Reject AlgorithmParameters of wrong type.

This makes Android Keystore Cipher implementations reject rather than ignore AlgorithmParameters of wrong algorithm type. The danger in not doing so is that a Cipher will produce output that does not actually depend on the provided AlgorithmParameters. Bug: 22330716 Change-Id: Ifa9de2c74f2fe4b738a3731c895059dddd075a13
author: Alex Klyubin <klyubin@google.com> 2015-07-07 15:39:10 -0700
committer: Alex Klyubin <klyubin@google.com> 2015-07-07 15:39:10 -0700
commit: 5c38e7918aea36ee8f516793d5641b05a8de710e (patch)
tree: 155a7595bf30947878248930c949b41bf391f22b /keystore
parent: 46c272d6bfc0dd5bbeeb536a9057fa18b754f9ba (diff)
download: frameworks_base-5c38e7918aea36ee8f516793d5641b05a8de710e.zip
frameworks_base-5c38e7918aea36ee8f516793d5641b05a8de710e.tar.gz
frameworks_base-5c38e7918aea36ee8f516793d5641b05a8de710e.tar.bz2
2 files changed, 12 insertions, 0 deletions
diff --git a/keystore/java/android/security/keystore/AndroidKeyStoreAuthenticatedAESCipherSpi.java b/keystore/java/android/security/keystore/AndroidKeyStoreAuthenticatedAESCipherSpi.java
index 6411066..5459bea 100644
--- a/keystore/java/android/security/keystore/AndroidKeyStoreAuthenticatedAESCipherSpi.java
+++ b/keystore/java/android/security/keystore/AndroidKeyStoreAuthenticatedAESCipherSpi.java
@@ -129,6 +129,12 @@ abstract class AndroidKeyStoreAuthenticatedAESCipherSpi extends AndroidKeyStoreC
                 return;
             }
 
+            if (!"GCM".equalsIgnoreCase(params.getAlgorithm())) {
+                throw new InvalidAlgorithmParameterException(
+                        "Unsupported AlgorithmParameters algorithm: " + params.getAlgorithm()
+                        + ". Supported: GCM");
+            }
+
             GCMParameterSpec spec;
             try {
                 spec = params.getParameterSpec(GCMParameterSpec.class);
diff --git a/keystore/java/android/security/keystore/AndroidKeyStoreUnauthenticatedAESCipherSpi.java b/keystore/java/android/security/keystore/AndroidKeyStoreUnauthenticatedAESCipherSpi.java
index 486519c..1f1d36f 100644
--- a/keystore/java/android/security/keystore/AndroidKeyStoreUnauthenticatedAESCipherSpi.java
+++ b/keystore/java/android/security/keystore/AndroidKeyStoreUnauthenticatedAESCipherSpi.java
@@ -197,6 +197,12 @@ class AndroidKeyStoreUnauthenticatedAESCipherSpi extends AndroidKeyStoreCipherSp
             return;
         }
 
+        if (!"AES".equalsIgnoreCase(params.getAlgorithm())) {
+            throw new InvalidAlgorithmParameterException(
+                    "Unsupported AlgorithmParameters algorithm: " + params.getAlgorithm()
+                    + ". Supported: AES");
+        }
+
         IvParameterSpec ivSpec;
         try {
             ivSpec = params.getParameterSpec(IvParameterSpec.class);
author	Alex Klyubin <klyubin@google.com>	2015-07-07 15:39:10 -0700
committer	Alex Klyubin <klyubin@google.com>	2015-07-07 15:39:10 -0700
commit	5c38e7918aea36ee8f516793d5641b05a8de710e (patch)
tree	155a7595bf30947878248930c949b41bf391f22b /keystore
parent	46c272d6bfc0dd5bbeeb536a9057fa18b754f9ba (diff)
download	frameworks_base-5c38e7918aea36ee8f516793d5641b05a8de710e.zip frameworks_base-5c38e7918aea36ee8f516793d5641b05a8de710e.tar.gz frameworks_base-5c38e7918aea36ee8f516793d5641b05a8de710e.tar.bz2