diff options
author | Alex Klyubin <klyubin@google.com> | 2015-04-15 17:20:23 -0700 |
---|---|---|
committer | Alex Klyubin <klyubin@google.com> | 2015-04-15 17:20:23 -0700 |
commit | a0d2dddc557326028169dac732eca0657de9cc4d (patch) | |
tree | 591565ec6b84ef1a22f924ac8d6f184d643f58b3 /keystore/java/android/security | |
parent | 7f72f74766fed73ae9816fec6031a199f70d1428 (diff) | |
download | frameworks_base-a0d2dddc557326028169dac732eca0657de9cc4d.zip frameworks_base-a0d2dddc557326028169dac732eca0657de9cc4d.tar.gz frameworks_base-a0d2dddc557326028169dac732eca0657de9cc4d.tar.bz2 |
Remove IV auto-generation workaround.
This workaround prevents use of keys with randomized encryption
(IND-CPA). Since randomized encryption is on by default, it's better
to keep it working and break non-randomized encryption (until
Keymaster is fixed).
Bug: 18088752
Change-Id: I4b11ce72cff705be41d3e66f28b507d6ddc1da79
Diffstat (limited to 'keystore/java/android/security')
-rw-r--r-- | keystore/java/android/security/KeyStoreCipherSpi.java | 18 |
1 files changed, 6 insertions, 12 deletions
diff --git a/keystore/java/android/security/KeyStoreCipherSpi.java b/keystore/java/android/security/KeyStoreCipherSpi.java index 7bc6378..37e00b2 100644 --- a/keystore/java/android/security/KeyStoreCipherSpi.java +++ b/keystore/java/android/security/KeyStoreCipherSpi.java @@ -547,18 +547,12 @@ public abstract class KeyStoreCipherSpi extends CipherSpi implements KeyStoreCry if (mIvRequired) { // IV is needed if ((mIv == null) && (mEncrypting)) { - // TODO: Switch to keymaster-generated IV code below once keymaster supports - // that. - // IV is needed but was not provided by the caller -- generate an IV. - mIv = new byte[mBlockSizeBytes]; - SecureRandom rng = (mRng != null) ? mRng : new SecureRandom(); - rng.nextBytes(mIv); -// // IV was not provided by the caller and thus will be generated by keymaster. -// // Mix in some additional entropy from the provided SecureRandom. -// if (mRng != null) { -// mAdditionalEntropyForBegin = new byte[mBlockSizeBytes]; -// mRng.nextBytes(mAdditionalEntropyForBegin); -// } + // IV was not provided by the caller and thus will be generated by keymaster. + // Mix in some additional entropy from the provided SecureRandom. + if (mRng != null) { + mAdditionalEntropyForBegin = new byte[mBlockSizeBytes]; + mRng.nextBytes(mAdditionalEntropyForBegin); + } } } } |