diff options
| author | Chung-yih Wang <cywang@google.com> | 2009-07-03 12:09:52 +0800 |
|---|---|---|
| committer | Chung-yih Wang <cywang@google.com> | 2009-07-03 12:14:36 +0800 |
| commit | a734207fd1b73ad367855c8c12e787687b0d4b90 (patch) | |
| tree | be0eb4dd6fe991f4540f6525561a61150cc709c8 /cmds/keystore | |
| parent | 4bca97ecaf04c50d5ed49920d119f9ffa6c29402 (diff) | |
| download | frameworks_base-a734207fd1b73ad367855c8c12e787687b0d4b90.zip frameworks_base-a734207fd1b73ad367855c8c12e787687b0d4b90.tar.gz frameworks_base-a734207fd1b73ad367855c8c12e787687b0d4b90.tar.bz2 | |
Two small checks in keymgmt.
1. Enforce the state check in listkey().
2. Enforce the password length check.
Diffstat (limited to 'cmds/keystore')
| -rw-r--r-- | cmds/keystore/keymgmt.c | 7 | ||||
| -rw-r--r-- | cmds/keystore/keymgmt.h | 3 | ||||
| -rw-r--r-- | cmds/keystore/netkeystore.c | 1 |
3 files changed, 10 insertions, 1 deletions
diff --git a/cmds/keystore/keymgmt.c b/cmds/keystore/keymgmt.c index e4102a9..66edd56 100644 --- a/cmds/keystore/keymgmt.c +++ b/cmds/keystore/keymgmt.c @@ -185,6 +185,7 @@ static int change_passwd(char *data) p = strtok_r(NULL, delimiter, &context); } if (count != 2) return -1; + if (strlen(new_pass) < MIN_PASSWD_LENGTH) return -1; if ((ret = get_master_key(old_pass, master_key)) == 0) { ret = store_master_key(new_pass, master_key); retry_count = 0; @@ -259,6 +260,11 @@ int list_keys(const char *namespace, char reply[BUFFER_MAX]) DIR *d; struct dirent *de; + if (state != UNLOCKED) { + LOGE("Can not list key with current state %d\n", state); + return -1; + } + if (!namespace || ((d = opendir("."))) == NULL) { LOGE("cannot open keystore dir or namespace is null\n"); return -1; @@ -287,6 +293,7 @@ int passwd(char *data) { if (state == UNINITIALIZED) { if (strchr(data, ' ')) return -1; + if (strlen(data) < MIN_PASSWD_LENGTH) return -1; return create_master_key(data); } return change_passwd(data); diff --git a/cmds/keystore/keymgmt.h b/cmds/keystore/keymgmt.h index 0f10570..0e928db 100644 --- a/cmds/keystore/keymgmt.h +++ b/cmds/keystore/keymgmt.h @@ -27,7 +27,8 @@ #define AES_KEY_LEN 128 #define USER_KEY_LEN (AES_KEY_LEN/8) #define IV_LEN USER_KEY_LEN -#define MAX_RETRY_COUNT 6 +#define MAX_RETRY_COUNT 6 +#define MIN_PASSWD_LENGTH 8 #define gen_key(passwd, key, len) \ PKCS5_PBKDF2_HMAC_SHA1(passwd, strlen(passwd), \ diff --git a/cmds/keystore/netkeystore.c b/cmds/keystore/netkeystore.c index e45e24f..eac455e 100644 --- a/cmds/keystore/netkeystore.c +++ b/cmds/keystore/netkeystore.c @@ -224,6 +224,7 @@ static void do_reset_keystore(LPC_MARSHAL *cmd, LPC_MARSHAL *reply) } reply->retcode = reset_keystore(); } + static void execute(LPC_MARSHAL *cmd, LPC_MARSHAL *reply) { uint32_t cmd_max = sizeof(cmds)/sizeof(struct cmdinfo); |