keystore: remove misleading error message from AES_gcm_decrypt()
Since there's now a case where AES_gcm_decrypt() is expected to fail
(trying to use HKDF-derived key to decrypt an old super key that's
encrypted by an PBKDF2-derived key, before falling back to PBKDF2),
remove the corresponding error message from the C++ function. The error
message is misleading in this case. In other cases, the error message
does not provide useful information since it seems to be the only way
that AES_gcm_decrypt() can actually fail (seeing as the length mismatch
should never happen), and the caller uses the boolean return value to
create the real Rust error which is then logged/handled appropriately.
Bug: 296464083
Bug: 314391626
Test: Verified that on device that has old super keys, the
"Failed to decrypt blob" message is no longer logged.
Change-Id: I1a85572626d90b74aa3ccd31bd112d7b06fbe028
diff --git a/keystore2/src/crypto/crypto.cpp b/keystore2/src/crypto/crypto.cpp
index 15079a1..56d8de6 100644
--- a/keystore2/src/crypto/crypto.cpp
+++ b/keystore2/src/crypto/crypto.cpp
@@ -141,7 +141,8 @@
EVP_DecryptUpdate(ctx.get(), out_pos, &out_len, in, len);
out_pos += out_len;
if (!EVP_DecryptFinal_ex(ctx.get(), out_pos, &out_len)) {
- ALOGE("Failed to decrypt blob; ciphertext or tag is likely corrupted");
+ // No error log here; this is expected when trying two different keys to see which one
+ // works. The callers handle the error appropriately.
return false;
}
out_pos += out_len;