Keystore 2.0: Boot level key: Add missing digest to operation params When generating the boot level zero key the operation params were missing the digest parameter which throws off some KM implementaions. Ignore-AOSP-First: No automerge path from AOSP. Bug: 187862706 Test: Reboot twice after applying the patch. Check logs from odsign for sucessful recovery of boot level keys. Change-Id: Ic719fcaae4fc3f5550fcf14b55143c1ca1f125cc Merged-In: Ic719fcaae4fc3f5550fcf14b55143c1ca1f125cc

commit: e2d774bff56e1c81a9d6acfce8fc66eed4226884 [log] [tgz]
author: Janis Danisevskis <jdanis@google.com> Thu May 27 10:39:47 2021 -0700
committer: Janis Danisevskis <jdanis@google.com> Tue Jun 01 14:30:27 2021 -0700
tree: 8b639f1e5bd54785df56e0d92868e26e6266c328
parent: cfaf919af6ffb5a28834ccdf474fc43d3a83348b [diff] [blame]
diff --git a/keystore2/src/boot_level_keys.rs b/keystore2/src/boot_level_keys.rs
index 0df3a45..1110caf 100644
--- a/keystore2/src/boot_level_keys.rs
+++ b/keystore2/src/boot_level_keys.rs

@@ -99,7 +99,10 @@
         })
         .context("In get_level_zero_key: lookup_or_generate_key failed")?;
 
-    let params = [KeyParameterValue::MacLength(256).into()];
+    let params = [
+        KeyParameterValue::MacLength(256).into(),
+        KeyParameterValue::Digest(Digest::SHA_2_256).into(),
+    ];
     let level_zero_key = km_dev
         .use_key_in_one_step(
             db,
commit	e2d774bff56e1c81a9d6acfce8fc66eed4226884	[log] [tgz]
author	Janis Danisevskis <jdanis@google.com>	Thu May 27 10:39:47 2021 -0700
committer	Janis Danisevskis <jdanis@google.com>	Tue Jun 01 14:30:27 2021 -0700
tree	8b639f1e5bd54785df56e0d92868e26e6266c328
parent	cfaf919af6ffb5a28834ccdf474fc43d3a83348b [diff] [blame]