The following problem was tested with android version 4.3 and a nexus 7
When using the KeyStore with Android version 4.3, the key are deleted after setting the lock screen to none, it doesn't matter if the lock screen was set none before.
To reproduce this, you can use the provided android sample located under
"sdk\samples\android-18\security\keystore\BasicAndroidKeyStore".
After running the application:
- List item
- sign (should be null)
- generate a key
- sign (will sign something)
- close the application
- start again
- sign (will sign something)
- set the Screen Lock to "none" (even if it was none before) (this is found under settings -> security -> Screen Security).
- go back to the application and try to sign again (will return null)
While examining the android source code i found out, that in line 639 the keystore seemed to be reseted. See: https://android.googlesource.com/platform/frameworks/base/+/52c489cd63cca0361f374f7cb392018fabfa8bcc/core/java/com/android/internal/widget/LockPatternUtils.java
Any one knows why this happens? I reported this to the android community https://code.google.com/p/android/issues/detail?id=60176
Edit: In the android version 4.2 you couldn't set the lock screen to none if some key's were saved. you had to delete your credential first before doing so.
