Merge "vold: Generate storage key without rollback resistance"

author: Eric Biggers <ebiggers@google.com> 2020-10-20 23:17:22 +0000
committer: Gerrit Code Review <noreply-gerritcodereview@google.com> 2020-10-20 23:17:22 +0000
commit: 4f5e9c196f22215dfa9f7fb1d061d6da4bcad2fe (patch)
tree: 590df74dbbde8bca9b0c04119a8927573ba35b1f
parent: 8671044a645f0a83748bedecb78eaff2d2a723d6 (diff)
parent: 75736a8811641e2afdaf15ed0069e28b453bcce6 (diff)
download: vold-4f5e9c196f22215dfa9f7fb1d061d6da4bcad2fe.tar.gz
1 files changed, 5 insertions, 2 deletions
diff --git a/KeyStorage.cpp b/KeyStorage.cpp
index 951536b1..533a7cbf 100644
--- a/KeyStorage.cpp
+++ b/KeyStorage.cpp
@@ -141,9 +141,12 @@ bool generateWrappedStorageKey(KeyBuffer* key) {
     if (!keymaster) return false;
     std::string key_temp;
     auto paramBuilder = km::AuthorizationSetBuilder().AesEncryptionKey(AES_KEY_BYTES * 8);
-    paramBuilder.Authorization(km::TAG_ROLLBACK_RESISTANCE);
     paramBuilder.Authorization(km::TAG_STORAGE_KEY);
-    if (!keymaster.generateKey(paramBuilder, &key_temp)) return false;
+    auto paramsWithRollback = paramBuilder;
+    paramsWithRollback.Authorization(km::TAG_ROLLBACK_RESISTANCE);
+    if (!keymaster.generateKey(paramsWithRollback, &key_temp)) {
+        if (!keymaster.generateKey(paramBuilder, &key_temp)) return false;
+    }
     *key = KeyBuffer(key_temp.size());
     memcpy(reinterpret_cast<void*>(key->data()), key_temp.c_str(), key->size());
     return true;
author	Eric Biggers <ebiggers@google.com>	2020-10-20 23:17:22 +0000
committer	Gerrit Code Review <noreply-gerritcodereview@google.com>	2020-10-20 23:17:22 +0000
commit	4f5e9c196f22215dfa9f7fb1d061d6da4bcad2fe (patch)
tree	590df74dbbde8bca9b0c04119a8927573ba35b1f
parent	8671044a645f0a83748bedecb78eaff2d2a723d6 (diff)
parent	75736a8811641e2afdaf15ed0069e28b453bcce6 (diff)
download	vold-4f5e9c196f22215dfa9f7fb1d061d6da4bcad2fe.tar.gz