Replace an outdated TODO in Keystore::exportKey

The bug this TODO references has been closed, so replace the TODO with
an explanation of why the code is correct.

Bug: 185811713
Change-Id: I8f4230ab3e290f8ffa8ca25aaa188e8d7156cf8e
This commit is contained in:
Eric Biggers 2022-03-17 22:12:14 +00:00
parent e7dbc48584
commit 3aa35ee431

View file

@ -166,7 +166,13 @@ bool Keystore::exportKey(const KeyBuffer& ksKey, std::string* key) {
*key = std::string(ephemeral_key_response.ephemeralKey.begin(), *key = std::string(ephemeral_key_response.ephemeralKey.begin(),
ephemeral_key_response.ephemeralKey.end()); ephemeral_key_response.ephemeralKey.end());
// TODO b/185811713 store the upgraded key blob if provided and delete the old key blob. // vold intentionally ignores ephemeral_key_response.upgradedBlob, since the
// concept of "upgrading" doesn't make sense for TAG_STORAGE_KEY keys
// (hardware-wrapped inline encryption keys). These keys are only meant as
// a substitute for raw keys; they still go through vold's usual layer of
// key wrapping, which already handles version binding. So, vold just keeps
// using the original blobs for TAG_STORAGE_KEY keys. If KeyMint "upgrades"
// them anyway, then they'll just get re-upgraded before each use.
ret = true; ret = true;
out: out: