commit 0cabd71f515a70103c501de1a0b49ab67168fddd
author Janis Danisevskis <jdanis@google.com> Tue May 25 11:07:10 2021 -0700
committer Janis Danisevskis <jdanis@google.com> Tue Jun 01 14:30:27 2021 -0700
tree c3089e3e1a9dd8df7279c2410959904cdca8ab06
parent acebfa2471594c8971513064deacfec2efaad7bf

Keystore 2.0: Make key type an explict argument.

This refactor makes key type an explicit to relevant database function
to make it harder to implicitly use the wrong type.

Ignore-AOSP-First: No automerge path from AOSP.
Bug: 187862706
Bug: 189470584
Test: Regression tested with keystore2_test.
Change-Id: I9e1416743093f0a1ab86fd9351aed97f106ee819
Merged-In: I9e1416743093f0a1ab86fd9351aed97f106ee819

keystore2/src/boot_level_keys.rs

diff --git a/keystore2/src/boot_level_keys.rs b/keystore2/src/boot_level_keys.rs
index ddac1f8..0df3a45 100644
--- a/keystore2/src/boot_level_keys.rs
+++ b/keystore2/src/boot_level_keys.rs
@@ -14,7 +14,11 @@
 
 //! Offer keys based on the "boot level" for superencryption.
 
-use crate::{database::KeystoreDB, key_parameter::KeyParameterValue, raw_device::KeyMintDevice};
+use crate::{
+    database::{KeyType, KeystoreDB},
+    key_parameter::KeyParameterValue,
+    raw_device::KeyMintDevice,
+};
 use android_hardware_security_keymint::aidl::android::hardware::security::keymint::{
     Algorithm::Algorithm, Digest::Digest, KeyParameter::KeyParameter as KmKeyParameter,
     KeyParameterValue::KeyParameterValue as KmKeyParameterValue, KeyPurpose::KeyPurpose,
@@ -67,7 +71,7 @@
     }
 
     let (key_id_guard, key_entry) = km_dev
-        .lookup_or_generate_key(db, &key_desc, &params, |key_characteristics| {
+        .lookup_or_generate_key(db, &key_desc, KeyType::Client, &params, |key_characteristics| {
             key_characteristics.iter().any(|kc| {
                 if kc.securityLevel == km_dev.security_level() {
                     kc.authorizations.iter().any(|a| {