commit | 45760026eadf09d36df73c488b8a7d3e2034e1b3 | [log] [tgz] |
---|---|---|
author | Janis Danisevskis <jdanis@google.com> | Tue Jan 19 16:34:10 2021 -0800 |
committer | Janis Danisevskis <jdanis@google.com> | Tue Jan 26 13:18:38 2021 -0800 |
tree | 51954bc9abfcfde2e8899c10a9914ad3e8c1cb2f | |
parent | 1e292289b7d7f741bc23289fc88d575ade5c0593 [diff] |
Keystore 2.0: Allow by key id usage of granted keys. When keys are loaded by grant they may be used by key id subsequently. This patch adds a check of the grant database when loading the access tuple. If one is found the access vector is populated allowing the permission callback to perform access control based on the grant. Test: keystore2_test Change-Id: If70dfbc035aed5aa3842663d475b489df3e3dd4e