diff options
| author | Alex Klyubin <klyubin@google.com> | 2015-06-12 12:16:45 -0700 |
|---|---|---|
| committer | Alex Klyubin <klyubin@google.com> | 2015-06-12 12:22:58 -0700 |
| commit | 7c475cc7c3f1159d5a8115382deb5332aca76144 (patch) | |
| tree | bd9472c76d5cf03320482e03b69f31e74c5d5a90 /keystore | |
| parent | 738241f93c066a2ef233dd0e12661bf808bfd915 (diff) | |
| download | frameworks_base-7c475cc7c3f1159d5a8115382deb5332aca76144.zip frameworks_base-7c475cc7c3f1159d5a8115382deb5332aca76144.tar.gz frameworks_base-7c475cc7c3f1159d5a8115382deb5332aca76144.tar.bz2 | |
Fix Android Keystore KeyPairGenerator for RSA PSS keys.
This fixes a bug where key pair generation fails for RSA signing keys
which are not authorized for PKCS#1 signature padding, such as keys
authorized only for the RSA PSS signature padding scheme.
The issue was that the KeyPairGenerator was failing when attempting to
sign the self-signed certificate (needed by Android Keystore) using
PKCS#1 padding for which such keys are not authorized. The solution is
to not attempt to sign these certificates and instead use a fake
signature.
Bug: 21809600
Change-Id: I4f04fcf78174937046d2534e0485c6940eae673f
Diffstat (limited to 'keystore')
| -rw-r--r-- | keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java b/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java index 35af34f..a6db228 100644 --- a/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java +++ b/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java @@ -703,6 +703,36 @@ public abstract class AndroidKeyStoreKeyPairGeneratorSpi extends KeyPairGenerato } case KeymasterDefs.KM_ALGORITHM_RSA: { + // Check whether this key is authorized for PKCS#1 signature padding. + // We use Bouncy Castle to generate self-signed RSA certificates. Bouncy Castle + // only supports RSA certificates signed using PKCS#1 padding scheme. The key needs + // to be authorized for PKCS#1 padding or padding NONE which means any padding. + boolean pkcs1SignaturePaddingSupported = false; + for (int keymasterPadding : KeyProperties.SignaturePadding.allToKeymaster( + spec.getSignaturePaddings())) { + if ((keymasterPadding == KeymasterDefs.KM_PAD_RSA_PKCS1_1_5_SIGN) + || (keymasterPadding == KeymasterDefs.KM_PAD_NONE)) { + pkcs1SignaturePaddingSupported = true; + break; + } + } + if (!pkcs1SignaturePaddingSupported) { + // Keymaster doesn't distinguish between encryption padding NONE and signature + // padding NONE. In the Android Keystore API only encryption padding NONE is + // exposed. + for (int keymasterPadding : KeyProperties.EncryptionPadding.allToKeymaster( + spec.getEncryptionPaddings())) { + if (keymasterPadding == KeymasterDefs.KM_PAD_NONE) { + pkcs1SignaturePaddingSupported = true; + break; + } + } + } + if (!pkcs1SignaturePaddingSupported) { + // Key not authorized for PKCS#1 signature padding -- can't sign + return null; + } + Set<Integer> availableKeymasterDigests = getAvailableKeymasterSignatureDigests( spec.getDigests(), AndroidKeyStoreBCWorkaroundProvider.getSupportedEcdsaSignatureDigests()); |