commit 6101244f82963473e7944c06f6761fdba498a3b2
author Treehugger Robot <treehugger-gerrit@google.com> Sat Mar 19 04:30:09 2022 +0000
committer Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> Sat Mar 19 04:30:09 2022 +0000
tree 9c342424645a26fd7c77055cfb12d0fa3b20806e
parent 7e17081e8c783ed9e12026d0e1047446ebdf95d0
parent 7ff572e24e218c30b1e776cb2ab48db4d0f188ed

Merge "Replace an outdated TODO in Keystore::exportKey" am: aadef5cd8a am: 7ff572e24e

Original change: https://android-review.googlesource.com/c/platform/system/vold/+/2031283

Change-Id: I7e5da8ef426ea97e733afa7967ba341689ec1424

Keystore.cpp

diff --git a/Keystore.cpp b/Keystore.cpp
index a017d68..d993b0d 100644
--- a/Keystore.cpp
+++ b/Keystore.cpp
@@ -166,7 +166,13 @@
         *key = std::string(ephemeral_key_response.ephemeralKey.begin(),
                            ephemeral_key_response.ephemeralKey.end());
 
-    // TODO b/185811713 store the upgraded key blob if provided and delete the old key blob.
+    // vold intentionally ignores ephemeral_key_response.upgradedBlob, since the
+    // concept of "upgrading" doesn't make sense for TAG_STORAGE_KEY keys
+    // (hardware-wrapped inline encryption keys).  These keys are only meant as
+    // a substitute for raw keys; they still go through vold's usual layer of
+    // key wrapping, which already handles version binding.  So, vold just keeps
+    // using the original blobs for TAG_STORAGE_KEY keys.  If KeyMint "upgrades"
+    // them anyway, then they'll just get re-upgraded before each use.
 
     ret = true;
 out: