Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_security / 58e675567c446b77c6ec83d8e07fecbd829f60ae
commit58e675567c446b77c6ec83d8e07fecbd829f60ae[log] [tgz]
authorShawn Willden <swillden@google.com>Wed Oct 02 08:58:22 2019 -0600
committerShawn Willden <swillden@google.com>Mon Oct 07 20:19:41 2019 +0000
tree6418a3814718af24f4ae4746179574aa4068e20f
parent550cf87b04e22441aa2e829ee3f2b4e0e3e79dfa [diff]
Encrypt AES-256 keystore master keys.

ag/5984229 that added support for AES-256 master keys inadvertently
caused them not to be encyrpted by the user's password.  This is less
damaging to security than it might appear because these keys are also
encrypted by Keymaster, in the TEE or StrongBox.

Bug: 141955555
Test:  Manually verify password is encryption on a userdebug build.
Change-Id: Ic5e82546df67346e4c348273cf4fe2bac382c9dc
Merged-In: Ie44a4097e058bd5b9e45aa73115c266b9570a4fc
1 file changed
tree: 6418a3814718af24f4ae4746179574aa4068e20f
  1. keystore/
  2. keystore-engine/
  3. .clang-format
  4. Android.bp
  5. MODULE_LICENSE_APACHE2
  6. NOTICE
  7. OWNERS
  8. PREUPLOAD.cfg