Store FEK as data in key-manager

Key-manager does not support 512-bit symmetric keys. FEK will be stored as data

Change-Id: Ib267fe442ceb85d0330f8b7920867f31d513833c

diff --git a/src/common/fek-manager.cpp b/src/common/fek-manager.cpp
index f88b53321fee770b96320161041f6fd297a9e3cc..4b9523792a2c3a4d408a965bf76d11ac805d698d 100644 (file)
--- a/src/common/fek-manager.cpp
+++ b/src/common/fek-manager.cpp
@@ -59,10 +59,9 @@ int saveFEK(uid_t uid,
     try {
         auto km = CKM::Manager::create();
         CKM::RawBuffer buffer(fek.begin(), fek.end());
-        auto key = CKM::Key::createAES(buffer);
 
         // FEK will be saved in System database under alias specific to user and app
-        int ret = km->saveKey(FEKalias(uid, appName), key, CKM::Policy(password.c_str()));
+        int ret = km->saveData(FEKalias(uid, appName), buffer, CKM::Policy(password.c_str()));
         if (ret != CKM_API_SUCCESS) {
             LogError("Saving FEK failed " << ret);
             return SECURITY_MANAGER_ERROR_SERVER_ERROR; // TODO translate key-manager errors
@@ -96,8 +95,8 @@ int getFEK(uid_t uid,
     try {
         auto km = CKM::Manager::create();
 
-        CKM::KeyShPtr key;
-        int ret = km->getKey(FEKalias(uid, appName), password.c_str(), key);
+        CKM::RawBuffer buffer;
+        int ret = km->getData(FEKalias(uid, appName), password.c_str(), buffer);
         if (ret != CKM_API_SUCCESS) {
             if (ret == CKM_API_ERROR_DB_ALIAS_UNKNOWN) {
                 LogError("Application has no FEK");
@@ -112,9 +111,7 @@ int getFEK(uid_t uid,
             return SECURITY_MANAGER_ERROR_SERVER_ERROR; // TODO translate key-manager errors
         }
 
-        auto der = key->getDER();
-
-        fek.assign(der.begin(), der.end());
+        fek.assign(buffer.begin(), buffer.end());
 
         return SECURITY_MANAGER_SUCCESS;
     } catch (const std::bad_alloc &e) {