diff options
| author | Ji Luo <ji.luo@nxp.com> | 2020-12-14 14:47:04 +0800 |
|---|---|---|
| committer | Ji Luo <ji.luo@nxp.com> | 2022-04-18 16:40:10 +0800 |
| commit | 8176aa44b6e67553100917eefaa7a93704a3bbe5 (patch) | |
| tree | 02fe044c93c19784e9a1fbe7066fbb8b7c65af75 /lib | |
| parent | d060bbdf61197db670a0a655b0c698f6fe4b9b11 (diff) | |
MA-18406 Fix panic when provision keys on boards without rpmb key
The keymaster client won't be initialized if the rpmb
key is not set, return early with error in such case
to avoid panic.
Test: provision attestation keys & certs on boards without
rpmb key set.
Change-Id: I6f908aecafd15ab390629cb89b090c9ee817ba1e
Signed-off-by: Ji Luo <ji.luo@nxp.com>
(cherry picked from commit b999b03c3eb153a99b481e42315e048653247107)
(cherry picked from commit 8e2cacff502629d88d5dd49baae3e547728e7af7)
(cherry picked from commit ca81aac985b80f614e422e1834ca209a50ad45b1)
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/trusty/ql-tipc/keymaster.c | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/lib/trusty/ql-tipc/keymaster.c b/lib/trusty/ql-tipc/keymaster.c index 210420496f..cecb5ce6e2 100644 --- a/lib/trusty/ql-tipc/keymaster.c +++ b/lib/trusty/ql-tipc/keymaster.c @@ -398,6 +398,10 @@ end: int trusty_set_attestation_key(const uint8_t *key, uint32_t key_size, keymaster_algorithm_t algorithm) { + if (!initialized) { + trusty_error("Keymaster TIPC client not initialized!\n"); + return -1; + } return trusty_send_attestation_data(KM_SET_ATTESTATION_KEY, key, key_size, algorithm); } @@ -406,6 +410,10 @@ int trusty_append_attestation_cert_chain(const uint8_t *cert, uint32_t cert_size, keymaster_algorithm_t algorithm) { + if (!initialized) { + trusty_error("Keymaster TIPC client not initialized!\n"); + return -1; + } return trusty_send_attestation_data(KM_APPEND_ATTESTATION_CERT_CHAIN, cert, cert_size, algorithm); } @@ -413,6 +421,10 @@ int trusty_append_attestation_cert_chain(const uint8_t *cert, int trusty_set_attestation_key_enc(const uint8_t *key, uint32_t key_size, keymaster_algorithm_t algorithm) { + if (!initialized) { + trusty_error("Keymaster TIPC client not initialized!\n"); + return -1; + } return trusty_send_attestation_data(KM_SET_ATTESTATION_KEY_ENC, key, key_size, algorithm); } @@ -421,6 +433,10 @@ int trusty_append_attestation_cert_chain_enc(const uint8_t *cert, uint32_t cert_size, keymaster_algorithm_t algorithm) { + if (!initialized) { + trusty_error("Keymaster TIPC client not initialized!\n"); + return -1; + } return trusty_send_attestation_data(KM_APPEND_ATTESTATION_CERT_CHAIN_ENC, cert, cert_size, algorithm); } @@ -501,6 +517,11 @@ int trusty_get_mppubk(uint8_t *mppubk, uint32_t *size) int rc = TRUSTY_ERR_GENERIC; struct km_get_mppubk_resp resp; + if (!initialized) { + trusty_error("Keymaster TIPC client not initialized!\n"); + return -1; + } + rc = km_send_request(KM_GET_MPPUBK, NULL, 0); if (rc < 0) { trusty_error("failed to send km mppubk request\n", rc); @@ -532,6 +553,11 @@ int trusty_verify_secure_unlock(uint8_t *unlock_credential, uint8_t *req = NULL; uint32_t req_size = 0; + if (!initialized) { + trusty_error("Keymaster TIPC client not initialized!\n"); + return -1; + } + struct km_secure_unlock_data secure_unlock_data = { .serial_size = serial_size, .serial_data = serial, |