Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit a200371d authored by Eran Messeri's avatar Eran Messeri
Browse files

Warn user when removing LSKF in the presence of auth-bound keys 

When the user goes through the flow of removing the device's lockscreen
knowledge factor (LSKF), warn them in case they have apps with
auth-bound keys on the device. Auth-bound keys that are bound to the
LSKF's secure user ID (that is, auth-bound keys that can be
authenticated by the user entering their LSKF) will be invalidated
when the LSKF is removed.

That means apps will not be able to decrypt the data encrypted with
these keys or use them to sign anything anymore (potentially effectively
losing the user's ability to prove their identity).

In this case, change the warning message that is shown to the user,
to make it clear wallet apps (that typically use such keys) will stop
working as well as other apps.

Bug: 302109605
Test: Manual, enrolled a PIN, face and fingerprint and tried removing PIN.
      A CtsVerifier test will be added later.
Change-Id: I276b744f54763e291abe1f20824da4f8f156679d
parent 3fc7f37c
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment