diff options
| author | Alex Klyubin <klyubin@google.com> | 2015-06-15 15:16:09 -0700 |
|---|---|---|
| committer | Alex Klyubin <klyubin@google.com> | 2015-06-15 15:22:19 -0700 |
| commit | f78dd677e991ba8f76f3a6d4272ff5deef3faa69 (patch) | |
| tree | d2e1720b1594e1d105da3d9a5cb4bfab12af6fe8 /keystore | |
| parent | 898be8bc76c873cf885d7bdf293b4f58563a1648 (diff) | |
| download | frameworks_base-f78dd677e991ba8f76f3a6d4272ff5deef3faa69.zip frameworks_base-f78dd677e991ba8f76f3a6d4272ff5deef3faa69.tar.gz frameworks_base-f78dd677e991ba8f76f3a6d4272ff5deef3faa69.tar.bz2 | |
Fix Android Keystore key gen for keys requiring user auth.
When Android Keystore generates an asymmetric key pair, it needs to
create a self-signed certificate for that pair, in order to expose
the key pair in the JCA KeyStore abstraction through which keys are
later retrieved. The self-signed certificate is normally signed with
the private key.
This CL avoids using the private key to sign the certificate if the
private key can be used only once the user has been authenticated.
For such keys, a fake (non-verifying) signature is used on the
certificate, same as for cases where the key is not authorized for
signing.
Bug: 21852844
Change-Id: Id78bc1f51d12950db4e37c1e0da6c60057d4e693
Diffstat (limited to 'keystore')
| -rw-r--r-- | keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java b/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java index b93424d..2de60fd 100644 --- a/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java +++ b/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java @@ -624,7 +624,7 @@ public abstract class AndroidKeyStoreKeyPairGeneratorSpi extends KeyPairGenerato int keySizeBits, KeyGenParameterSpec spec) { // Constraints: - // 1. Key must be authorized for signing. + // 1. Key must be authorized for signing without user authentication. // 2. Signature digest must be one of key's authorized digests. // 3. For RSA keys, the digest output size must not exceed modulus size minus space needed // for RSA PKCS#1 signature padding (about 29 bytes: minimum 10 bytes of padding + 15--19 @@ -636,6 +636,10 @@ public abstract class AndroidKeyStoreKeyPairGeneratorSpi extends KeyPairGenerato // Key not authorized for signing return null; } + if (spec.isUserAuthenticationRequired()) { + // Key not authorized for use without user authentication + return null; + } if (!spec.isDigestsSpecified()) { // Key not authorized for any digests -- can't sign return null; |