b3de337
409c083
am: 50da911 * commit '50da911fda64205677571d9cb1d668336cfb0f7f': Use a longer timeout on the disk encryption keys Change-Id: I43279eb3a1bd92839c2d742acc95cb96c920b5dd
50da911
@ -56,6 +56,8 @@ static constexpr size_t SALT_BYTES = 1 << 4;
static constexpr size_t SECDISCARDABLE_BYTES = 1 << 14;
static constexpr size_t STRETCHED_BYTES = 1 << 6;
static constexpr uint32_t AUTH_TIMEOUT = 30; // Seconds
static const char* kCurrentVersion = "1";
static const char* kRmPath = "/system/bin/rm";
static const char* kSecdiscardPath = "/system/bin/secdiscard";
@ -115,7 +117,7 @@ static bool generateKeymasterKey(Keymaster& keymaster, const KeyAuthentication&
const hw_auth_token_t* at = reinterpret_cast<const hw_auth_token_t*>(auth.token.data());
paramBuilder.Authorization(keymaster::TAG_USER_SECURE_ID, at->user_id);
paramBuilder.Authorization(keymaster::TAG_USER_AUTH_TYPE, HW_AUTH_PASSWORD);
paramBuilder.Authorization(keymaster::TAG_AUTH_TIMEOUT, 5);
paramBuilder.Authorization(keymaster::TAG_AUTH_TIMEOUT, AUTH_TIMEOUT);
}
return keymaster.generateKey(paramBuilder.build(), key);