Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 8cbd940d authored by Jaeyoon Lee's avatar Jaeyoon Lee
Browse files

Insert DEFAULT_MGF1_DIGEST SHA-1 on MGF_DIGEST tag when ImportWrappedKey 



SecureKeyImport is failed because of MGF_DIGEST tag mismatch.
wrapping key has MGF_DIGEST tag when generate or import key
but importWrappedKey logic does not have MGF_DIGEST tag on WrappedKeyEntry
So MGF_DIGEST tat mismatch error occur when decrypt wrapped key using wrapping key

Insert SHA-1 value on MGF_DIGEST tag because ImportWrappedKey should have spcified format
that keymint is compulsorily checking main digest SHA-256 and MGF digest SHA-1.

And MGF_DIGEST tag will add only wrappingkey has MGF_DIGEST value
in order not to affect keys generated prior to Android14.

Bug: 277853193
Test: android.keystore.cts.ImportWrappedKeyTest#testKeyStore_ImportWrappedKey
Change-Id: Id7229a763e3041ffbe73989a2bb24306b7beb7a5
Signed-off-by: default avatarJaeyoon Lee <joyful.lee@samsung.corp-partner.google.com>
parent a680cb9c

keystore/java/android/security/keystore2/AndroidKeyStoreSpi.java

+27 −0
Original line number Diff line number Diff line
@@ -36,6 +36,7 @@ import android.security.keystore.KeyProtection; 
import android.security.keystore.SecureKeyImportUnavailableException;

import android.security.keystore.WrappedKeyEntry;

import android.system.keystore2.AuthenticatorSpec;

import android.system.keystore2.Authorization;

import android.system.keystore2.Domain;

import android.system.keystore2.IKeystoreSecurityLevel;

import android.system.keystore2.KeyDescriptor;
@@ -960,6 +961,32 @@ public class AndroidKeyStoreSpi extends KeyStoreSpi { 
            authenticatorSpecs.add(authSpec);

        }



        if (parts.length > 2) {

            @KeyProperties.EncryptionPaddingEnum int padding =

                    KeyProperties.EncryptionPadding.toKeymaster(parts[2]);

            if (padding == KeymasterDefs.KM_PAD_RSA_OAEP

                    && response.metadata != null

                    && response.metadata.authorizations != null) {

                Authorization[] keyCharacteristics = response.metadata.authorizations;



                for (Authorization authorization : keyCharacteristics) {

                    // Add default MGF1 digest SHA-1

                    // when wrapping key has KM_TAG_RSA_OAEP_MGF_DIGEST tag

                    if (authorization.keyParameter.tag

                            == KeymasterDefs.KM_TAG_RSA_OAEP_MGF_DIGEST) {

                        // Default MGF1 digest is SHA-1

                        // and KeyMint only supports default MGF1 digest crypto operations

                        // for importWrappedKey.

                        args.add(KeyStore2ParameterUtils.makeEnum(

                                KeymasterDefs.KM_TAG_RSA_OAEP_MGF_DIGEST,

                                KeyProperties.Digest.toKeymaster(DEFAULT_MGF1_DIGEST)

                        ));

                        break;

                    }

                }

            }

        }



        try {

            securityLevel.importWrappedKey(

                    wrappedKey, wrappingkey,