From d5dd5ebaedb530e928f82dfbd7db557200dd0d5e Mon Sep 17 00:00:00 2001
From: Janis Danisevskis <jdanis@google.com>
Date: Mon, 22 Feb 2021 21:39:34 -0800
Subject: Keystore 2.0: Clear Uid/Namesapce

Implement uid/namespace clearing for Keystore 2.0.

Test: Verified that keys get deleted when an app gets uninstalled.
Change-Id: I1b0b65e977177a6e34c500b00b5070ec18be2671
---
 keystore/java/android/security/KeyStore.java | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'keystore/java/android/security/KeyStore.java')

diff --git a/keystore/java/android/security/KeyStore.java b/keystore/java/android/security/KeyStore.java
index 198df40c7d7b..93658e69eac8 100644
--- a/keystore/java/android/security/KeyStore.java
+++ b/keystore/java/android/security/KeyStore.java
@@ -43,6 +43,7 @@ import android.security.keystore.KeyPermanentlyInvalidatedException;
 import android.security.keystore.KeyProperties;
 import android.security.keystore.KeystoreResponse;
 import android.security.keystore.UserNotAuthenticatedException;
+import android.system.keystore2.Domain;
 import android.util.Log;
 
 import com.android.internal.org.bouncycastle.asn1.ASN1InputStream;
@@ -466,6 +467,9 @@ public class KeyStore {
 
     public boolean clearUid(int uid) {
         try {
+            if (android.security.keystore2.AndroidKeyStoreProvider.isInstalled()) {
+                return AndroidKeyStoreMaintenance.clearNamespace(Domain.APP, uid) == 0;
+            }
             return mBinder.clear_uid(uid) == NO_ERROR;
         } catch (RemoteException e) {
             Log.w(TAG, "Cannot connect to keystore", e);
-- 
cgit v1.2.3