Encrypt AES-256 keystore master keys.
ag/5984229 that added support for AES-256 master keys inadvertently
caused them not to be encyrpted by the user's password. This is less
damaging to security than it might appear because these keys are also
encrypted by Keymaster, in the TEE or StrongBox.
Test: Manually verify password is encryption on a userdebug build.
(cherry picked from commit b951bc53174bc583e7b76c40982aa82da8b01854)
1 file changed