diff options
author | Android Build Coastguard Worker <android-build-coastguard-worker@google.com> | 2022-08-17 23:34:28 +0000 |
---|---|---|
committer | Android Build Coastguard Worker <android-build-coastguard-worker@google.com> | 2022-08-17 23:34:28 +0000 |
commit | 2039ff092fa5fa570e1eb9f7ac4bb8385af275c5 (patch) | |
tree | 356b287b2c043223289b9b0cbacd72cef72ced63 | |
parent | 09d84726a37087e321cb96d480cd874a3c822972 (diff) | |
parent | 68734604939070149f9da8f908b2a66364c90eeb (diff) | |
download | vold-android13-d3-s1-release.tar.gz |
Snap for 8961426 from 68734604939070149f9da8f908b2a66364c90eeb to tm-d3-releaseandroid-13.0.0_r57android13-d3-s1-release
Change-Id: I8bac7eda8f28915fb0ca322bfd0893feac8010b9
-rw-r--r-- | KeyStorage.cpp | 22 |
1 files changed, 8 insertions, 14 deletions
diff --git a/KeyStorage.cpp b/KeyStorage.cpp index 3ede67e5..b4abc277 100644 --- a/KeyStorage.cpp +++ b/KeyStorage.cpp @@ -117,9 +117,13 @@ static void hashWithPrefix(char const* prefix, const std::string& tohash, std::s SHA512_Final(reinterpret_cast<uint8_t*>(&(*res)[0]), &c); } -// Generates a keystore key, using rollback resistance if supported. -static bool generateKeystoreKey(Keystore& keystore, const km::AuthorizationSetBuilder& paramBuilder, - std::string* key) { +static bool generateKeyStorageKey(Keystore& keystore, const std::string& appId, std::string* key) { + auto paramBuilder = km::AuthorizationSetBuilder() + .AesEncryptionKey(AES_KEY_BYTES * 8) + .GcmModeMinMacLen(GCM_MAC_BYTES * 8) + .Authorization(km::TAG_APPLICATION_ID, appId) + .Authorization(km::TAG_NO_AUTH_REQUIRED); + LOG(DEBUG) << "Generating \"key storage\" key"; auto paramsWithRollback = paramBuilder; paramsWithRollback.Authorization(km::TAG_ROLLBACK_RESISTANCE); @@ -132,23 +136,13 @@ static bool generateKeystoreKey(Keystore& keystore, const km::AuthorizationSetBu return true; } -static bool generateKeyStorageKey(Keystore& keystore, const std::string& appId, std::string* key) { - auto paramBuilder = km::AuthorizationSetBuilder() - .AesEncryptionKey(AES_KEY_BYTES * 8) - .GcmModeMinMacLen(GCM_MAC_BYTES * 8) - .Authorization(km::TAG_APPLICATION_ID, appId) - .Authorization(km::TAG_NO_AUTH_REQUIRED); - LOG(DEBUG) << "Generating \"key storage\" key"; - return generateKeystoreKey(keystore, paramBuilder, key); -} - bool generateWrappedStorageKey(KeyBuffer* key) { Keystore keystore; if (!keystore) return false; std::string key_temp; auto paramBuilder = km::AuthorizationSetBuilder().AesEncryptionKey(AES_KEY_BYTES * 8); paramBuilder.Authorization(km::TAG_STORAGE_KEY); - if (!generateKeystoreKey(keystore, paramBuilder, &key_temp)) return false; + if (!keystore.generateKey(paramBuilder, &key_temp)) return false; *key = KeyBuffer(key_temp.size()); memcpy(reinterpret_cast<void*>(key->data()), key_temp.c_str(), key->size()); return true; |