commit | 618869e08ca57d79f99133a70932ed355730b717 | [log] [tgz] |
---|---|---|
author | Paul Crowley <paulcrowley@google.com> | Thu Apr 08 20:30:54 2021 -0700 |
committer | Paul Crowley <paulcrowley@google.com> | Tue Apr 27 12:11:25 2021 -0700 |
tree | 65fb8c4ae5e761e3e961a16172b93f521cb3b4ce | |
parent | ef611e54ff2cf92cdc69237eb06562a620a165ac [diff] |
Biometric support for UNLOCKED_DEVICE_REQUIRED When the device is locked, keystore is passed a list of biometric SIDs which should allow unlock of UNLOCKED_DEVICE_REQUIRED keys. It creates a KM key protected by these SIDs and uses it to encrypt the UNLOCKED_DEVICE_REQUIRED secrets, and uses this key to recover those secrets when the device is unlocked. Test: aosp/1686345 Bug: 163866361 Change-Id: Ic73ed0089cd9567a83c38aed61e20215862aa0be