Keystore 2.0: make clean namespace query more precise.
Restrict clean namespace query to client keys.
Test: N/A
Change-Id: Ie06f6fb46811b391fe2c5efc681ee3a3b08d8988
diff --git a/keystore2/src/database.rs b/keystore2/src/database.rs
index 1e54ec1..9828c7c 100644
--- a/keystore2/src/database.rs
+++ b/keystore2/src/database.rs
@@ -2821,32 +2821,33 @@
"DELETE FROM persistent.keymetadata
WHERE keyentryid IN (
SELECT id FROM persistent.keyentry
- WHERE domain = ? AND namespace = ?
+ WHERE domain = ? AND namespace = ? AND key_type = ?
);",
- params![domain.0, namespace],
+ params![domain.0, namespace, KeyType::Client],
)
.context("Trying to delete keymetadata.")?;
tx.execute(
"DELETE FROM persistent.keyparameter
WHERE keyentryid IN (
SELECT id FROM persistent.keyentry
- WHERE domain = ? AND namespace = ?
+ WHERE domain = ? AND namespace = ? AND key_type = ?
);",
- params![domain.0, namespace],
+ params![domain.0, namespace, KeyType::Client],
)
.context("Trying to delete keyparameters.")?;
tx.execute(
"DELETE FROM persistent.grant
WHERE keyentryid IN (
SELECT id FROM persistent.keyentry
- WHERE domain = ? AND namespace = ?
+ WHERE domain = ? AND namespace = ? AND key_type = ?
);",
- params![domain.0, namespace],
+ params![domain.0, namespace, KeyType::Client],
)
.context("Trying to delete grants.")?;
tx.execute(
- "DELETE FROM persistent.keyentry WHERE domain = ? AND namespace = ?;",
- params![domain.0, namespace],
+ "DELETE FROM persistent.keyentry
+ WHERE domain = ? AND namespace = ? AND key_type = ?;",
+ params![domain.0, namespace, KeyType::Client],
)
.context("Trying to delete keyentry.")?;
Ok(()).need_gc()