Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit c5e69730 authored by Eric Biggers's avatar Eric Biggers
Browse files

LockSettingsService: pass SyntheticPassword to setUserKeyProtection() 

Make setUserKeyProtection() consistent with unlockUserKey() by taking in
the SyntheticPassword instead of the "FBE key" directly.  This is a
straightforward refactor.

Bug: 296464083
Test: atest com.android.server.locksettings
Change-Id: I3a1a51c4f94b1e5082d9be65306df29aad2e3036
parent 8881839d

services/core/java/com/android/server/locksettings/LockSettingsService.java

+4 −3
Original line number Diff line number Diff line
@@ -1050,7 +1050,7 @@ public class LockSettingsService extends ILockSettings.Stub { 
                Slogf.wtf(TAG, "Failed to unwrap synthetic password for unsecured user %d", userId);

                return;

            }

            setUserKeyProtection(userId, result.syntheticPassword.deriveFileBasedEncryptionKey());

            setUserKeyProtection(userId, result.syntheticPassword);

        }

    }
@@ -2012,7 +2012,8 @@ public class LockSettingsService extends ILockSettings.Stub { 
        mStorage.writeChildProfileLock(profileUserId, ArrayUtils.concat(iv, ciphertext));

    }



    private void setUserKeyProtection(@UserIdInt int userId, byte[] secret) {

    private void setUserKeyProtection(@UserIdInt int userId, SyntheticPassword sp) {

        final byte[] secret = sp.deriveFileBasedEncryptionKey();

        final long callingId = Binder.clearCallingIdentity();

        try {

            mStorageManager.setUserKeyProtection(userId, secret);
@@ -2769,7 +2770,7 @@ public class LockSettingsService extends ILockSettings.Stub { 
            final long protectorId = mSpManager.createLskfBasedProtector(getGateKeeperService(),

                    LockscreenCredential.createNone(), sp, userId);

            setCurrentLskfBasedProtectorId(protectorId, userId);

            setUserKeyProtection(userId, sp.deriveFileBasedEncryptionKey());

            setUserKeyProtection(userId, sp);

            onSyntheticPasswordCreated(userId, sp);

            Slogf.i(TAG, "Successfully initialized synthetic password for user %d", userId);

            return sp;