Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 1c380732 authored by Eran Messeri's avatar Eran Messeri Committed by Automerger Merge Worker
Browse files

Merge "Revert "Fix Rsa-Oaep operation begin on T+GSI build"" into main am:... 

Merge "Revert "Fix Rsa-Oaep operation begin on T+GSI build"" into main am: 64868fce am: 3ae1d733

Original change: https://android-review.googlesource.com/c/platform/frameworks/base/+/2661198



Change-Id: I109998eb6e64020d98dace1da77d9d03828b02ff
Signed-off-by: default avatarAutomerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
parents c772c1b3 3ae1d733

keystore/java/android/security/keystore2/AndroidKeyStoreRSACipherSpi.java

+5 −13
Original line number Original line Diff line number Diff line
@@ -18,7 +18,6 @@ package android.security.keystore2; 




import android.annotation.NonNull;

import android.annotation.NonNull;

import android.annotation.Nullable;

import android.annotation.Nullable;

import android.content.pm.PackageManager;

import android.hardware.security.keymint.KeyParameter;

import android.hardware.security.keymint.KeyParameter;

import android.security.keymaster.KeymasterDefs;

import android.security.keymaster.KeymasterDefs;

import android.security.keystore.KeyProperties;

import android.security.keystore.KeyProperties;
@@ -300,12 +299,6 @@ abstract class AndroidKeyStoreRSACipherSpi extends AndroidKeyStoreCipherSpiBase 
            return false;

            return false;

        }

        }





        private static boolean hasKeyMintV2() {

            PackageManager pm = android.app.AppGlobals.getInitialApplication().getPackageManager();

            return pm.hasSystemFeature(PackageManager.FEATURE_HARDWARE_KEYSTORE, 200)

                    && !pm.hasSystemFeature(PackageManager.FEATURE_HARDWARE_KEYSTORE, 300);

        }



        @Override

        @Override

        protected final void addAlgorithmSpecificParametersToBegin(

        protected final void addAlgorithmSpecificParametersToBegin(

                @NonNull List<KeyParameter> parameters, Authorization[] keyCharacteristics) {

                @NonNull List<KeyParameter> parameters, Authorization[] keyCharacteristics) {
@@ -314,12 +307,11 @@ abstract class AndroidKeyStoreRSACipherSpi extends AndroidKeyStoreCipherSpiBase 
                    KeymasterDefs.KM_TAG_DIGEST, mKeymasterDigest

                    KeymasterDefs.KM_TAG_DIGEST, mKeymasterDigest

            ));

            ));

            // Only add the KM_TAG_RSA_OAEP_MGF_DIGEST tag to begin() if the MGF Digest is

            // Only add the KM_TAG_RSA_OAEP_MGF_DIGEST tag to begin() if the MGF Digest is

            // present in the key properties or KeyMint version is 200. Keys generated prior to

            // present in the key properties. Keys generated prior to Android 14 did not have

            // Android 14 did not have this tag (Keystore didn't add it) and hence not present in

            // this tag (Keystore didn't add it) so specifying any MGF digest tag would cause

            // imported key as well, so specifying any MGF digest tag would cause a begin()

            // a begin() operation (on an Android 14 device) to fail (with a key that was generated

            // operation (on an Android 14 device) to fail (with a key that was generated on

            // on Android 13 or below).

            // Android 13 or below).

            if (isMgfDigestTagPresentInKeyProperties(keyCharacteristics)) {

            if (isMgfDigestTagPresentInKeyProperties(keyCharacteristics) || hasKeyMintV2()) {

                parameters.add(KeyStore2ParameterUtils.makeEnum(

                parameters.add(KeyStore2ParameterUtils.makeEnum(

                        KeymasterDefs.KM_TAG_RSA_OAEP_MGF_DIGEST, mKeymasterMgf1Digest

                        KeymasterDefs.KM_TAG_RSA_OAEP_MGF_DIGEST, mKeymasterMgf1Digest

                ));

                ));