Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit cb71d0b2 authored by TreeHugger Robot's avatar TreeHugger Robot Committed by Android (Google) Code Review
Browse files

Merge "Fix symmetric key generation in strongbox"

parents 48f92872 7aa04ef2

keystore/java/android/security/keystore/AndroidKeyStoreKeyGeneratorSpi.java

+9 −2
Original line number Diff line number Diff line
@@ -301,6 +301,9 @@ public abstract class AndroidKeyStoreKeyGeneratorSpi extends KeyGeneratorSpi { 
                KeyStoreCryptoOperationUtils.getRandomBytesToMixIntoKeystoreRng(

                        mRng, (mKeySizeBits + 7) / 8);

        int flags = 0;

        if (spec.isStrongBoxBacked()) {

            flags |= KeyStore.FLAG_STRONGBOX;

        }

        String keyAliasInKeystore = Credentials.USER_PRIVATE_KEY + spec.getKeystoreAlias();

        KeyCharacteristics resultingKeyCharacteristics = new KeyCharacteristics();

        boolean success = false;
@@ -314,9 +317,13 @@ public abstract class AndroidKeyStoreKeyGeneratorSpi extends KeyGeneratorSpi { 
                    flags,

                    resultingKeyCharacteristics);

            if (errorCode != KeyStore.NO_ERROR) {

                if (errorCode == KeyStore.HARDWARE_TYPE_UNAVAILABLE) {

                    throw new StrongBoxUnavailableException("Failed to generate key");

                } else {

                    throw new ProviderException(

                            "Keystore operation failed", KeyStore.getKeyStoreException(errorCode));

                }

            }

            @KeyProperties.KeyAlgorithmEnum String keyAlgorithmJCA;

            try {

                keyAlgorithmJCA = KeyProperties.KeyAlgorithm.fromKeymasterSecretKeyAlgorithm(