summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--keystore/java/android/security/keystore2/AndroidKeyStoreProvider.java10
1 files changed, 9 insertions, 1 deletions
diff --git a/keystore/java/android/security/keystore2/AndroidKeyStoreProvider.java b/keystore/java/android/security/keystore2/AndroidKeyStoreProvider.java
index 9947d34495ab..c55a781ce2a4 100644
--- a/keystore/java/android/security/keystore2/AndroidKeyStoreProvider.java
+++ b/keystore/java/android/security/keystore2/AndroidKeyStoreProvider.java
@@ -38,6 +38,7 @@ import java.security.PublicKey;
import java.security.Security;
import java.security.Signature;
import java.security.UnrecoverableKeyException;
+import java.security.cert.X509Certificate;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.RSAPublicKey;
@@ -221,7 +222,14 @@ public class AndroidKeyStoreProvider extends Provider {
}
final byte[] x509PublicCert = metadata.certificate;
- PublicKey publicKey = AndroidKeyStoreSpi.toCertificate(x509PublicCert).getPublicKey();
+ final X509Certificate parsedX509Certificate =
+ AndroidKeyStoreSpi.toCertificate(x509PublicCert);
+ if (parsedX509Certificate == null) {
+ throw new UnrecoverableKeyException("Failed to parse the X.509 certificate containing"
+ + " the public key. This likely indicates a hardware problem.");
+ }
+
+ PublicKey publicKey = parsedX509Certificate.getPublicKey();
String jcaKeyAlgorithm = publicKey.getAlgorithm();
generated by cgit v1.2.3-59-g8ed1b (git 2.39.0) at 2025-12-27 16:53:55 +0000