From bd3d12a3773dfe132fff20a780ba789dd25bf89e Mon Sep 17 00:00:00 2001
From: David Drysdale <drysdale@google.com>
Date: Thu, 14 Oct 2021 15:17:36 +0100
Subject: [PATCH] Specify KeyMint EC keys by curve not size

Future addition of extra curves means that key size is not enough to
identify the particular EC curve required. Use the EcCurve enum instead.

Bug: 226270116
Test: VtsHalRemotelyProvisionedComponentTargetTest
Change-Id: Ia6b7d86a387cfc06db05e4ba6ff8f331e9c6345f
Merged-In: Ia6b7d86a387cfc06db05e4ba6ff8f331e9c6345f
(cherry picked from commit 915ce253a83e15d9bc9c88248a86d7cfdc473ad2)
---
 .../vts/functional/VtsRemotelyProvisionedComponentTests.cpp  | 2 +-
 security/keymint/support/authorization_set.cpp               | 5 -----
 .../support/include/keymint_support/authorization_set.h      | 1 -
 3 files changed, 1 insertion(+), 7 deletions(-)

diff --git a/security/keymint/aidl/vts/functional/VtsRemotelyProvisionedComponentTests.cpp b/security/keymint/aidl/vts/functional/VtsRemotelyProvisionedComponentTests.cpp
index 38f3586862..76fb79b618 100644
--- a/security/keymint/aidl/vts/functional/VtsRemotelyProvisionedComponentTests.cpp
+++ b/security/keymint/aidl/vts/functional/VtsRemotelyProvisionedComponentTests.cpp
@@ -222,7 +222,7 @@ TEST_P(GenerateKeyTests, generateAndUseEcdsaP256Key_prodMode) {
     // Generate an ECDSA key that is attested by the generated P256 keypair.
     AuthorizationSet keyDesc = AuthorizationSetBuilder()
                                        .Authorization(TAG_NO_AUTH_REQUIRED)
-                                       .EcdsaSigningKey(256)
+                                       .EcdsaSigningKey(EcCurve::P_256)
                                        .AttestationChallenge("foo")
                                        .AttestationApplicationId("bar")
                                        .Digest(Digest::NONE)
diff --git a/security/keymint/support/authorization_set.cpp b/security/keymint/support/authorization_set.cpp
index 25eace3caf..c1b5d48235 100644
--- a/security/keymint/support/authorization_set.cpp
+++ b/security/keymint/support/authorization_set.cpp
@@ -161,11 +161,6 @@ AuthorizationSetBuilder& AuthorizationSetBuilder::RsaEncryptionKey(uint32_t key_
     return EncryptionKey();
 }
 
-AuthorizationSetBuilder& AuthorizationSetBuilder::EcdsaSigningKey(uint32_t key_size) {
-    EcdsaKey(key_size);
-    return SigningKey();
-}
-
 AuthorizationSetBuilder& AuthorizationSetBuilder::EcdsaSigningKey(EcCurve curve) {
     EcdsaKey(curve);
     return SigningKey();
diff --git a/security/keymint/support/include/keymint_support/authorization_set.h b/security/keymint/support/include/keymint_support/authorization_set.h
index ca51b08ea9..e41a329dbc 100644
--- a/security/keymint/support/include/keymint_support/authorization_set.h
+++ b/security/keymint/support/include/keymint_support/authorization_set.h
@@ -281,7 +281,6 @@ class AuthorizationSetBuilder : public AuthorizationSet {
 
     AuthorizationSetBuilder& RsaSigningKey(uint32_t key_size, uint64_t public_exponent);
     AuthorizationSetBuilder& RsaEncryptionKey(uint32_t key_size, uint64_t public_exponent);
-    AuthorizationSetBuilder& EcdsaSigningKey(uint32_t key_size);
     AuthorizationSetBuilder& EcdsaSigningKey(EcCurve curve);
     AuthorizationSetBuilder& AesEncryptionKey(uint32_t key_size);
     AuthorizationSetBuilder& TripleDesEncryptionKey(uint32_t key_size);