commit 3ed2b635c6bd4c61c36288519d7a252d910f5672
author Ji Wang <wangji.wang@huawei.com> Fri Oct 21 15:05:08 2016 +0000
committer android-build-merger <android-build-merger@google.com> Fri Oct 21 15:05:08 2016 +0000
tree ca96b410323aa44f652eddb70fc19c377ea10e6b
parent 9c28dd5f2797510c3da719144247e867c58c6e18
parent 0b9a63f96f22107d3cd5ce836aebec6fbab852cd

keystore: add upgradeKeyBlob call into keystore exportKey. am: 2c1423111a
am: 0b9a63f96f

Change-Id: Id5314506d56d978e0c4c79b3aadb90b24aab6452

keystore/key_store_service.cpp

diff --git a/keystore/key_store_service.cpp b/keystore/key_store_service.cpp
index f2207c0..99a0057 100644
--- a/keystore/key_store_service.cpp
+++ b/keystore/key_store_service.cpp
@@ -874,6 +874,23 @@
     }
     keymaster_blob_t output = {NULL, 0};
     rc = dev->export_key(dev, format, &key, clientId, appData, &output);
+    if (rc == KM_ERROR_KEY_REQUIRES_UPGRADE) {
+        AuthorizationSet upgradeParams;
+        if (clientId && clientId->data && clientId->data_length) {
+            upgradeParams.push_back(TAG_APPLICATION_ID, *clientId);
+        }
+        if (appData && appData->data && appData->data_length) {
+            upgradeParams.push_back(TAG_APPLICATION_DATA, *appData);
+        }
+        rc = upgradeKeyBlob(name, targetUid, upgradeParams, &keyBlob);
+        if (rc != ::NO_ERROR) {
+            result->resultCode = rc;
+            return;
+        }
+        key = {keyBlob.getValue(), static_cast<size_t>(keyBlob.getLength())};
+        rc = dev->export_key(dev, format, &key, clientId, appData, &output);
+    }
+
     result->exportData.reset(const_cast<uint8_t*>(output.data));
     result->dataLength = output.data_length;
     result->resultCode = rc ? rc : ::NO_ERROR;