Keystore 2.0: Make key type an explict argument.
This refactor makes key type an explicit to relevant database function
to make it harder to implicitly use the wrong type.
Ignore-AOSP-First: No automerge path from AOSP.
Bug: 187862706
Bug: 189470584
Test: Regression tested with keystore2_test.
Change-Id: I9e1416743093f0a1ab86fd9351aed97f106ee819
Merged-In: I9e1416743093f0a1ab86fd9351aed97f106ee819
diff --git a/keystore2/src/legacy_migrator.rs b/keystore2/src/legacy_migrator.rs
index d5647cd..f92fd45 100644
--- a/keystore2/src/legacy_migrator.rs
+++ b/keystore2/src/legacy_migrator.rs
@@ -14,11 +14,11 @@
//! This module acts as a bridge between the legacy key database and the keystore2 database.
-use crate::error::Error;
use crate::key_parameter::KeyParameterValue;
use crate::legacy_blob::BlobValue;
use crate::utils::{uid_to_android_user, watchdog as wd};
use crate::{async_task::AsyncTask, legacy_blob::LegacyBlobLoader};
+use crate::{database::KeyType, error::Error};
use crate::{
database::{
BlobMetaData, BlobMetaEntry, CertificateInfo, DateTime, EncryptedBy, KeyMetaData,
@@ -523,6 +523,7 @@
self.db
.store_new_key(
&key,
+ KeyType::Client,
¶ms,
&(&blob, &blob_metadata),
&CertificateInfo::new(user_cert, ca_cert),
@@ -535,7 +536,7 @@
None => {
if let Some(ca_cert) = ca_cert {
self.db
- .store_new_certificate(&key, &ca_cert, &KEYSTORE_UUID)
+ .store_new_certificate(&key, KeyType::Client, &ca_cert, &KEYSTORE_UUID)
.context("In check_and_migrate: Failed to insert new certificate.")?;
Ok(())
} else {