diff options
| author | David Drysdale <drysdale@google.com> | 2023-07-05 16:55:00 +0100 |
|---|---|---|
| committer | David Drysdale <drysdale@google.com> | 2023-10-09 10:07:26 +0100 |
| commit | 96db42596910a0012448dc883e26964403ec4aee (patch) | |
| tree | c7855e9a647378f231dbd2e2bd1d7e3c96d7ed87 /keystore2/src/raw_device.rs | |
| parent | 1a7cd1d195a635b96c83e78114837d81ce923512 (diff) | |
| download | security-96db42596910a0012448dc883e26964403ec4aee.tar.gz | |
Commonize upgrade_keyblob_if_required_with
Bug: 251426862
Bug: 283077822
Bug: 296403357
Test: tested with ARC upgrade, see b/296403357
Change-Id: I14f0d53585c97da2ebdbd53aafa18c4d8b778e17
Diffstat (limited to 'keystore2/src/raw_device.rs')
| -rw-r--r-- | keystore2/src/raw_device.rs | 35 |
1 files changed, 15 insertions, 20 deletions
diff --git a/keystore2/src/raw_device.rs b/keystore2/src/raw_device.rs index fa9872a7..860a1bc4 100644 --- a/keystore2/src/raw_device.rs +++ b/keystore2/src/raw_device.rs @@ -263,35 +263,30 @@ impl KeyMintDevice { where F: Fn(&[u8]) -> Result<T, Error>, { - match f(&key_blob) { - Err(Error::Km(ErrorCode::KEY_REQUIRES_UPGRADE)) => { - let upgraded_blob = map_km_error({ - let _wp = wd::watch_millis( - "In KeyMintDevice::upgrade_keyblob_if_required_with: calling upgradeKey.", - 500, - ); - self.km_dev.upgradeKey(&key_blob, &[]) - }) - .context(ks_err!("Upgrade failed"))?; - + let (f_result, upgraded_blob) = crate::utils::upgrade_keyblob_if_required_with( + &*self.km_dev, + &key_blob, + &[], + f, + |upgraded_blob| { let mut new_blob_metadata = BlobMetaData::new(); new_blob_metadata.add(BlobMetaEntry::KmUuid(self.km_uuid)); db.set_blob( key_id_guard, SubComponentType::KEY_BLOB, - Some(&upgraded_blob), + Some(upgraded_blob), Some(&new_blob_metadata), ) .context(ks_err!("Failed to insert upgraded blob into the database"))?; - - Ok(( - f(&upgraded_blob).context(ks_err!("Closure failed after upgrade"))?, - KeyBlob::NonSensitive(upgraded_blob), - )) - } - result => Ok((result.context(ks_err!("Closure failed"))?, key_blob)), - } + Ok(()) + }, + )?; + let returned_blob = match upgraded_blob { + None => key_blob, + Some(upgraded_blob) => KeyBlob::NonSensitive(upgraded_blob), + }; + Ok((f_result, returned_blob)) } /// Use the created key in an operation that can be done with |