diff options
author | Alex Klyubin <klyubin@google.com> | 2015-06-17 13:58:00 -0700 |
---|---|---|
committer | Alex Klyubin <klyubin@google.com> | 2015-06-17 13:58:00 -0700 |
commit | 2e3aaa7dc1c40c0145e8d52422f2fb65799a3a60 (patch) | |
tree | 07f1102d5bcca558fe3f5a949d2efab4eb97a63b /keystore | |
parent | 97f4d3b40754e4496caeb29ee54c330d8bc9f2d7 (diff) | |
download | frameworks_base-2e3aaa7dc1c40c0145e8d52422f2fb65799a3a60.zip frameworks_base-2e3aaa7dc1c40c0145e8d52422f2fb65799a3a60.tar.gz frameworks_base-2e3aaa7dc1c40c0145e8d52422f2fb65799a3a60.tar.bz2 |
Remove unnecessary PKCS#1 authorization on legacy keys.
There is no need to authorize PKCS#1 signature padding scheme when
NONE padding scheme is authorized. NONE authorizes the use of any
padding scheme.
Bug: 18088752
Change-Id: I73ccb373d577c988acde372d972092278923c4e4
Diffstat (limited to 'keystore')
-rw-r--r-- | keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java | 5 | ||||
-rw-r--r-- | keystore/java/android/security/keystore/AndroidKeyStoreSpi.java | 5 |
2 files changed, 4 insertions, 6 deletions
diff --git a/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java b/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java index af05578..2055cdb 100644 --- a/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java +++ b/keystore/java/android/security/keystore/AndroidKeyStoreKeyPairGeneratorSpi.java @@ -226,9 +226,8 @@ public abstract class AndroidKeyStoreKeyPairGeneratorSpi extends KeyPairGenerato | KeyProperties.PURPOSE_VERIFY); // Authorized to be used with any digest (including no digest). specBuilder.setDigests(KeyProperties.DIGEST_NONE); - specBuilder.setSignaturePaddings( - KeyProperties.SIGNATURE_PADDING_RSA_PKCS1); - // Authorized to be used with any padding (including no padding). + // Authorized to be used with any encryption and signature padding + // scheme (including no padding). specBuilder.setEncryptionPaddings( KeyProperties.ENCRYPTION_PADDING_NONE); // Disable randomized encryption requirement to support encryption diff --git a/keystore/java/android/security/keystore/AndroidKeyStoreSpi.java b/keystore/java/android/security/keystore/AndroidKeyStoreSpi.java index 3bd9d1d..5fb589e 100644 --- a/keystore/java/android/security/keystore/AndroidKeyStoreSpi.java +++ b/keystore/java/android/security/keystore/AndroidKeyStoreSpi.java @@ -258,9 +258,8 @@ public class AndroidKeyStoreSpi extends KeyStoreSpi { | KeyProperties.PURPOSE_VERIFY); // Authorized to be used with any digest (including no digest). specBuilder.setDigests(KeyProperties.DIGEST_NONE); - specBuilder.setSignaturePaddings( - KeyProperties.SIGNATURE_PADDING_RSA_PKCS1); - // Authorized to be used with any padding (including no padding). + // Authorized to be used with any encryption and signature padding scheme (including no + // padding). specBuilder.setEncryptionPaddings( KeyProperties.ENCRYPTION_PADDING_NONE); // Disable randomized encryption requirement to support encryption padding NONE |