tequilaOS/platform_system_vold
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge "Add ROLLBACK_RESISTANCE tag to key usage" into sc-dev am: 8f19fd90e3

Browse source 
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/vold/+/15534270

Change-Id: I91b9f7520cd4b039ff43f728c6eef6357efeed65
This commit is contained in:
TreeHugger Robot 2021-08-11 23:18:07 +00:00 committed by Automerger Merge Worker
commit 7c5c6d8b43
1 changed files with 4 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
KeyStorage.cpp
View file

@ -379,7 +379,9 @@ static bool encryptWithKeymasterKey(Keymaster& keymaster, const std::string& dir
const km::AuthorizationSet& keyParams,
const KeyBuffer& message, std::string* ciphertext) {
km::AuthorizationSet opParams =
km::AuthorizationSetBuilder().Authorization(km::TAG_PURPOSE, km::KeyPurpose::ENCRYPT);
km::AuthorizationSetBuilder()
.Authorization(km::TAG_ROLLBACK_RESISTANCE)
.Authorization(km::TAG_PURPOSE, km::KeyPurpose::ENCRYPT);
km::AuthorizationSet outParams;
auto opHandle = BeginKeymasterOp(keymaster, dir, keyParams, opParams, &outParams);
if (!opHandle) return false;
@ -408,6 +410,7 @@ static bool decryptWithKeymasterKey(Keymaster& keymaster, const std::string& dir
auto bodyAndMac = ciphertext.substr(GCM_NONCE_BYTES);
auto opParams = km::AuthorizationSetBuilder()
.Authorization(km::TAG_NONCE, nonce)
.Authorization(km::TAG_ROLLBACK_RESISTANCE)
.Authorization(km::TAG_PURPOSE, km::KeyPurpose::DECRYPT);
auto opHandle = BeginKeymasterOp(keymaster, dir, keyParams, opParams, nullptr);
if (!opHandle) return false;