Fix temporary key deletion after device ID attestation After device ID attestation has been performed, the key used for it should be deleted. Calling directly into the keymaster HAL for this is wrong as it removes the key from keymaster but still leaves the actual key matter around and the alias visible to KeyStore. The key should be deleted using the KeyStore's delete method. Bug: 37522655 Test: GTS DeviceIdAttestationHostTest Change-Id: If3da9913fb54b077d3471f82269341966b1687e4

commit: e0256a8dbb06b8cc4b38b6b475b44d369eec383e [log] [tgz]
author: Bartosz Fabianowski <bartfab@google.com> Wed Apr 26 10:50:50 2017 +0200
committer: Bartosz Fabianowski <bartfab@google.com> Wed Apr 26 10:50:54 2017 +0200
tree: 44c61f28f0d8229954c0e450e2ee72ae17af3c99
parent: e3b7240bf515818145e97529d2e1d4d707e097c6 [diff]
diff --git a/keystore/key_store_service.cpp b/keystore/key_store_service.cpp
index d5923b5..a509eea 100644
--- a/keystore/key_store_service.cpp
+++ b/keystore/key_store_service.cpp

@@ -1402,7 +1402,7 @@
     if (attestingDeviceIds) {
         // When performing device id attestation, treat the key as ephemeral and delete it straight
         // away.
-        deletionRc = KS_HANDLE_HIDL_ERROR(dev->deleteKey(hidlKey));
+        deletionRc = del(name, callingUid);
     }
 
     if (!attestationRc.isOk()) {
commit	e0256a8dbb06b8cc4b38b6b475b44d369eec383e	[log] [tgz]
author	Bartosz Fabianowski <bartfab@google.com>	Wed Apr 26 10:50:50 2017 +0200
committer	Bartosz Fabianowski <bartfab@google.com>	Wed Apr 26 10:50:54 2017 +0200
tree	44c61f28f0d8229954c0e450e2ee72ae17af3c99
parent	e3b7240bf515818145e97529d2e1d4d707e097c6 [diff]