diff options
| author | 2023-04-20 18:09:01 +0100 | |
|---|---|---|
| committer | 2023-06-06 17:46:45 +0100 | |
| commit | 00698c83c6cd57fd5f23eacd0a4b5716ba311d5e (patch) | |
| tree | 08c15cd98f7241e45a08ce01d52d15473ebd990b /libs/androidfw/ApkParsing.cpp | |
| parent | 0501f85c580bd16d131a18b00b90022040c1a9b1 (diff) | |
Do not add the MGF Digest tag for upgraded keys
If a key does not have the MGF_DIGEST tag in its key characteristics,
do not include the MGF_DIGEST tag for it (even if the algorithm string
specifies it).
This fixes an issue with keys that were generated on Android 13, where
the MGF_DIGEST tag was not propagated from the SPI layer. Such keys will
not have the MGF_DIGEST tag and so it will not be added by the SPI layer
even if the algorithm string specifies it. This maintains Android 13's
(incorrect) behaviour of ignoring the MGF Digest specification, but is
necessary to use those keys (otherwise KeyMint will error out
on begin() due to an incompatible MGF digest specification).
Bug: 278157584
Test: atest CtsKeystoreWycheproofTestCases:com.google.security.wycheproof.RsaOaepTest
Merged-In: I0f1fa7983f9c771bec3196c6a617eb7044ac2e79
Change-Id: I6a4c15ca04aa78c2191d47394811ba9338ee7f0b
Diffstat (limited to 'libs/androidfw/ApkParsing.cpp')
0 files changed, 0 insertions, 0 deletions