vold: Bring in more wrapped key changes
Conflicts:
KeyStorage.cpp
KeyUtil.cpp
[wight554: Apply changes from CAF 12]
Change-Id: I44e81afaec78c567a0bf2eed30a79eb737e2a867
Signed-off-by: Volodymyr Zhdanov <wight554@gmail.com>
diff --git a/KeyUtil.cpp b/KeyUtil.cpp
index bd2ccdd..6d96541 100644
--- a/KeyUtil.cpp
+++ b/KeyUtil.cpp
@@ -143,7 +143,14 @@
// A key for a v1 policy is specified by an arbitrary 8-byte
// "descriptor", which must be provided by userspace. We use the
// first 8 bytes from the double SHA-512 of the key itself.
- policy->key_raw_ref = generateKeyRef((const uint8_t*)key.data(), key.size());
+ if (options.use_hw_wrapped_key) {
+ /* When wrapped key is supported, only the first 32 bytes are
+ the same per boot. The second 32 bytes can change as the ephemeral
+ key is different. */
+ policy->key_raw_ref = generateKeyRef((const uint8_t*)key.data(), key.size()/2);
+ } else {
+ policy->key_raw_ref = generateKeyRef((const uint8_t*)key.data(), key.size());
+ }
if (!buildKeySpecifier(&arg->key_spec, *policy)) {
return false;
}