Google Git
Sign in
android / platform / frameworks / base / 05d046390769a8ba6f113ea6b191d9addf183627
commit05d046390769a8ba6f113ea6b191d9addf183627[log] [tgz]
authorEran Messeri <[email protected]>Thu Apr 20 18:09:01 2023 +0100
committerEran Messeri <[email protected]>Wed Apr 26 11:40:35 2023 +0100
tree90027ee5d491b372173c15547e43f55647e1eaac
parentb36fa7723ab2f105b532be74cbfa5cdb902a4b79 [diff]
Do not add the MGF Digest tag for upgraded keys

If a key does not have the MGF_DIGEST tag in its key characteristics,
do not include the MGF_DIGEST tag for it (even if the algorithm string
specifies it).

This fixes an issue with keys that were generated on Android 13, where
the MGF_DIGEST tag was not propagated from the SPI layer. Such keys will
not have the MGF_DIGEST tag and so it will not be added by the SPI layer
even if the algorithm string specifies it. This maintains Android 13's
(incorrect) behaviour of ignoring the MGF Digest specification, but is
necessary to use those keys (otherwise KeyMint will error out
on begin() due to an incompatible MGF digest specification).

Bug: 278157584
Test: atest CtsKeystoreWycheproofTestCases:com.google.security.wycheproof.RsaOaepTest
Change-Id: I0f1fa7983f9c771bec3196c6a617eb7044ac2e79
2 files changed
tree: 90027ee5d491b372173c15547e43f55647e1eaac
  1. .prebuilt_info/
  2. apct-tests/
  3. apex/
  4. api/
  5. boot/
  6. cmds/
  7. config/
  8. core/
  9. data/
  10. docs/
  11. drm/
  12. errorprone/
  13. graphics/
  14. identity/
  15. keystore/
  16. libs/
  17. location/
  18. media/
  19. mime/
  20. mms/
  21. native/
  22. nfc-extras/
  23. obex/
  24. omapi/
  25. opengl/
  26. packages/
  27. proto/
  28. rs/
  29. samples/
  30. sax/
  31. services/
  32. startop/
  33. telecomm/
  34. telephony/
  35. test-base/
  36. test-legacy/
  37. test-mock/
  38. test-runner/
  39. tests/
  40. tools/
  41. wifi/
  42. .clang-format
  43. .gitignore
  44. .mailmap
  45. Android.bp
  46. Android.mk
  47. ApiDocs.bp
  48. BATTERY_STATS_OWNERS
  49. BROADCASTS_OWNERS
  50. CleanSpec.mk
  51. framework-jarjar-rules.txt
  52. GAME_MANAGER_OWNERS
  53. INPUT_OWNERS
  54. lint-baseline.xml
  55. METADATA
  56. MODULE_LICENSE_APACHE2
  57. MULTIUSER_OWNERS
  58. NOTICE
  59. OWNERS
  60. OWNERS.md
  61. PACKAGE_MANAGER_OWNERS
  62. pathmap.mk
  63. PERFORMANCE_OWNERS
  64. PREUPLOAD.cfg
  65. ProtoLibraries.bp
  66. StubLibraries.bp
  67. TEST_MAPPING
  68. TestProtoLibraries.bp
  69. TRACE_OWNERS
  70. WEAR_OWNERS
  71. ZYGOTE_OWNERS