Adding KEY_PERMANENTLY_INVALIDATED to ResponseCode
This response code needs to be added in the condition where a super
encrypted key blob fails to be read in after a user changes their pin.
Currently, the error code being sent back is VALUE_CORRUPTED, which is
incorrect.
Bug: 118883532
Test: atest cts/hostsidetests/appsecurity/src/android/appsecurity/cts/AuthBoundKeyTest.java
Change-Id: I188948e6e2e66903ee259108db9b8d26d11ca92c
Merged-In: I188948e6e2e66903ee259108db9b8d26d11ca92c
diff --git a/keystore/blob.cpp b/keystore/blob.cpp
index f887e80..ee56245 100644
--- a/keystore/blob.cpp
+++ b/keystore/blob.cpp
@@ -400,7 +400,16 @@
if (rawBlobIsEncrypted(*rawBlob)) {
rc = AES_gcm_decrypt(rawBlob->value /* in */, rawBlob->value /* out */, encryptedLength,
aes_key, rawBlob->initialization_vector, rawBlob->aead_tag);
- if (rc != ResponseCode::NO_ERROR) return rc;
+ if (rc != ResponseCode::NO_ERROR) {
+ // If the blob was superencrypted and decryption failed, it is
+ // almost certain that decryption is failing due to a user's
+ // changed master key.
+ if ((rawBlob->flags & KEYSTORE_FLAG_SUPER_ENCRYPTED) &&
+ (rc == ResponseCode::VALUE_CORRUPTED)) {
+ return ResponseCode::KEY_PERMANENTLY_INVALIDATED;
+ }
+ return rc;
+ }
}
} else if (rawBlob->version < 3) {
blobv2& v2blob = reinterpret_cast<blobv2&>(*rawBlob);