commit 0cabd71f515a70103c501de1a0b49ab67168fddd
author Janis Danisevskis <jdanis@google.com> Tue May 25 11:07:10 2021 -0700
committer Janis Danisevskis <jdanis@google.com> Tue Jun 01 14:30:27 2021 -0700
tree c3089e3e1a9dd8df7279c2410959904cdca8ab06
parent acebfa2471594c8971513064deacfec2efaad7bf

Keystore 2.0: Make key type an explict argument.

This refactor makes key type an explicit to relevant database function
to make it harder to implicitly use the wrong type.

Ignore-AOSP-First: No automerge path from AOSP.
Bug: 187862706
Bug: 189470584
Test: Regression tested with keystore2_test.
Change-Id: I9e1416743093f0a1ab86fd9351aed97f106ee819
Merged-In: I9e1416743093f0a1ab86fd9351aed97f106ee819

keystore2/src/super_key.rs

diff --git a/keystore2/src/super_key.rs b/keystore2/src/super_key.rs
index 7449f20..9fb267a 100644
--- a/keystore2/src/super_key.rs
+++ b/keystore2/src/super_key.rs
@@ -956,13 +956,23 @@
                     }
                     let key_params: Vec<KmKeyParameter> =
                         key_params.into_iter().map(|x| x.into()).collect();
-                    km_dev.create_and_store_key(db, &key_desc, |dev| {
-                        let _wp = wd::watch_millis(
-                            "In lock_screen_lock_bound_key: calling importKey.",
-                            500,
-                        );
-                        dev.importKey(key_params.as_slice(), KeyFormat::RAW, &encrypting_key, None)
-                    })?;
+                    km_dev.create_and_store_key(
+                        db,
+                        &key_desc,
+                        KeyType::Client, /* TODO Should be Super b/189470584 */
+                        |dev| {
+                            let _wp = wd::watch_millis(
+                                "In lock_screen_lock_bound_key: calling importKey.",
+                                500,
+                            );
+                            dev.importKey(
+                                key_params.as_slice(),
+                                KeyFormat::RAW,
+                                &encrypting_key,
+                                None,
+                            )
+                        },
+                    )?;
                     entry.biometric_unlock = Some(BiometricUnlock {
                         sids: unlocking_sids.into(),
                         key_desc,