Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit e053c1e5 authored by Pavel Grafov's avatar Pavel Grafov
Browse files

Mark profile password key as critical. 

Currently it is erased when keystore for user 0 is cleared, e.g.
when the user clears data for Settings app.

Bug: 64467610
Bug: 35929605
Test: Manually cleared Settings data.
Test: Manually cleared credentials from Settings.
Change-Id: I7e8753a1bf53f5d68d4738a4eb84faa890f026cc
parent aac5431f

services/core/java/com/android/server/locksettings/LockSettingsService.java

+1 −0
Original line number Diff line number Diff line
@@ -1223,6 +1223,7 @@ public class LockSettingsService extends ILockSettings.Stub { 
                                .setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_NONE)

                                .setUserAuthenticationRequired(true)

                                .setUserAuthenticationValidityDurationSeconds(30)

                                .setCriticalToDeviceEncryption(true)

                                .build());

                // Key imported, obtain a reference to it.

                SecretKey keyStoreEncryptionKey = (SecretKey) keyStore.getKey(