summaryrefslogtreecommitdiffstats
path: root/keystore
diff options
context:
space:
mode:
authorAlex Klyubin <klyubin@google.com>2015-06-17 13:58:00 -0700
committerAlex Klyubin <klyubin@google.com>2015-06-17 13:58:00 -0700
commit2e3aaa7dc1c40c0145e8d52422f2fb65799a3a60 (patch)
tree07f1102d5bcca558fe3f5a949d2efab4eb97a63b /keystore
parent97f4d3b40754e4496caeb29ee54c330d8bc9f2d7 (diff)
downloadframeworks_base-2e3aaa7dc1c40c0145e8d52422f2fb65799a3a60.zip
frameworks_base-2e3aaa7dc1c40c0145e8d52422f2fb65799a3a60.tar.gz
frameworks_base-2e3aaa7dc1c40c0145e8d52422f2fb65799a3a60.tar.bz2
Remove unnecessary PKCS#1 authorization on legacy keys.
There is no need to authorize PKCS#1 signature padding scheme when NONE padding scheme is authorized. NONE authorizes the use of any padding scheme. Bug: 18088752 Change-Id: I73ccb373d577c988acde372d972092278923c4e4
Diffstat (limited to 'keystore')
-rw-r--r--keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java5
-rw-r--r--keystore/java/android/security/keystore/AndroidKeyStoreSpi.java5
2 files changed, 4 insertions, 6 deletions
diff --git a/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java b/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java
index af05578..2055cdb 100644
--- a/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java
+++ b/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java
@@ -226,9 +226,8 @@ public abstract class AndroidKeyStoreKeyPairGeneratorSpi extends KeyPairGenerato
| KeyProperties.PURPOSE_VERIFY);
// Authorized to be used with any digest (including no digest).
specBuilder.setDigests(KeyProperties.DIGEST_NONE);
- specBuilder.setSignaturePaddings(
- KeyProperties.SIGNATURE_PADDING_RSA_PKCS1);
- // Authorized to be used with any padding (including no padding).
+ // Authorized to be used with any encryption and signature padding
+ // scheme (including no padding).
specBuilder.setEncryptionPaddings(
KeyProperties.ENCRYPTION_PADDING_NONE);
// Disable randomized encryption requirement to support encryption
diff --git a/keystore/java/android/security/keystore/AndroidKeyStoreSpi.java b/keystore/java/android/security/keystore/AndroidKeyStoreSpi.java
index 3bd9d1d..5fb589e 100644
--- a/keystore/java/android/security/keystore/AndroidKeyStoreSpi.java
+++ b/keystore/java/android/security/keystore/AndroidKeyStoreSpi.java
@@ -258,9 +258,8 @@ public class AndroidKeyStoreSpi extends KeyStoreSpi {
| KeyProperties.PURPOSE_VERIFY);
// Authorized to be used with any digest (including no digest).
specBuilder.setDigests(KeyProperties.DIGEST_NONE);
- specBuilder.setSignaturePaddings(
- KeyProperties.SIGNATURE_PADDING_RSA_PKCS1);
- // Authorized to be used with any padding (including no padding).
+ // Authorized to be used with any encryption and signature padding scheme (including no
+ // padding).
specBuilder.setEncryptionPaddings(
KeyProperties.ENCRYPTION_PADDING_NONE);
// Disable randomized encryption requirement to support encryption padding NONE