Merge changes from topic "vold-keystore2-fixes"

* changes:
  Remove unused constants and cleanup KeyStorage.cpp
  Remove unused parameter "salt" from stretchSecret()
  Use AServiceManager_waitForService() to connect to keystore2
diff --git a/KeyStorage.cpp b/KeyStorage.cpp
index 8d518de..954ba7f 100644
--- a/KeyStorage.cpp
+++ b/KeyStorage.cpp
@@ -45,8 +45,6 @@
 
 #include <cutils/properties.h>
 
-#include <hardware/hw_auth_token.h>
-
 extern "C" {
 
 #include "crypto_scrypt.h"
@@ -60,24 +58,18 @@
 static constexpr size_t AES_KEY_BYTES = 32;
 static constexpr size_t GCM_NONCE_BYTES = 12;
 static constexpr size_t GCM_MAC_BYTES = 16;
-static constexpr size_t SALT_BYTES = 1 << 4;
 static constexpr size_t SECDISCARDABLE_BYTES = 1 << 14;
-static constexpr size_t STRETCHED_BYTES = 1 << 6;
-
-static constexpr uint32_t AUTH_TIMEOUT = 30;  // Seconds
 
 static const char* kCurrentVersion = "1";
 static const char* kRmPath = "/system/bin/rm";
 static const char* kSecdiscardPath = "/system/bin/secdiscard";
 static const char* kStretch_none = "none";
 static const char* kStretch_nopassword = "nopassword";
-static const std::string kStretchPrefix_scrypt = "scrypt ";
 static const char* kHashPrefix_secdiscardable = "Android secdiscardable SHA512";
 static const char* kHashPrefix_keygen = "Android key wrapping key generation SHA512";
 static const char* kFn_encrypted_key = "encrypted_key";
 static const char* kFn_keymaster_key_blob = "keymaster_key_blob";
 static const char* kFn_keymaster_key_blob_upgraded = "keymaster_key_blob_upgraded";
-static const char* kFn_salt = "salt";
 static const char* kFn_secdiscardable = "secdiscardable";
 static const char* kFn_stretching = "stretching";
 static const char* kFn_version = "version";
@@ -154,7 +146,7 @@
                                 .GcmModeMinMacLen(GCM_MAC_BYTES * 8)
                                 .Authorization(km::TAG_APPLICATION_ID, appId)
                                 .Authorization(km::TAG_NO_AUTH_REQUIRED);
-    LOG(DEBUG) << "Generating \"key storage\" key that doesn't need auth token";
+    LOG(DEBUG) << "Generating \"key storage\" key";
     return generateKeymasterKey(keymaster, paramBuilder, key);
 }
 
@@ -415,7 +407,7 @@
 }
 
 static bool stretchSecret(const std::string& stretching, const std::string& secret,
-                          const std::string& salt, std::string* stretched) {
+                          std::string* stretched) {
     if (stretching == kStretch_nopassword) {
         if (!secret.empty()) {
             LOG(WARNING) << "Password present but stretching is nopassword";
@@ -432,10 +424,9 @@
 }
 
 static bool generateAppId(const KeyAuthentication& auth, const std::string& stretching,
-                          const std::string& salt, const std::string& secdiscardable_hash,
-                          std::string* appId) {
+                          const std::string& secdiscardable_hash, std::string* appId) {
     std::string stretched;
-    if (!stretchSecret(stretching, auth.secret, salt, &stretched)) return false;
+    if (!stretchSecret(stretching, auth.secret, &stretched)) return false;
     *appId = secdiscardable_hash + stretched;
 
     const std::lock_guard<std::mutex> scope_lock(storage_binding_info.guard);
@@ -570,9 +561,8 @@
     if (!createSecdiscardable(dir + "/" + kFn_secdiscardable, &secdiscardable_hash)) return false;
     std::string stretching = getStretching(auth);
     if (!writeStringToFile(stretching, dir + "/" + kFn_stretching)) return false;
-    std::string salt;
     std::string appId;
-    if (!generateAppId(auth, stretching, salt, secdiscardable_hash, &appId)) return false;
+    if (!generateAppId(auth, stretching, secdiscardable_hash, &appId)) return false;
     std::string encryptedKey;
     if (auth.usesKeymaster()) {
         Keymaster keymaster;
@@ -621,9 +611,8 @@
     if (!readSecdiscardable(dir + "/" + kFn_secdiscardable, &secdiscardable_hash)) return false;
     std::string stretching;
     if (!readFileToString(dir + "/" + kFn_stretching, &stretching)) return false;
-    std::string salt;
     std::string appId;
-    if (!generateAppId(auth, stretching, salt, secdiscardable_hash, &appId)) return false;
+    if (!generateAppId(auth, stretching, secdiscardable_hash, &appId)) return false;
     std::string encryptedMessage;
     if (!readFileToString(dir + "/" + kFn_encrypted_key, &encryptedMessage)) return false;
     if (auth.usesKeymaster()) {
diff --git a/KeyStorage.h b/KeyStorage.h
index 09d0aac..e318959 100644
--- a/KeyStorage.h
+++ b/KeyStorage.h
@@ -27,10 +27,6 @@
 namespace vold {
 
 // Represents the information needed to decrypt a disk encryption key.
-// If "token" is nonempty, it is passed in as a required Gatekeeper auth token.
-// If "token" and "secret" are nonempty, "secret" is appended to the application-specific
-// binary needed to unlock.
-// If only "secret" is nonempty, it is used to decrypt in a non-Keymaster process.
 class KeyAuthentication {
   public:
     KeyAuthentication(const std::string& s) : secret{s} {};
diff --git a/Keymaster.cpp b/Keymaster.cpp
index 1d69dde..8038681 100644
--- a/Keymaster.cpp
+++ b/Keymaster.cpp
@@ -104,7 +104,7 @@
 }
 
 Keymaster::Keymaster() {
-    ::ndk::SpAIBinder binder(AServiceManager_getService(keystore2_service_name));
+    ::ndk::SpAIBinder binder(AServiceManager_waitForService(keystore2_service_name));
     auto keystore2Service = ks2::IKeystoreService::fromBinder(binder);
 
     if (!keystore2Service) {