Use keymasterSwEnforcedUserAuthenticators if keymasterHwEnforcedUserAuthenticators is zero.

Bug: 186562600 Test: atest android.appsecurity.cts.AuthBoundKeyTest#useInvalidatedAuthBoundKey Change-Id: I52a9c04b3e000416fb141d90d8d1f034348499de
author: Joshua Duong <joshuaduong@google.com> 2021-04-27 15:01:16 -0700
committer: Joshua Duong <joshuaduong@google.com> 2021-05-12 08:30:05 -0700
commit: 299345bb8e64e432bfa481ac09f7e21a426b9005 (patch)
tree: 5a78434934ea95aa94cb5b8b82fe8eb9c6714ae3
parent: 844e7e7f6b60047da704a5c4ad8405757c7b0157 (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/keystore/java/android/security/keystore2/AndroidKeyStoreSecretKeyFactorySpi.java b/keystore/java/android/security/keystore2/AndroidKeyStoreSecretKeyFactorySpi.java
index fe05989c3846..97592b44ba2e 100644
--- a/keystore/java/android/security/keystore2/AndroidKeyStoreSecretKeyFactorySpi.java
+++ b/keystore/java/android/security/keystore2/AndroidKeyStoreSecretKeyFactorySpi.java
@@ -252,7 +252,9 @@ public class AndroidKeyStoreSecretKeyFactorySpi extends SecretKeyFactorySpi {
                 blockModes,
                 userAuthenticationRequired,
                 (int) userAuthenticationValidityDurationSeconds,
-                keymasterHwEnforcedUserAuthenticators,
+                userAuthenticationRequirementEnforcedBySecureHardware
+                        ? keymasterHwEnforcedUserAuthenticators
+                        : keymasterSwEnforcedUserAuthenticators,
                 userAuthenticationRequirementEnforcedBySecureHardware,
                 userAuthenticationValidWhileOnBody,
                 trustedUserPresenceRequired,
author	Joshua Duong <joshuaduong@google.com>	2021-04-27 15:01:16 -0700
committer	Joshua Duong <joshuaduong@google.com>	2021-05-12 08:30:05 -0700
commit	299345bb8e64e432bfa481ac09f7e21a426b9005 (patch)
tree	5a78434934ea95aa94cb5b8b82fe8eb9c6714ae3
parent	844e7e7f6b60047da704a5c4ad8405757c7b0157 (diff)