Merge "Remove Tag::PURPOSE before passing KeyParameters to km_dev.begin()"

commit: 5e212dad7942378b8f52cb1a7fc320b07955ce7f [log] [tgz]
author: Satya Tangirala <satyat@google.com> Thu Apr 15 17:37:41 2021 +0000
committer: Gerrit Code Review <noreply-gerritcodereview@google.com> Thu Apr 15 17:37:41 2021 +0000
tree: 098f7c79e7b8df089d2fb7ab8cfcb8e9213f974f
parent: 8409b13b923e46c23779fa4deed223737143da03 [diff]
parent: 2642ff9239a0a32c7da8a8fb96ca59b927fd412b [diff]
diff --git a/keystore2/src/security_level.rs b/keystore2/src/security_level.rs
index 1cf770f..f574467 100644
--- a/keystore2/src/security_level.rs
+++ b/keystore2/src/security_level.rs

@@ -278,6 +278,12 @@
             },
         )?;
 
+        // Remove Tag::PURPOSE from the operation_parameters, since some keymaster devices return
+        // an error on begin() if Tag::PURPOSE is in the operation_parameters.
+        let op_params: Vec<KeyParameter> =
+            operation_parameters.iter().filter(|p| p.tag != Tag::PURPOSE).cloned().collect();
+        let operation_parameters = op_params.as_slice();
+
         let (immediate_hat, mut auth_info) = ENFORCEMENTS
             .authorize_create(
                 purpose,
commit	5e212dad7942378b8f52cb1a7fc320b07955ce7f	[log] [tgz]
author	Satya Tangirala <satyat@google.com>	Thu Apr 15 17:37:41 2021 +0000
committer	Gerrit Code Review <noreply-gerritcodereview@google.com>	Thu Apr 15 17:37:41 2021 +0000
tree	098f7c79e7b8df089d2fb7ab8cfcb8e9213f974f
parent	8409b13b923e46c23779fa4deed223737143da03 [diff]
parent	2642ff9239a0a32c7da8a8fb96ca59b927fd412b [diff]