diff options
| author | 2023-10-16 17:21:16 +0000 | |
|---|---|---|
| committer | 2023-10-16 17:21:16 +0000 | |
| commit | c5e6973068fdef3be2214a06d053772c94637525 (patch) | |
| tree | 3614a779adb1b23083df97bb738194285541a42f | |
| parent | 8881839db52a3629ead5ada2d0e4b2242ca3bae2 (diff) | |
LockSettingsService: pass SyntheticPassword to setUserKeyProtection()
Make setUserKeyProtection() consistent with unlockUserKey() by taking in
the SyntheticPassword instead of the "FBE key" directly. This is a
straightforward refactor.
Bug: 296464083
Test: atest com.android.server.locksettings
Change-Id: I3a1a51c4f94b1e5082d9be65306df29aad2e3036
| -rw-r--r-- | services/core/java/com/android/server/locksettings/LockSettingsService.java | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/services/core/java/com/android/server/locksettings/LockSettingsService.java b/services/core/java/com/android/server/locksettings/LockSettingsService.java index a550a15580aa..cd57a9a6821a 100644 --- a/services/core/java/com/android/server/locksettings/LockSettingsService.java +++ b/services/core/java/com/android/server/locksettings/LockSettingsService.java @@ -1050,7 +1050,7 @@ public class LockSettingsService extends ILockSettings.Stub { Slogf.wtf(TAG, "Failed to unwrap synthetic password for unsecured user %d", userId); return; } - setUserKeyProtection(userId, result.syntheticPassword.deriveFileBasedEncryptionKey()); + setUserKeyProtection(userId, result.syntheticPassword); } } @@ -2012,7 +2012,8 @@ public class LockSettingsService extends ILockSettings.Stub { mStorage.writeChildProfileLock(profileUserId, ArrayUtils.concat(iv, ciphertext)); } - private void setUserKeyProtection(@UserIdInt int userId, byte[] secret) { + private void setUserKeyProtection(@UserIdInt int userId, SyntheticPassword sp) { + final byte[] secret = sp.deriveFileBasedEncryptionKey(); final long callingId = Binder.clearCallingIdentity(); try { mStorageManager.setUserKeyProtection(userId, secret); @@ -2769,7 +2770,7 @@ public class LockSettingsService extends ILockSettings.Stub { final long protectorId = mSpManager.createLskfBasedProtector(getGateKeeperService(), LockscreenCredential.createNone(), sp, userId); setCurrentLskfBasedProtectorId(protectorId, userId); - setUserKeyProtection(userId, sp.deriveFileBasedEncryptionKey()); + setUserKeyProtection(userId, sp); onSyntheticPasswordCreated(userId, sp); Slogf.i(TAG, "Successfully initialized synthetic password for user %d", userId); return sp; |