commit b9433b507b4fafe1408f2dd7c00a05234624b3f9
author Qi Wu <siofive@google.com> Tue Dec 01 14:52:46 2020 +0800
committer Janis Danisevskis <jdanis@google.com> Tue Jan 26 08:45:31 2021 -0800
tree 0b1b203d072af7625a2be0baef9dce19f17a52d6
parent 1e292289b7d7f741bc23289fc88d575ade5c0593

Keystore 2.0: Enforcement for limited use keys.

Bug: b/174140443
Test: atest keystore2_test
Change-Id: I6433b7c7f305d67d8e77277990f732d634801f10

keystore2/src/operation.rs

diff --git a/keystore2/src/operation.rs b/keystore2/src/operation.rs
index 30e6d55..829987d 100644
--- a/keystore2/src/operation.rs
+++ b/keystore2/src/operation.rs
@@ -341,7 +341,7 @@
             .auth_info
             .lock()
             .unwrap()
-            .get_auth_tokens()
+            .before_update()
             .context("In update_aad: Trying to get auth tokens.")?;
 
         self.update_outcome(
@@ -377,7 +377,7 @@
             .auth_info
             .lock()
             .unwrap()
-            .get_auth_tokens()
+            .before_update()
             .context("In update: Trying to get auth tokens.")?;
 
         self.update_outcome(
@@ -423,7 +423,7 @@
             .auth_info
             .lock()
             .unwrap()
-            .get_auth_tokens()
+            .before_finish()
             .context("In finish: Trying to get auth tokens.")?;
 
         let output = self
@@ -440,6 +440,8 @@
             )
             .context("In finish: KeyMint::finish failed.")?;
 
+        self.auth_info.lock().unwrap().after_finish().context("In finish.")?;
+
         // At this point the operation concluded successfully.
         *outcome = Outcome::Success;