Unbind Attestation keys when freeing up namespace. am: d337c77271

Original change: https://googleplex-android-review.googlesource.com/c/platform/system/security/+/18638770 Change-Id: Ic15ad66faf5a55a93e4cada08e1a55623c9a510d Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
author: Vikram Gaur <vikramgaur@google.com> 2022-05-28 01:21:23 +0000
committer: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> 2022-05-28 01:21:23 +0000
commit: 2feb0d0801b690b1b12ff22ba21c602d4dceaa3b (patch)
tree: 9194ea173d28ec1e64a3791bb6b5351c8664eccf
parent: fed9c4818d14f5e1fd33d2bd5907a6ecc498c69b (diff)
parent: d337c7727196f42af70aa93ab84f7c8b48cd9486 (diff)
download: security-2feb0d0801b690b1b12ff22ba21c602d4dceaa3b.tar.gz
1 files changed, 8 insertions, 8 deletions
diff --git a/keystore2/src/database.rs b/keystore2/src/database.rs
index 6b74e3c8..a3979bd5 100644
--- a/keystore2/src/database.rs
+++ b/keystore2/src/database.rs
@@ -2893,33 +2893,33 @@ impl KeystoreDB {
                 "DELETE FROM persistent.keymetadata
                 WHERE keyentryid IN (
                     SELECT id FROM persistent.keyentry
-                    WHERE domain = ? AND namespace = ? AND key_type = ?
+                    WHERE domain = ? AND namespace = ? AND (key_type = ? OR key_type = ?)
                 );",
-                params![domain.0, namespace, KeyType::Client],
+                params![domain.0, namespace, KeyType::Client, KeyType::Attestation],
             )
             .context("Trying to delete keymetadata.")?;
             tx.execute(
                 "DELETE FROM persistent.keyparameter
                 WHERE keyentryid IN (
                     SELECT id FROM persistent.keyentry
-                    WHERE domain = ? AND namespace = ? AND key_type = ?
+                    WHERE domain = ? AND namespace = ? AND (key_type = ? OR key_type = ?)
                 );",
-                params![domain.0, namespace, KeyType::Client],
+                params![domain.0, namespace, KeyType::Client, KeyType::Attestation],
             )
             .context("Trying to delete keyparameters.")?;
             tx.execute(
                 "DELETE FROM persistent.grant
                 WHERE keyentryid IN (
                     SELECT id FROM persistent.keyentry
-                    WHERE domain = ? AND namespace = ? AND key_type = ?
+                    WHERE domain = ? AND namespace = ? AND (key_type = ? OR key_type = ?)
                 );",
-                params![domain.0, namespace, KeyType::Client],
+                params![domain.0, namespace, KeyType::Client, KeyType::Attestation],
             )
             .context("Trying to delete grants.")?;
             tx.execute(
                 "DELETE FROM persistent.keyentry
-                 WHERE domain = ? AND namespace = ? AND key_type = ?;",
-                params![domain.0, namespace, KeyType::Client],
+                 WHERE domain = ? AND namespace = ? AND (key_type = ? OR key_type = ?);",
+                params![domain.0, namespace, KeyType::Client, KeyType::Attestation],
             )
             .context("Trying to delete keyentry.")?;
             Ok(()).need_gc()
author	Vikram Gaur <vikramgaur@google.com>	2022-05-28 01:21:23 +0000
committer	Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2022-05-28 01:21:23 +0000
commit	2feb0d0801b690b1b12ff22ba21c602d4dceaa3b (patch)
tree	9194ea173d28ec1e64a3791bb6b5351c8664eccf
parent	fed9c4818d14f5e1fd33d2bd5907a6ecc498c69b (diff)
parent	d337c7727196f42af70aa93ab84f7c8b48cd9486 (diff)
download	security-2feb0d0801b690b1b12ff22ba21c602d4dceaa3b.tar.gz