename),
+                               filename)) {
                 return grant;
             }
         }
@@ -916,12 +913,12 @@ static ResponseCode get_key_for_name(KeyStore* keyStore, Blob* keyBlob, const Va
     }
 
     // They might be using a granted key.
-    if (!keyStore->hasGrant(keyName, uid)) {
+    encode_key(filename, keyName);
+    if (!keyStore->hasGrant(filename, uid)) {
         return responseCode;
     }
 
     // It is a granted key. Try to load it.
-    encode_key(filename, keyName);
     return keyStore->get(filename, keyBlob, type);
 }
 
@@ -1267,7 +1264,7 @@ static ResponseCode ungrant(KeyStore* keyStore, int, uid_t uid, Value* keyName,
         return (errno != ENOENT) ? SYSTEM_ERROR : KEY_NOT_FOUND;
     }
 
-    return keyStore->removeGrant(keyName, granteeData) ? NO_ERROR : KEY_NOT_FOUND;
+    return keyStore->removeGrant(filename, granteeData) ? NO_ERROR : KEY_NOT_FOUND;
 }
 
 /* Here are the permissions, actions, users, and the main function. */
author	Brian Carlstrom <bdc@google.com>	2012-07-17 14:43:46 -0700
committer	Brian Carlstrom <bdc@google.com>	2012-07-17 23:56:36 -0700
commit	0114bd9f9bbc2458ca77bf3508e7c15992a432b1 (patch)
tree	1eb961dcc531e0a0c98ac5fcb9973178b9dc3ff2
parent	c0ff10d48be65cbf498636539316cc378b1c9424 (diff)
download	system_security-0114bd9f9bbc2458ca77bf3508e7c15992a432b1.zip system_security-0114bd9f9bbc2458ca77bf3508e7c15992a432b1.tar.gz system_security-0114bd9f9bbc2458ca77bf3508e7c15992a432b1.tar.bz2