Merge cherrypicks of [9618341, 9618157, 9618395, 9618396, 9618397, 9618398, 9618399, 9618036, 9618159, 9618160, 9617854, 9617855, 9617999, 9618000, 9618405, 9618406, 9618161, 9618401, 9618342] into sparse-5908163-L04300000381828225android-10.0.0_r17android10-s3-release

Change-Id: Ifa05fea06e9168a0abe9a9d2f64c6b6e99da7260

4 files changed, 16 insertions, 12 deletions

diff --git a/keystore/blob.cpp b/keystore/blob.cpp
index eac8f11d..497f304c 100644
--- a/keystore/blob.cpp
+++ b/keystore/blob.cpp
@@ -228,7 +228,7 @@ Blob::Blob(const uint8_t* value, size_t valueLength, const uint8_t* info, uint8_
     mBlob->version = CURRENT_BLOB_VERSION;
     mBlob->type = uint8_t(type);
 
-    if (type == TYPE_MASTER_KEY) {
+    if (type == TYPE_MASTER_KEY || type == TYPE_MASTER_KEY_AES256) {
         mBlob->flags = KEYSTORE_FLAG_ENCRYPTED;
     } else {
         mBlob->flags = KEYSTORE_FLAG_NONE;
diff --git a/keystore/blob.h b/keystore/blob.h
index ce488ec9..e0bd1469 100644
--- a/keystore/blob.h
+++ b/keystore/blob.h
@@ -37,6 +37,7 @@ constexpr size_t kAesKeySize = 128 / 8;
 constexpr size_t kGcmTagLength = 128 / 8;
 constexpr size_t kGcmIvLength = 96 / 8;
 constexpr size_t kAes128KeySizeBytes = 128 / 8;
+constexpr size_t kAes256KeySizeBytes = 256 / 8;
 
 /* Here is the file format. There are two parts in blob.value, the secret and
  * the description. The secret is stored in ciphertext, and its original size
diff --git a/keystore/user_state.cpp b/keystore/user_state.cpp
index bc3f6d9a..8d993e23 100644
--- a/keystore/user_state.cpp
+++ b/keystore/user_state.cpp
@@ -140,10 +140,13 @@ ResponseCode UserState::copyMasterKeyFile(LockedUserState<UserState>* src) {
 }
 
 ResponseCode UserState::writeMasterKey(const android::String8& pw) {
-    std::vector<uint8_t> passwordKey(MASTER_KEY_SIZE_BYTES);
+    std::vector<uint8_t> passwordKey(mMasterKey.size());
     generateKeyFromPassword(passwordKey, pw, mSalt);
-    Blob masterKeyBlob(mMasterKey.data(), mMasterKey.size(), mSalt, sizeof(mSalt),
-                       TYPE_MASTER_KEY_AES256);
+    auto blobType = TYPE_MASTER_KEY_AES256;
+    if (mMasterKey.size() == kAes128KeySizeBytes) {
+        blobType = TYPE_MASTER_KEY;
+    }
+    Blob masterKeyBlob(mMasterKey.data(), mMasterKey.size(), mSalt, sizeof(mSalt), blobType);
     auto lockedEntry = LockedKeyBlobEntry::get(mMasterKeyEntry);
     return lockedEntry.writeBlobs(masterKeyBlob, {}, passwordKey, STATE_NO_ERROR);
 }
@@ -174,7 +177,7 @@ ResponseCode UserState::readMasterKey(const android::String8& pw) {
 
     size_t masterKeySize = MASTER_KEY_SIZE_BYTES;
     if (rawBlob.type == TYPE_MASTER_KEY) {
-        masterKeySize = SHA1_DIGEST_SIZE_BYTES;
+        masterKeySize = kAes128KeySizeBytes;
     }
 
     std::vector<uint8_t> passwordKey(masterKeySize);
@@ -263,7 +266,7 @@ void UserState::generateKeyFromPassword(std::vector<uint8_t>& key, const android
     const EVP_MD* digest = EVP_sha256();
 
     // SHA1 was used prior to increasing the key size
-    if (key.size() == SHA1_DIGEST_SIZE_BYTES) {
+    if (key.size() == kAes128KeySizeBytes) {
         digest = EVP_sha1();
     }
 
diff --git a/keystore/user_state.h b/keystore/user_state.h
index b0671e39..620aaa5f 100644
--- a/keystore/user_state.h
+++ b/keystore/user_state.h
@@ -75,14 +75,14 @@ class UserState {
     bool operator<(uid_t userId) const;
 
   private:
-    static const int SHA1_DIGEST_SIZE_BYTES = 16;
-    static const int SHA256_DIGEST_SIZE_BYTES = 32;
+    static constexpr int SHA1_DIGEST_SIZE_BYTES = 16;
+    static constexpr int SHA256_DIGEST_SIZE_BYTES = 32;
 
-    static const int MASTER_KEY_SIZE_BYTES = SHA256_DIGEST_SIZE_BYTES;
-    static const int MASTER_KEY_SIZE_BITS = MASTER_KEY_SIZE_BYTES * 8;
+    static constexpr int MASTER_KEY_SIZE_BYTES = kAes256KeySizeBytes;
+    static constexpr int MASTER_KEY_SIZE_BITS = MASTER_KEY_SIZE_BYTES * 8;
 
-    static const int MAX_RETRY = 4;
-    static const size_t SALT_SIZE = 16;
+    static constexpr int MAX_RETRY = 4;
+    static constexpr size_t SALT_SIZE = 16;
 
     void generateKeyFromPassword(std::vector<uint8_t>& key, const android::String8& pw,
                                  uint8_t* salt);