Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_security / 673d34addba30be44edfe27bd737c77fc68a518a^! / . / keystore2 / src / service.rs
commit673d34addba30be44edfe27bd737c77fc68a518a[log] [tgz]
authorEric Biggers <ebiggers@google.com>Wed Oct 18 01:54:18 2023 +0000
committerEric Biggers <ebiggers@google.com>Wed Oct 18 01:54:18 2023 +0000
tree194b9f3b8f06f1722b10c02730e7970c97bf9465
parent1386937ecab8f2371cfc163583233565842b2525 [diff] [blame]
keystore2: rename the LskfBound superencryption key and type

Rename the LskfBound superencryption key and superencryption type (also
known as per-boot) to AfterFirstUnlock.

This makes it much clearer what the protection of this key is.  This
includes avoiding the misleading use of "LSKF"; the secret that's
actually relevant is the user's synthetic password, which is most
commonly unlocked with the LSKF but can potentially be unlocked in other
ways.  This is also helpful for the planned change to make the user's
super keys exist even while the user doesn't have an LSKF.

Bug: 296464083
Test: atest -p --include-subdirs system/security/keystore2
Test: atest CtsKeystoreTestCases
Flag: exempt, mechanical refactoring and comment changes
Change-Id: I9b16934f37222fef2bf01830f521928ef2c1853a

diff --git a/keystore2/src/service.rs b/keystore2/src/service.rs
index 7ba8cbc..1459254 100644
--- a/keystore2/src/service.rs
+++ b/keystore2/src/service.rs

@@ -126,8 +126,10 @@
     fn get_key_entry(&self, key: &KeyDescriptor) -> Result<KeyEntryResponse> {
         let caller_uid = ThreadState::get_calling_uid();
 
-        let super_key =
-            SUPER_KEY.read().unwrap().get_per_boot_key_by_user_id(uid_to_android_user(caller_uid));
+        let super_key = SUPER_KEY
+            .read()
+            .unwrap()
+            .get_after_first_unlock_key_by_user_id(uid_to_android_user(caller_uid));
 
         let (key_id_guard, mut key_entry) = DB
             .with(|db| {
@@ -181,8 +183,10 @@
         certificate_chain: Option<&[u8]>,
     ) -> Result<()> {
         let caller_uid = ThreadState::get_calling_uid();
-        let super_key =
-            SUPER_KEY.read().unwrap().get_per_boot_key_by_user_id(uid_to_android_user(caller_uid));
+        let super_key = SUPER_KEY
+            .read()
+            .unwrap()
+            .get_after_first_unlock_key_by_user_id(uid_to_android_user(caller_uid));
 
         DB.with::<_, Result<()>>(|db| {
             let entry = match LEGACY_IMPORTER.with_try_import(key, caller_uid, super_key, || {
@@ -315,8 +319,10 @@
 
     fn delete_key(&self, key: &KeyDescriptor) -> Result<()> {
         let caller_uid = ThreadState::get_calling_uid();
-        let super_key =
-            SUPER_KEY.read().unwrap().get_per_boot_key_by_user_id(uid_to_android_user(caller_uid));
+        let super_key = SUPER_KEY
+            .read()
+            .unwrap()
+            .get_after_first_unlock_key_by_user_id(uid_to_android_user(caller_uid));
 
         DB.with(|db| {
             LEGACY_IMPORTER.with_try_import(key, caller_uid, super_key, || {
@@ -337,8 +343,10 @@
         access_vector: permission::KeyPermSet,
     ) -> Result<KeyDescriptor> {
         let caller_uid = ThreadState::get_calling_uid();
-        let super_key =
-            SUPER_KEY.read().unwrap().get_per_boot_key_by_user_id(uid_to_android_user(caller_uid));
+        let super_key = SUPER_KEY
+            .read()
+            .unwrap()
+            .get_after_first_unlock_key_by_user_id(uid_to_android_user(caller_uid));
 
         DB.with(|db| {
             LEGACY_IMPORTER.with_try_import(key, caller_uid, super_key, || {