diff options
author | Brian Carlstrom <bdc@google.com> | 2012-07-17 14:43:46 -0700 |
---|---|---|
committer | Brian Carlstrom <bdc@google.com> | 2012-07-17 23:56:36 -0700 |
commit | 0114bd9f9bbc2458ca77bf3508e7c15992a432b1 (patch) | |
tree | 1eb961dcc531e0a0c98ac5fcb9973178b9dc3ff2 | |
parent | c0ff10d48be65cbf498636539316cc378b1c9424 (diff) | |
download | system_security-0114bd9f9bbc2458ca77bf3508e7c15992a432b1.zip system_security-0114bd9f9bbc2458ca77bf3508e7c15992a432b1.tar.gz system_security-0114bd9f9bbc2458ca77bf3508e7c15992a432b1.tar.bz2 |
Handle keynames with special characters such as - and .
Bug: http://code.google.com/p/android/issues/detail?id=34577
Bug: 6837950
Change-Id: Id441e341073558ab8b20144a7e7f4f7a92c6a19e
-rw-r--r-- | keystore-engine/eng_keystore.cpp | 11 | ||||
-rw-r--r-- | keystore/keystore.cpp | 27 |
2 files changed, 20 insertions, 18 deletions
diff --git a/keystore-engine/eng_keystore.cpp b/keystore-engine/eng_keystore.cpp index 9a3e7f4..ad2b638 100644 --- a/keystore-engine/eng_keystore.cpp +++ b/keystore-engine/eng_keystore.cpp @@ -36,7 +36,7 @@ #include <openssl/engine.h> #include <openssl/evp.h> -#define LOG_NDEBUG 0 +//#define LOG_NDEBUG 0 #define LOG_TAG "OpenSSL-keystore" #include <cutils/log.h> @@ -210,9 +210,14 @@ static int register_rsa_methods() { return 1; } -static EVP_PKEY* keystore_loadkey(ENGINE* e, const char* key_id, UI_METHOD *ui_method, - void *callback_data) { +static EVP_PKEY* keystore_loadkey(ENGINE* e, const char* key_id, UI_METHOD* ui_method, + void* callback_data) { +#if LOG_NDEBUG + (void)ui_method; + (void)callback_data; +#else ALOGV("keystore_loadkey(%p, \"%s\", %p, %p)", e, key_id, ui_method, callback_data); +#endif Keystore_Reply reply; if (keystore_cmd(CommandCodes[GET_PUBKEY], &reply, 1, strlen(key_id), key_id) != NO_ERROR) { diff --git a/keystore/keystore.cpp b/keystore/keystore.cpp index af8c937..6f506dd 100644 --- a/keystore/keystore.cpp +++ b/keystore/keystore.cpp @@ -439,7 +439,7 @@ private: typedef struct { uint32_t uid; - const uint8_t* keyName; + const uint8_t* filename; struct listnode plist; } grant_t; @@ -622,20 +622,18 @@ public: if (grant == NULL) { grant = new grant_t; grant->uid = uid; - grant->keyName = reinterpret_cast<const uint8_t*>(strdup(filename)); + grant->filename = reinterpret_cast<const uint8_t*>(strdup(filename)); list_add_tail(&mGrants, &grant->plist); } } - bool removeGrant(const Value* keyValue, const Value* uidValue) { + bool removeGrant(const char* filename, const Value* uidValue) { uid_t uid; if (!convertToUid(uidValue, &uid)) { return false; } - ValueString keyString(keyValue); - - grant_t *grant = getGrant(keyString.c_str(), uid); + grant_t *grant = getGrant(filename, uid); if (grant != NULL) { list_remove(&grant->plist); delete grant; @@ -645,9 +643,8 @@ public: return false; } - bool hasGrant(const Value* keyValue, const uid_t uid) const { - ValueString keyString(keyValue); - return getGrant(keyString.c_str(), uid) != NULL; + bool hasGrant(const char* filename, const uid_t uid) const { + return getGrant(filename, uid) != NULL; } ResponseCode importKey(const Value* key, const char* filename) { @@ -748,15 +745,15 @@ private: && (strcmp(filename, "..") != 0)); } - grant_t* getGrant(const char* keyName, uid_t uid) const { + grant_t* getGrant(const char* filename, uid_t uid) const { struct listnode *node; grant_t *grant; list_for_each(node, &mGrants) { grant = node_to_item(node, grant_t, plist); if (grant->uid == uid - && !strcmp(reinterpret_cast<const char*>(grant->keyName), - keyName)) { + && !strcmp(reinterpret_cast<const char*>(grant->filename), + filename)) { return grant; } } @@ -916,12 +913,12 @@ static ResponseCode get_key_for_name(KeyStore* keyStore, Blob* keyBlob, const Va } // They might be using a granted key. - if (!keyStore->hasGrant(keyName, uid)) { + encode_key(filename, keyName); + if (!keyStore->hasGrant(filename, uid)) { return responseCode; } // It is a granted key. Try to load it. - encode_key(filename, keyName); return keyStore->get(filename, keyBlob, type); } @@ -1267,7 +1264,7 @@ static ResponseCode ungrant(KeyStore* keyStore, int, uid_t uid, Value* keyName, return (errno != ENOENT) ? SYSTEM_ERROR : KEY_NOT_FOUND; } - return keyStore->removeGrant(keyName, granteeData) ? NO_ERROR : KEY_NOT_FOUND; + return keyStore->removeGrant(filename, granteeData) ? NO_ERROR : KEY_NOT_FOUND; } /* Here are the permissions, actions, users, and the main function. */ |