Merge tag 'LA.QSSI.14.0.r1-17300-qssi.0' into uminekoumineko

"LA.QSSI.14.0.r1-17300-qssi.0" Change-Id: I0efc791d35aa9ed19e87e9ef543fa9b290d74fd7
author: alk3pInjection <webmaster@raspii.tech> 2024-09-27 15:12:48 +0800
committer: alk3pInjection <webmaster@raspii.tech> 2024-09-27 15:12:48 +0800
commit: d41f9c5d941204ddb6a03547f1b6d58b0d8390ca (patch)
tree: 09a5eb6e2b677b57d7dacd62ee480b5e43bdb7ce /keystore/java/android/security
parent: 16f0b7bf3a9d9f2cbf3a57d3bc4b377f283e6fbd (diff)
parent: 1269fa312b2b8775ef29c254bba9f617c9e2e08b (diff)
1 files changed, 22 insertions, 0 deletions
diff --git a/keystore/java/android/security/AndroidKeyStoreMaintenance.java b/keystore/java/android/security/AndroidKeyStoreMaintenance.java
index 919a93b8f107..b2d1755bb860 100644
--- a/keystore/java/android/security/AndroidKeyStoreMaintenance.java
+++ b/keystore/java/android/security/AndroidKeyStoreMaintenance.java
@@ -18,8 +18,10 @@ package android.security;
 
 import android.annotation.NonNull;
 import android.annotation.Nullable;
+import android.os.RemoteException;
 import android.os.ServiceManager;
 import android.os.ServiceSpecificException;
+import android.os.StrictMode;
 import android.security.maintenance.IKeystoreMaintenance;
 import android.system.keystore2.Domain;
 import android.system.keystore2.KeyDescriptor;
@@ -183,4 +185,24 @@ public class AndroidKeyStoreMaintenance {
             return SYSTEM_ERROR;
         }
     }
+
+    /**
+    * Deletes all keys in all KeyMint devices.
+    * Called by RecoverySystem before rebooting to recovery in order to delete all KeyMint keys,
+    * including synthetic password protector keys (used by LockSettingsService), as well as keys
+    * protecting DE and metadata encryption keys (used by vold). This ensures that FBE-encrypted
+    * data is unrecoverable even if the data wipe in recovery is interrupted or skipped.
+    */
+    public static void deleteAllKeys() throws KeyStoreException {
+        StrictMode.noteDiskWrite();
+        try {
+            getService().deleteAllKeys();
+        } catch (RemoteException | NullPointerException e) {
+            throw new KeyStoreException(SYSTEM_ERROR,
+                    "Failure to connect to Keystore while trying to delete all keys.");
+        } catch (ServiceSpecificException e) {
+            throw new KeyStoreException(e.errorCode,
+                    "Keystore error while trying to delete all keys.");
+        }
+    }
 }
author	alk3pInjection <webmaster@raspii.tech>	2024-09-27 15:12:48 +0800
committer	alk3pInjection <webmaster@raspii.tech>	2024-09-27 15:12:48 +0800
commit	d41f9c5d941204ddb6a03547f1b6d58b0d8390ca (patch)
tree	09a5eb6e2b677b57d7dacd62ee480b5e43bdb7ce /keystore/java/android/security
parent	16f0b7bf3a9d9f2cbf3a57d3bc4b377f283e6fbd (diff)
parent	1269fa312b2b8775ef29c254bba9f617c9e2e08b (diff)