summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
author Dmitry Dementyev <dementyev@google.com> 2019-07-23 16:43:23 -0700
committer android-build-merger <android-build-merger@google.com> 2019-07-23 16:43:23 -0700
commit0aa504ec23278b1ad32cf502734034a2bf7eba8c (patch)
tree68d2161dbbb57c3a2b91c09096fce3093a9466a4
parent5534e979edd80fdc70d4bb64db26d8920e91dcd8 (diff)
parentf7ed4da59c52240ee1e189dfbbe7c1c3267d1d10 (diff)
Merge "Tell KeyStore to ignore caller uid for PlatformKeyManager's keys." into qt-r1-dev
am: f7ed4da59c Change-Id: I8dfb9dcd0952058e0da6518a8868bb2257e58749
Diffstat
-rw-r--r--services/core/java/com/android/server/locksettings/recoverablekeystore/PlatformKeyManager.java33
1 files changed, 20 insertions, 13 deletions
diff --git a/services/core/java/com/android/server/locksettings/recoverablekeystore/PlatformKeyManager.java b/services/core/java/com/android/server/locksettings/recoverablekeystore/PlatformKeyManager.java
index c54bfc01e031..0ad6c2a69556 100644
--- a/services/core/java/com/android/server/locksettings/recoverablekeystore/PlatformKeyManager.java
+++ b/services/core/java/com/android/server/locksettings/recoverablekeystore/PlatformKeyManager.java
@@ -19,6 +19,7 @@ package com.android.server.locksettings.recoverablekeystore;
import android.app.KeyguardManager;
import android.content.Context;
import android.os.RemoteException;
+import android.os.UserHandle;
import android.security.GateKeeper;
import android.security.keystore.AndroidKeyStoreSecretKey;
import android.security.keystore.KeyPermanentlyInvalidatedException;
@@ -437,25 +438,31 @@ public class PlatformKeyManager {
// so it may live in memory for some time.
SecretKey secretKey = generateAesKey();
- long secureUserId = getGateKeeperService().getSecureUserId(userId);
- // TODO(b/124095438): Propagate this failure instead of silently failing.
- if (secureUserId == GateKeeper.INVALID_SECURE_USER_ID) {
- Log.e(TAG, "No SID available for user " + userId);
- return;
- }
-
- // Store decryption key first since it is more likely to fail.
- mKeyStore.setEntry(
- decryptAlias,
- new KeyStore.SecretKeyEntry(secretKey),
+ KeyProtection.Builder decryptionKeyProtection =
new KeyProtection.Builder(KeyProperties.PURPOSE_DECRYPT)
.setUserAuthenticationRequired(true)
.setUserAuthenticationValidityDurationSeconds(
USER_AUTHENTICATION_VALIDITY_DURATION_SECONDS)
.setBlockModes(KeyProperties.BLOCK_MODE_GCM)
- .setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_NONE)
+ .setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_NONE);
+ if (userId != UserHandle.USER_SYSTEM) {
+ // Bind decryption key to secondary profile lock screen secret.
+ long secureUserId = getGateKeeperService().getSecureUserId(userId);
+ // TODO(b/124095438): Propagate this failure instead of silently failing.
+ if (secureUserId == GateKeeper.INVALID_SECURE_USER_ID) {
+ Log.e(TAG, "No SID available for user " + userId);
+ return;
+ }
+ decryptionKeyProtection
.setBoundToSpecificSecureUserId(secureUserId)
- .build());
+ // Ignore caller uid which always belongs to the primary profile.
+ .setCriticalToDeviceEncryption(true);
+ }
+ // Store decryption key first since it is more likely to fail.
+ mKeyStore.setEntry(
+ decryptAlias,
+ new KeyStore.SecretKeyEntry(secretKey),
+ decryptionKeyProtection.build());
mKeyStore.setEntry(
encryptAlias,
new KeyStore.SecretKeyEntry(secretKey),
generated by cgit v1.2.3-59-g8ed1b (git 2.39.0) at 2025-12-24 19:16:30 +0000