Remove unnecessary PKCS#1 authorization on legacy keys.

There is no need to authorize PKCS#1 signature padding scheme when NONE padding scheme is authorized. NONE authorizes the use of any padding scheme. Bug: 18088752 Change-Id: I73ccb373d577c988acde372d972092278923c4e4
author: Alex Klyubin <klyubin@google.com> 2015-06-17 13:58:00 -0700
committer: Alex Klyubin <klyubin@google.com> 2015-06-17 13:58:00 -0700
commit: 2e3aaa7dc1c40c0145e8d52422f2fb65799a3a60 (patch)
tree: 07f1102d5bcca558fe3f5a949d2efab4eb97a63b /keystore
parent: 97f4d3b40754e4496caeb29ee54c330d8bc9f2d7 (diff)
download: frameworks_base-2e3aaa7dc1c40c0145e8d52422f2fb65799a3a60.zip
frameworks_base-2e3aaa7dc1c40c0145e8d52422f2fb65799a3a60.tar.gz
frameworks_base-2e3aaa7dc1c40c0145e8d52422f2fb65799a3a60.tar.bz2
2 files changed, 4 insertions, 6 deletions
diff --git a/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java b/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java
index af05578..2055cdb 100644
--- a/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java
+++ b/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java
@@ -226,9 +226,8 @@ public abstract class AndroidKeyStoreKeyPairGeneratorSpi extends KeyPairGenerato
                                     | KeyProperties.PURPOSE_VERIFY);
                             // Authorized to be used with any digest (including no digest).
                             specBuilder.setDigests(KeyProperties.DIGEST_NONE);
-                            specBuilder.setSignaturePaddings(
-                                    KeyProperties.SIGNATURE_PADDING_RSA_PKCS1);
-                            // Authorized to be used with any padding (including no padding).
+                            // Authorized to be used with any encryption and signature padding
+                            // scheme (including no padding).
                             specBuilder.setEncryptionPaddings(
                                     KeyProperties.ENCRYPTION_PADDING_NONE);
                             // Disable randomized encryption requirement to support encryption
diff --git a/keystore/java/android/security/keystore/AndroidKeyStoreSpi.java b/keystore/java/android/security/keystore/AndroidKeyStoreSpi.java
index 3bd9d1d..5fb589e 100644
--- a/keystore/java/android/security/keystore/AndroidKeyStoreSpi.java
+++ b/keystore/java/android/security/keystore/AndroidKeyStoreSpi.java
@@ -258,9 +258,8 @@ public class AndroidKeyStoreSpi extends KeyStoreSpi {
                             | KeyProperties.PURPOSE_VERIFY);
             // Authorized to be used with any digest (including no digest).
             specBuilder.setDigests(KeyProperties.DIGEST_NONE);
-            specBuilder.setSignaturePaddings(
-                    KeyProperties.SIGNATURE_PADDING_RSA_PKCS1);
-            // Authorized to be used with any padding (including no padding).
+            // Authorized to be used with any encryption and signature padding scheme (including no
+            // padding).
             specBuilder.setEncryptionPaddings(
                     KeyProperties.ENCRYPTION_PADDING_NONE);
             // Disable randomized encryption requirement to support encryption padding NONE
author	Alex Klyubin <klyubin@google.com>	2015-06-17 13:58:00 -0700
committer	Alex Klyubin <klyubin@google.com>	2015-06-17 13:58:00 -0700
commit	2e3aaa7dc1c40c0145e8d52422f2fb65799a3a60 (patch)
tree	07f1102d5bcca558fe3f5a949d2efab4eb97a63b /keystore
parent	97f4d3b40754e4496caeb29ee54c330d8bc9f2d7 (diff)
download	frameworks_base-2e3aaa7dc1c40c0145e8d52422f2fb65799a3a60.zip frameworks_base-2e3aaa7dc1c40c0145e8d52422f2fb65799a3a60.tar.gz frameworks_base-2e3aaa7dc1c40c0145e8d52422f2fb65799a3a60.tar.bz2