Google Git
Sign in
android / platform / system / security / debf1d8
commitdebf1d8363a603c97bb92643871e7c6f36ac953d[log] [tgz]
authorShawn Willden <swillden@google.com>Wed Oct 02 08:58:22 2019 -0600
committerandroid-build-team Robot <android-build-team-robot@google.com>Fri Oct 11 18:52:17 2019 +0000
treebc2a830603fa5eac10b4442df27ecaa7f01e9b85
parent0d466c94a81eec5a701748ff7526a2e3515b3c97 [diff]
Encrypt AES-256 keystore master keys.

ag/5984229 that added support for AES-256 master keys inadvertently
caused them not to be encyrpted by the user's password.  This is less
damaging to security than it might appear because these keys are also
encrypted by Keymaster, in the TEE or StrongBox.

Bug: 141955555
Test:  Manually verify password is encryption on a userdebug build.
Change-Id: Ic5e82546df67346e4c348273cf4fe2bac382c9dc
(cherry picked from commit b951bc53174bc583e7b76c40982aa82da8b01854)
1 file changed
tree: bc2a830603fa5eac10b4442df27ecaa7f01e9b85
  1. keystore/
  2. keystore-engine/
  3. .clang-format
  4. Android.bp
  5. MODULE_LICENSE_APACHE2
  6. NOTICE
  7. OWNERS
  8. PREUPLOAD.cfg