Commit 933b8ef8 authored by Ji Luo's avatar Ji Luo
Browse files

MA-18406 Fix panic when provision keys on boards without rpmb key



The keymaster client won't be initialized if the rpmb
key is not set, return early with error in such case
to avoid panic.

Test: provision attestation keys & certs on boards without
      rpmb key set.

Change-Id: I6f908aecafd15ab390629cb89b090c9ee817ba1e
Signed-off-by: default avatarJi Luo <ji.luo@nxp.com>
parent 0fffe007
......@@ -398,6 +398,10 @@ end:
int trusty_set_attestation_key(const uint8_t *key, uint32_t key_size,
keymaster_algorithm_t algorithm)
{
if (!initialized) {
trusty_error("Keymaster TIPC client not initialized!\n");
return -1;
}
return trusty_send_attestation_data(KM_SET_ATTESTATION_KEY, key, key_size,
algorithm);
}
......@@ -406,6 +410,10 @@ int trusty_append_attestation_cert_chain(const uint8_t *cert,
uint32_t cert_size,
keymaster_algorithm_t algorithm)
{
if (!initialized) {
trusty_error("Keymaster TIPC client not initialized!\n");
return -1;
}
return trusty_send_attestation_data(KM_APPEND_ATTESTATION_CERT_CHAIN,
cert, cert_size, algorithm);
}
......@@ -413,6 +421,10 @@ int trusty_append_attestation_cert_chain(const uint8_t *cert,
int trusty_set_attestation_key_enc(const uint8_t *key, uint32_t key_size,
keymaster_algorithm_t algorithm)
{
if (!initialized) {
trusty_error("Keymaster TIPC client not initialized!\n");
return -1;
}
return trusty_send_attestation_data(KM_SET_ATTESTATION_KEY_ENC, key, key_size,
algorithm);
}
......@@ -421,6 +433,10 @@ int trusty_append_attestation_cert_chain_enc(const uint8_t *cert,
uint32_t cert_size,
keymaster_algorithm_t algorithm)
{
if (!initialized) {
trusty_error("Keymaster TIPC client not initialized!\n");
return -1;
}
return trusty_send_attestation_data(KM_APPEND_ATTESTATION_CERT_CHAIN_ENC,
cert, cert_size, algorithm);
}
......@@ -501,6 +517,11 @@ int trusty_get_mppubk(uint8_t *mppubk, uint32_t *size)
int rc = TRUSTY_ERR_GENERIC;
struct km_get_mppubk_resp resp;
if (!initialized) {
trusty_error("Keymaster TIPC client not initialized!\n");
return -1;
}
rc = km_send_request(KM_GET_MPPUBK, NULL, 0);
if (rc < 0) {
trusty_error("%s: failed (%d) to send km mppubk request\n", __func__, rc);
......@@ -532,6 +553,11 @@ int trusty_verify_secure_unlock(uint8_t *unlock_credential,
uint8_t *req = NULL;
uint32_t req_size = 0;
if (!initialized) {
trusty_error("Keymaster TIPC client not initialized!\n");
return -1;
}
struct km_secure_unlock_data secure_unlock_data = {
.serial_size = serial_size,
.serial_data = serial,
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment