Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 729a3b95 authored by Catherine Vlasov's avatar Catherine Vlasov
Browse files

Fix algorithm name passed to key class constructor for "EdDSA" Ed25519 keys. 

Both the Ed25519 OID and "EdDSA" are accepted as valid algorithm names
for Ed25519 keys as of ag/35367814. The algorithm name should match
what's passed to the AndroidKeyStoreEdECPublicKey constructor.

Bug: 430870763
Flag: EXEMPT BUGFIX
Test: atest CtsKeyStoreTestCases:android.keystore.cts.Curve25519Test
Test: atest CtsKeyStoreTestCases:android.keystore.cts.KeyAttestationTest
Change-Id: I83c80066479d64b3b1fb799828886d4571b44727
parent 9ee322dc

keystore/java/android/security/keystore2/AndroidKeyStoreProvider.java

+6 −3
Original line number Diff line number Diff line
@@ -251,14 +251,17 @@ public class AndroidKeyStoreProvider extends Provider { 
        } else if (KeyProperties.KEY_ALGORITHM_RSA.equalsIgnoreCase(jcaKeyAlgorithm)) {

            return new AndroidKeyStoreRSAPublicKey(descriptor, metadata,

                    iSecurityLevel, (RSAPublicKey) publicKey);

        } else if (ED25519_OID.equalsIgnoreCase(jcaKeyAlgorithm)

                || EDDSA_ALGORITHM_NAME.equalsIgnoreCase(jcaKeyAlgorithm)) {

            // This condition should be updated to only accept "EdDSA" as the algorithm name once

        } else if (ED25519_OID.equalsIgnoreCase(jcaKeyAlgorithm)) {

            // This branch should be removed once

            // https://github.com/google/conscrypt/commit/5473d34964ce77ab2594ae0cc0ecf74931f28cc3

            // is merged into Android.

            final byte[] publicKeyEncoded = publicKey.getEncoded();

            return new AndroidKeyStoreEdECPublicKey(descriptor, metadata, ED25519_OID,

                    iSecurityLevel, publicKeyEncoded);

        } else if (EDDSA_ALGORITHM_NAME.equalsIgnoreCase(jcaKeyAlgorithm)) {

            final byte[] publicKeyEncoded = publicKey.getEncoded();

            return new AndroidKeyStoreEdECPublicKey(descriptor, metadata, EDDSA_ALGORITHM_NAME,

                    iSecurityLevel, publicKeyEncoded);

        } else if (X25519_ALIAS.equalsIgnoreCase(jcaKeyAlgorithm)) {

            return new AndroidKeyStoreXDHPublicKey(descriptor, metadata, X25519_ALIAS,

                    iSecurityLevel, publicKey.getEncoded());