android key store entries cleaning

Asked 29/7, 2015 at 19:20 Answered 3/2, 2019 at 10:45

I have an app that uses AndroidKeystore, and I wanted to cleanup my app specific key entries from Android Key Store, when my app got uninstalled(so, app does not have much control to call deleteEntry).

I believe that android cleans up when my app got uninstalled, but I donno how to confirm. I could not find much info on clenaup on android-dev either.

Can anybody confirm or give help on how we be sure that an app's keystore entries will be deleted when that app is uninstalled ?

Zooplasty answered 29/7, 2015 at 19:20 Comment(0)

Yes, your keystore keys are automatically removed when your app is deleted. Specifically, whenever an app is deleted, PackageManagerService.removeKeyStoreDataIfNeeded is called. This calls KeyStoreService::clear_uid which finds and removes all key aliases for the specified app UID.

Influent answered 3/2, 2019 at 10:45 Comment(0)

Yes, the keys will be removed from AndroidKeyStore . In order tu assure it, you can use methods that create the key if it doesn't exist after KeyStore.getInstance() call and verify those are being called upon app-uninstall.

private static void init() throws KeyStoreException {

    keyStore = KeyStore.getInstance(ANDROID_KEY_STORE);
    try {
        keyStore = loadKeystore();
    } catch (CertificateException | IOException | NoSuchAlgorithmException e) {
        e.printStackTrace();
    }

    if (!keyStore.containsAlias(KEY_ALIAS)) {
        Log.w(Constants.TAG, "GENERATING KEYS");
        //KEY ABSENT, generate it

    }else{
        //EXISTING KEY
    }
}

Also see this reply

Eastlake answered 24/1, 2019 at 13:26 Comment(0)

Recommended topics

Hot tags