Home | History | Annotate | Download | only in contexts

Lines Matching refs:blob

199                                                       KeymasterKeyBlob* blob,
212     return SerializeIntegrityAssuredBlob(key_material, hidden, *hw_enforced, *sw_enforced, blob);
225     // 1. Software key blob.  Version info, if present, is in sw_enforced.  If not present, we
228     // 2. Keymaster0 hardware key blob.  Version info, if present, is in sw_enforced.  If not
231     // 3. Keymaster1 hardware key blob.  Version info is not present and we shouldn't have been
243 keymaster_error_t SoftKeymasterContext::ParseKeyBlob(const KeymasterKeyBlob& blob,
262     //     they're protected by the keymaster0 hardware implementation).  The keymaster0 key blob
269     //     auth sets so reasonable defaults are generated and returned along with the key blob.
271     // Determining what kind of blob has arrived is somewhat tricky.  What helps is that
301     // Assume it's an integrity-assured blob (new software-only blob, or new keymaster0-backed
302     // blob).
303     error = DeserializeIntegrityAssuredBlob(blob, hidden, &key_material, &hw_enforced, &sw_enforced);
307     // Wasn't an integrity-assured blob.  Maybe it's an OCB-encrypted blob.
308     error = ParseOcbAuthEncryptedBlob(blob, hidden, &key_material, &hw_enforced, &sw_enforced);
314     // Wasn't an OCB-encrypted blob.  Maybe it's an old softkeymaster blob.
315     error = ParseOldSoftkeymasterBlob(blob, &key_material, &hw_enforced, &sw_enforced);
322         error = ParseKeymaster1HwBlob(blob, additional_params, &key_material, &hw_enforced,
325         error = ParseKeymaster0HwBlob(blob, &key_material, &hw_enforced, &sw_enforced);
332 keymaster_error_t SoftKeymasterContext::DeleteKey(const KeymasterKeyBlob& blob) const {
335         // reboot if we pass it a key blob it doesn't understand, we need to check for software
340             blob, &key_material, &hw_enforced, &sw_enforced);
345         return km1_engine_->DeleteKey(blob);
350         // integrity-assured blob.  If it's integrity-assured, we can't validate it strongly,
352         // that anything other than an integrity-assured blob would have all of the structure
353         // required to decode as a valid blob is low -- unless it's maliciously-constructed, but the
357         // to the underlying hardware.  If not, we pass blob unmodified to the underlying hardware.
361             blob, &key_material, &hw_enforced, &sw_enforced);
365         km0_engine_->DeleteKey(blob);
368         // either the blob is a software blob (which we can't distinguish with certainty without
369         // additional_params) or because it is a hardware blob and the hardware failed.  In the
396     const KeymasterKeyBlob& blob, const AuthorizationSet& additional_params,
412     keymaster_error_t error = km1_dev_->get_key_characteristics(km1_dev_, &blob, client_id_ptr,
423     *key_material = blob;
427 keymaster_error_t SoftKeymasterContext::ParseKeymaster0HwBlob(const KeymasterKeyBlob& blob,
433     unique_ptr<EVP_PKEY, EVP_PKEY_Delete> tmp_key(km0_engine_->GetKeymaster0PublicKey(blob));
441         *key_material = blob;