commit 98c5916d4a807614fad5fdfb63aa10d724b9ef0a
author Shawn Willden <swillden@google.com> Sun Mar 20 09:10:18 2016 -0600
committer Shawn Willden <swillden@google.com> Tue Mar 29 18:17:07 2016 -0600
tree f2ad3ba116d8aeeef670151e2c81431018e6926b
parent 814a6e725cd89ad6bf27a9951d25025dc9ace9a8

Implement key upgrade in keystore.

Change-Id: I0cf169d9366aee1de32f1cc4501af76e6e1bc505

keystore/key_store_service.h

diff --git a/keystore/key_store_service.h b/keystore/key_store_service.h
index 12a342e..7d55919 100644
--- a/keystore/key_store_service.h
+++ b/keystore/key_store_service.h
@@ -19,6 +19,8 @@
 
 #include <keystore/IKeystoreService.h>
 
+#include <keymaster/authorization_set.h>
+
 #include "auth_token_table.h"
 #include "keystore.h"
 #include "keystore_keymaster_enforcement.h"
@@ -222,6 +224,17 @@
                                uint8_t** out, size_t* outLength, const uint8_t* signature,
                                size_t signatureLength, keymaster_purpose_t purpose);
 
+    /**
+     * Upgrade a key blob under alias "name", returning the new blob in "blob".  If "blob"
+     * previously contained data, it will be overwritten.
+     *
+     * Returns ::NO_ERROR if the key was upgraded successfully.
+     *         KM_ERROR_VERSION_MISMATCH if called on a key whose patch level is greater than or
+     *         equal to the current system patch level.
+     */
+    int32_t upgradeKeyBlob(const String16& name, uid_t targetUid,
+                           const keymaster::AuthorizationSet& params, Blob* blob);
+
     ::KeyStore* mKeyStore;
     OperationMap mOperationMap;
     keymaster::AuthTokenTable mAuthTokenTable;