commit d0749a339a99e34a438e3a06852405e8bc65f8e2
author Max Bires <jbires@google.com> Fri Mar 08 10:23:06 2019 -0800
committer android-build-merger <android-build-merger@google.com> Fri Mar 08 10:23:06 2019 -0800
tree 487b3ee51036ba0da44a72b25358a1631f7f06f6
parent 056a8ba529a9cc9ae5521901cd6858be57e6c3db
parent 3e9cd87e48cf009067548164fa1fbd0b5b026d5d

Merge "Adding KEY_PERMANENTLY_INVALIDATED to ResponseCode"
am: 3e9cd87e48

Change-Id: Ic25254b5586b42bd282b8ef75dfe6b3973eca630

keystore/blob.cpp

diff --git a/keystore/blob.cpp b/keystore/blob.cpp
index f9485a4..9dd85d6 100644
--- a/keystore/blob.cpp
+++ b/keystore/blob.cpp
@@ -420,7 +420,16 @@
         if (rawBlobIsEncrypted(*rawBlob)) {
             rc = AES_gcm_decrypt(rawBlob->value /* in */, rawBlob->value /* out */, encryptedLength,
                                  aes_key, rawBlob->initialization_vector, rawBlob->aead_tag);
-            if (rc != ResponseCode::NO_ERROR) return rc;
+            if (rc != ResponseCode::NO_ERROR) {
+                // If the blob was superencrypted and decryption failed, it is
+                // almost certain that decryption is failing due to a user's
+                // changed master key.
+                if ((rawBlob->flags & KEYSTORE_FLAG_SUPER_ENCRYPTED) &&
+                    (rc == ResponseCode::VALUE_CORRUPTED)) {
+                    return ResponseCode::KEY_PERMANENTLY_INVALIDATED;
+                }
+                return rc;
+            }
         }
     } else if (rawBlob->version < 3) {
         blobv2& v2blob = reinterpret_cast<blobv2&>(*rawBlob);

keystore/include/keystore/keystore.h

diff --git a/keystore/include/keystore/keystore.h b/keystore/include/keystore/keystore.h
index a1d4c81..3aed8c2 100644
--- a/keystore/include/keystore/keystore.h
+++ b/keystore/include/keystore/keystore.h
@@ -44,6 +44,7 @@
     SIGNATURE_INVALID = 14,
     OP_AUTH_NEEDED = 15,  // Auth is needed for this operation before it can be used.
     KEY_ALREADY_EXISTS = 16,
+    KEY_PERMANENTLY_INVALIDATED = 17,
 };
 
 /*