Fix use of auth-bound keys after screen lock removal

When an auth-bound key is used after the screen lock has been removed by the user, KeyStore.begin retruns UNINITIALIZED. This patch adds handling for this error code, indicating that the key that was to be used was permanently invalidated. Bug: 65200397 Test: CtsVerifier ScreenLockBoundKeysTest: 1. Run test 2. with CtsVerifier in the background remove the screen lock through the settings dialog 3. Select VtsVerifier in 'recents' 4. Run test again Change-Id: If68ba0eb2f9c04655fe8c9eea28c4491eae8e92f (cherry picked from commit d07d338)
lin15-microG · Sep 12, 2017 · da5dae2 · da5dae2
1 parent ec02583
commit da5dae2
Showing 1 changed file with 2 additions and 0 deletions.
diff --git a/keystore/java/android/security/KeyStore.java b/keystore/java/android/security/KeyStore.java
@@ -754,6 +754,8 @@ public InvalidKeyException getInvalidKeyException(
                 // None of the key's SIDs can ever be authenticated
                 return new KeyPermanentlyInvalidatedException();
             }
+            case UNINITIALIZED:
+                return new KeyPermanentlyInvalidatedException();
             default:
                 return new InvalidKeyException("Keystore operation failed", e);
         }