Ensure that "rkp only" forces checks for rkp keys An empty key pool should not allow fallback to the batch key if the vendor indicates the system is rkp only. Additionally, if the system is misconfigured (e.g. marked as rkp only and has no remotely provisioned component hal) then we should insist on checking RKP keys anyway. This will result in the given system always returning OUT_OF_KEYS, which will fail various tests. Test: keystore2_test Test: RemoteProvisionerUnitTests Bug: 227306369 Change-Id: I027bc56ff167abf99b18be01dccf05f90dd07f2a

commit: 562aebb873807bba11a04fe1ce48695dc0f40b4d [log] [tgz]
author: Seth Moore <sethmo@google.com> Mon Apr 18 17:03:27 2022 -0700
committer: Seth Moore <sethmo@google.com> Mon Apr 18 17:03:27 2022 -0700
tree: b08cb5f7cf1208c9f8cb8537855de816f88caaac
parent: 678a6f5af4182d3e9a0e02656f03c25077124585 [diff] [blame]
diff --git a/keystore2/src/remote_provisioning.rs b/keystore2/src/remote_provisioning.rs
index afbf475..8837d1c 100644
--- a/keystore2/src/remote_provisioning.rs
+++ b/keystore2/src/remote_provisioning.rs

@@ -102,6 +102,9 @@
     /// server, so unfortunately caching the presence or absence of the HAL is not enough to fully
     /// make decisions about the state of remote provisioning during runtime.
     fn check_rem_prov_enabled(&self, db: &mut KeystoreDB) -> Result<bool> {
+        if self.is_rkp_only {
+            return Ok(true);
+        }
         if !self.is_hal_present.load(Ordering::Relaxed)
             || get_remotely_provisioned_component(&self.security_level).is_err()
         {
commit	562aebb873807bba11a04fe1ce48695dc0f40b4d	[log] [tgz]
author	Seth Moore <sethmo@google.com>	Mon Apr 18 17:03:27 2022 -0700
committer	Seth Moore <sethmo@google.com>	Mon Apr 18 17:03:27 2022 -0700
tree	b08cb5f7cf1208c9f8cb8537855de816f88caaac
parent	678a6f5af4182d3e9a0e02656f03c25077124585 [diff] [blame]