key_store:Using euid instead of uid when upgrade wifi blobs
The update transaction goes wrong in "KeyStoreService::upgradeKeyBlob"
function, which try to delete corresponds key blob use "KeyStore.del"
and the target key blob "filename" is generated by uid = "AID_KEYSTORE
1017" which belongs to "android.security.keystore" binder service. '
However, the target key blob is actually owned by uid = "AID_WIFI 1010".
So, we CAN NOT upgrade the wifi password definitely,and connection fail
(could not find that key blob file, because it is not EXIST).
BUG: 65580171
Test: The phone is update to a version with patch level 2017-08.
1.connect to a wifi hotpoint (Encryption type: "802.1x EAP" ,
EAP method: :"TLS" , and with "CA certificate"
and "User certificate" )
2.update the phone to a new version with patch level 2017-09
3.connect to the wifi that we have connected in step 1
4.wifi connect success
Change-Id: I036483b05eb4c5eab2698749069e1118d7f45e48
diff --git a/keystore/key_store_service.cpp b/keystore/key_store_service.cpp
index 248fa00..1f4d385 100644
--- a/keystore/key_store_service.cpp
+++ b/keystore/key_store_service.cpp
@@ -1870,6 +1870,13 @@
String8 filename(mKeyStore->getKeyNameForUidWithDir(name8, uid, ::TYPE_KEYMASTER_10));
error = mKeyStore->del(filename.string(), ::TYPE_ANY, get_user_id(uid));
+ if(error == ResponseCode::KEY_NOT_FOUND){
+ uid_t euid = get_keystore_euid(uid);
+ if ((euid != uid) && (euid == AID_WIFI)) {
+ filename=mKeyStore->getKeyNameForUidWithDir(name8, euid, ::TYPE_KEYMASTER_10);
+ error=mKeyStore->del(filename.string(), ::TYPE_ANY, get_user_id(euid));
+ }
+ }
if (!error.isOk()) {
ALOGI("upgradeKeyBlob keystore->del failed %d", (int)error);
return;