Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 856aebe5 authored by Alex Klyubin's avatar Alex Klyubin
Browse files

Don't fail if self-signed certificate can't be signed. 

This makes Android Keystore's KeyPairGenerator fall back to generating
a self-signed certificate with an invalid/fake signature when the
attempt to generate a self-signed certificate with a valid signature
fails.

There is a growing number of reasons/authorizations due to which the
generated private key cannot be used to sign the self-signed
certificate. It's safer for KeyPairGenerator to succeed than to fail.

Bug: 22033161
Change-Id: I1ecbd421346166bfd536b5cfbaea169b11f0b1c8
parent 6d2268a5

keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java

+12 −4
Original line number Diff line number Diff line
@@ -515,15 +515,23 @@ public abstract class AndroidKeyStoreKeyPairGeneratorSpi extends KeyPairGenerato 
            return generateSelfSignedCertificateWithFakeSignature(publicKey);

        } else {

            // Key can be used to sign a certificate

            try {

                return generateSelfSignedCertificateWithValidSignature(

                        privateKey, publicKey, signatureAlgorithm);

            } catch (Exception e) {

                // Failed to generate the self-signed certificate with valid signature. Fall back

                // to generating a self-signed certificate with a fake signature. This is done for

                // all exception types because we prefer key pair generation to succeed and end up

                // producing a self-signed certificate with an invalid signature to key pair

                // generation failing.

                return generateSelfSignedCertificateWithFakeSignature(publicKey);

            }

        }

    }



    @SuppressWarnings("deprecation")

    private X509Certificate generateSelfSignedCertificateWithValidSignature(

            PrivateKey privateKey, PublicKey publicKey, String signatureAlgorithm)

                    throws Exception {

            PrivateKey privateKey, PublicKey publicKey, String signatureAlgorithm) throws Exception {

        final X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();

        certGen.setPublicKey(publicKey);

        certGen.setSerialNumber(mSpec.getCertificateSerialNumber());

keystore/java/android/security/keystore/KeyGenParameterSpec.java

+2 −0
Original line number Diff line number Diff line
@@ -71,6 +71,8 @@ import javax.security.auth.x500.X500Principal; 
 * <li>{@link KeyProperties#PURPOSE_SIGN},</li>

 * <li>operation without requiring the user to be authenticated (see

 * {@link Builder#setUserAuthenticationRequired(boolean)}),</li>

 * <li>signing/origination at this moment in time (see {@link Builder#setKeyValidityStart(Date)}

 * and {@link Builder#setKeyValidityForOriginationEnd(Date)}),</li>

 * <li>suitable digest or {@link KeyProperties#DIGEST_NONE},</li>

 * <li>(RSA keys only) padding scheme {@link KeyProperties#SIGNATURE_PADDING_RSA_PKCS1} or

 * {@link KeyProperties#ENCRYPTION_PADDING_NONE}.</li>