diff options
author | android-build-team Robot <android-build-team-robot@google.com> | 2017-09-03 07:31:19 +0000 |
---|---|---|
committer | android-build-team Robot <android-build-team-robot@google.com> | 2017-09-03 07:31:19 +0000 |
commit | 48c30d99239f8d96f95d0a3c4f24d58df7f36273 (patch) | |
tree | 6e2da381a9e6f1250ca7f335719db634e94ff5fc | |
parent | 3acae220229931b47339c312aefad54140c88052 (diff) | |
parent | c5e8f36d92b74db04106eb368dd113493f739149 (diff) | |
download | security-48c30d99239f8d96f95d0a3c4f24d58df7f36273.tar.gz |
release-request-957cd691-fb71-4770-8ff7-a3b9602655a5-for-git_oc-mr1-release-4314464 snap-temp-L54400000099147910
Change-Id: Ie713eec2b15b74866ccb1683032ca70794a68cd9
-rw-r--r-- | keystore/key_store_service.cpp | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/keystore/key_store_service.cpp b/keystore/key_store_service.cpp index 24a096c0..8a952572 100644 --- a/keystore/key_store_service.cpp +++ b/keystore/key_store_service.cpp @@ -1073,12 +1073,12 @@ void KeyStoreService::begin(const sp<IBinder>& appToken, const String16& name, K persistedCharacteristics.Subtract(teeEnforced); characteristics.softwareEnforced = persistedCharacteristics.hidl_data(); - result->resultCode = getAuthToken(characteristics, 0, purpose, &authToken, - /*failOnTokenMissing*/ false); + auto authResult = getAuthToken(characteristics, 0, purpose, &authToken, + /*failOnTokenMissing*/ false); // If per-operation auth is needed we need to begin the operation and // the client will need to authorize that operation before calling // update. Any other auth issues stop here. - if (!result->resultCode.isOk() && result->resultCode != ResponseCode::OP_AUTH_NEEDED) return; + if (!authResult.isOk() && authResult != ResponseCode::OP_AUTH_NEEDED) return; addAuthTokenToParams(&opParams, authToken); @@ -1153,6 +1153,7 @@ void KeyStoreService::begin(const sp<IBinder>& appToken, const String16& name, K result->handle, keyid, purpose, dev, appToken, std::move(characteristics), pruneable); assert(characteristics.teeEnforced.size() == 0); assert(characteristics.softwareEnforced.size() == 0); + result->token = operationToken; if (authToken) { mOperationMap.setOperationAuthToken(operationToken, authToken); @@ -1162,8 +1163,9 @@ void KeyStoreService::begin(const sp<IBinder>& appToken, const String16& name, K // application should get an auth token using the handle before the // first call to update, which will fail if keystore hasn't received the // auth token. - // All fields but "token" were set in the begin operation's callback. - result->token = operationToken; + result->resultCode = authResult; + + // Other result fields were set in the begin operation's callback. } void KeyStoreService::update(const sp<IBinder>& token, const hidl_vec<KeyParameter>& params, |