Remove HardwareAuthToken support from vold::Keymaster
HardwareAuthTokens are no longer used by vold since Android P. So remove
the auth token parameter from vold. This patch doesn't remove the token
from IVold.aidl, and the methods in VoldNativeService.cpp return an
error if a non-empty auth token is passed to them.
Bug: 181910578
Test: cuttlefish and bramble boot with patch
Change-Id: I1a9f54e10f9efdda9973906afd0a5de5a699ada5
diff --git a/Keymaster.cpp b/Keymaster.cpp
index 786cdb5..e217ad4 100644
--- a/Keymaster.cpp
+++ b/Keymaster.cpp
@@ -198,7 +198,6 @@
KeymasterOperation Keymaster::begin(km::KeyPurpose purpose, const std::string& key,
const km::AuthorizationSet& inParams,
- const km::HardwareAuthToken& authToken,
km::AuthorizationSet* outParams) {
auto keyBlob = km::support::blob2hidlVec(key);
uint64_t mOpHandle;
@@ -212,7 +211,8 @@
mOpHandle = operationHandle;
};
- auto error = mDevice->begin(purpose, keyBlob, inParams.hidl_data(), authToken, hidlCb);
+ auto error =
+ mDevice->begin(purpose, keyBlob, inParams.hidl_data(), km::HardwareAuthToken(), hidlCb);
if (!error.isOk()) {
LOG(ERROR) << "begin failed: " << error.description();
return KeymasterOperation(km::ErrorCode::UNKNOWN_ERROR);
@@ -343,7 +343,7 @@
auto paramBuilder = km::AuthorizationSetBuilder().NoDigestOrPadding();
while (true) {
- op = dev.begin(km::KeyPurpose::SIGN, key, paramBuilder, km::HardwareAuthToken(), &outParams);
+ op = dev.begin(km::KeyPurpose::SIGN, key, paramBuilder, &outParams);
if (op.errorCode() == km::ErrorCode::KEY_RATE_LIMIT_EXCEEDED) {
sleep(ratelimit);
continue;