Fix temporary key deletion after device ID attestation After device ID attestation has been performed, the key used for it should be deleted. Calling directly into the keymaster HAL for this is wrong as it removes the key from keymaster but still leaves the actual key matter around and the alias visible to KeyStore. The key should be deleted using the KeyStore's delete method. Bug: 37522655 Test: GTS DeviceIdAttestationHostTest Change-Id: I10b27216642893d2a1cf8407f65eb4207bcde1f5

commit: a65ab425aa8d625c463a7f639cb95d9b2e33a95a [log] [tgz]
author: Bartosz Fabianowski <bartfab@google.com> Thu Apr 20 04:41:21 2017 +0200
committer: Bartosz Fabianowski <bartfab@google.com> Thu Apr 20 04:41:26 2017 +0200
tree: 27a82081c6a8d1a900a3802f32b6e1cdd0845c21
parent: 484779559c15728cb4b96b7090083ee9f5a3cf95 [diff]
diff --git a/keystore/key_store_service.cpp b/keystore/key_store_service.cpp
index a28a35a..a8b635e 100644
--- a/keystore/key_store_service.cpp
+++ b/keystore/key_store_service.cpp

@@ -1392,7 +1392,7 @@
     if (attestingDeviceIds) {
         // When performing device id attestation, treat the key as ephemeral and delete it straight
         // away.
-        deletionRc = KS_HANDLE_HIDL_ERROR(dev->deleteKey(hidlKey));
+        deletionRc = del(name, callingUid);
     }
 
     if (!attestationRc.isOk()) {
commit	a65ab425aa8d625c463a7f639cb95d9b2e33a95a	[log] [tgz]
author	Bartosz Fabianowski <bartfab@google.com>	Thu Apr 20 04:41:21 2017 +0200
committer	Bartosz Fabianowski <bartfab@google.com>	Thu Apr 20 04:41:26 2017 +0200
tree	27a82081c6a8d1a900a3802f32b6e1cdd0845c21
parent	484779559c15728cb4b96b7090083ee9f5a3cf95 [diff]