biod: Use SecureVector for VendorTemplate
The template is encrypted, so it's not strictly necessary to use
SecureVector, but we do so as part of a defense-in-depth strategy in
case there's a bug in the encryption/FPMCU.
BUG=none
TEST=FEATURES="test" emerge-hatch biod
Change-Id: I958ed0722001682611beec3b2ae0893476f9854f
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform2/+/2391783
Tested-by: Tom Hughes <tomhughes@chromium.org>
Commit-Queue: Tom Hughes <tomhughes@chromium.org>
Reviewed-by: Yicheng Li <yichengli@chromium.org>
diff --git a/biod/cros_fp_biometrics_manager_test.cc b/biod/cros_fp_biometrics_manager_test.cc
index 7466828..f36dcaf 100644
--- a/biod/cros_fp_biometrics_manager_test.cc
+++ b/biod/cros_fp_biometrics_manager_test.cc
@@ -315,7 +315,7 @@
TEST_F(CrosFpBiometricsManagerTest, TestInsertEmptyPositiveMatchSalt) {
// Prepare a template of old format, with zero-length template field.
size_t metadata_size = sizeof(struct ec_fp_template_encryption_metadata);
- std::vector<uint8_t> tmpl(metadata_size, 0xff);
+ VendorTemplate tmpl(metadata_size, 0xff);
CrosFpBiometricsManagerPeer::InsertEmptyPositiveMatchSalt(&tmpl);
diff --git a/biod/cros_fp_device.cc b/biod/cros_fp_device.cc
index 4566b40..4af29b7 100644
--- a/biod/cros_fp_device.cc
+++ b/biod/cros_fp_device.cc
@@ -175,7 +175,7 @@
return FpMode(cmd.Resp()->mode);
}
-bool CrosFpDevice::FpFrame(int index, std::vector<uint8_t>* frame) {
+bool CrosFpDevice::FpFrame(int index, VendorTemplate* frame) {
EcCommand<struct ec_params_fp_frame, uint8_t[kMaxPacketSize]> cmd(
EC_CMD_FP_FRAME);
diff --git a/biod/cros_fp_device.h b/biod/cros_fp_device.h
index 698ae15..ffe0910 100644
--- a/biod/cros_fp_device.h
+++ b/biod/cros_fp_device.h
@@ -104,7 +104,7 @@
bool AddEntropy(bool reset);
// Get block id from rollback info.
bool GetRollBackInfoId(int32_t* block_id);
- bool FpFrame(int index, std::vector<uint8_t>* frame);
+ bool FpFrame(int index, VendorTemplate* frame);
bool FpReadMatchSecret(uint16_t index, brillo::SecureVector* secret);
bool GetIndexOfLastTemplate(int* index);
// Run a sequence of EC commands to update the entropy in the
diff --git a/biod/cros_fp_device_interface.h b/biod/cros_fp_device_interface.h
index e1600ab..9a16aa5 100644
--- a/biod/cros_fp_device_interface.h
+++ b/biod/cros_fp_device_interface.h
@@ -15,7 +15,12 @@
#include "biod/ec_command.h"
#include "biod/fp_mode.h"
-using VendorTemplate = std::vector<uint8_t>;
+/**
+ * The template is encrypted, so it's not strictly necessary to use
+ * SecureVector, but we do so as part of a defense-in-depth strategy in case
+ * there's a bug in the encryption/FPMCU.
+ */
+using VendorTemplate = brillo::SecureVector;
namespace biod {