From da5dae23f9cd5a2776b7f70a58e234dd8a9fcdf7 Mon Sep 17 00:00:00 2001 From: Janis Danisevskis Date: Fri, 1 Sep 2017 14:45:16 -0700 Subject: Fix use of auth-bound keys after screen lock removal When an auth-bound key is used after the screen lock has been removed by the user, KeyStore.begin retruns UNINITIALIZED. This patch adds handling for this error code, indicating that the key that was to be used was permanently invalidated. Bug: 65200397 Test: CtsVerifier ScreenLockBoundKeysTest: 1. Run test 2. with CtsVerifier in the background remove the screen lock through the settings dialog 3. Select VtsVerifier in 'recents' 4. Run test again Change-Id: If68ba0eb2f9c04655fe8c9eea28c4491eae8e92f (cherry picked from commit d07d3384279c0c07c5c6747ea8d0c5684264c9d0) --- keystore/java/android/security/KeyStore.java | 2 ++ 1 file changed, 2 insertions(+) diff --git a/keystore/java/android/security/KeyStore.java b/keystore/java/android/security/KeyStore.java index ccf9de0abdb4..7e959a87da5d 100644 --- a/keystore/java/android/security/KeyStore.java +++ b/keystore/java/android/security/KeyStore.java @@ -754,6 +754,8 @@ public class KeyStore { // None of the key's SIDs can ever be authenticated return new KeyPermanentlyInvalidatedException(); } + case UNINITIALIZED: + return new KeyPermanentlyInvalidatedException(); default: return new InvalidKeyException("Keystore operation failed", e); } -- cgit v1.2.3-59-g8ed1b