Require IND-CPA by default for new AndroidKeyStore keys.

Bug: 18088752 Change-Id: I01e44b7155df4326b5c9d83dda57f889c1f23ec7
author: Alex Klyubin <klyubin@google.com> 2015-04-08 13:36:22 -0700
committer: Alex Klyubin <klyubin@google.com> 2015-04-08 16:28:27 -0700
commit: f853f649981ed3cf2f1fbf1363a0932e9736daf6 (patch)
tree: 28bcbf8b3cfccddb3051803ed814329c96a063a0 /keystore/java/android/security/AndroidKeyStore.java
parent: c0d6b7cb752b50ed37197e15cc6f305a0038e61b (diff)
1 files changed, 16 insertions, 5 deletions
diff --git a/keystore/java/android/security/AndroidKeyStore.java b/keystore/java/android/security/AndroidKeyStore.java
index f72c7acd182b..55a8b4f971f3 100644
--- a/keystore/java/android/security/AndroidKeyStore.java
+++ b/keystore/java/android/security/AndroidKeyStore.java
@@ -512,12 +512,23 @@ public class AndroidKeyStore extends KeyStoreSpi {
             }
         }
 
-        int purposes = params.getPurposes();
+        @KeyStoreKeyConstraints.PurposeEnum int purposes = params.getPurposes();
+        @KeyStoreKeyConstraints.BlockModeEnum int blockModes = params.getBlockModes();
+        if (((purposes & KeyStoreKeyConstraints.Purpose.ENCRYPT) != 0)
+                && (params.isRandomizedEncryptionRequired())) {
+            @KeyStoreKeyConstraints.BlockModeEnum int incompatibleBlockModes =
+                    blockModes & ~KeyStoreKeyConstraints.BlockMode.IND_CPA_COMPATIBLE_MODES;
+            if (incompatibleBlockModes != 0) {
+                throw new KeyStoreException("Randomized encryption (IND-CPA) required but may be"
+                        + " violated by block mode(s): "
+                        + KeyStoreKeyConstraints.BlockMode.allToString(incompatibleBlockModes)
+                        + ". See KeyStoreParameter documentation.");
+            }
+        }
         for (int keymasterPurpose : KeyStoreKeyConstraints.Purpose.allToKeymaster(purposes)) {
             args.addInt(KeymasterDefs.KM_TAG_PURPOSE, keymasterPurpose);
         }
-        for (int keymasterBlockMode :
-            KeyStoreKeyConstraints.BlockMode.allToKeymaster(params.getBlockModes())) {
+        for (int keymasterBlockMode : KeyStoreKeyConstraints.BlockMode.allToKeymaster(blockModes)) {
             args.addInt(KeymasterDefs.KM_TAG_BLOCK_MODE, keymasterBlockMode);
         }
         for (int keymasterPadding :
@@ -549,8 +560,8 @@ public class AndroidKeyStore extends KeyStoreSpi {
         args.addInt(KeymasterDefs.KM_TAG_KEY_SIZE, keyMaterial.length * 8);
 
         if (((purposes & KeyStoreKeyConstraints.Purpose.ENCRYPT) != 0)
-                || ((purposes & KeyStoreKeyConstraints.Purpose.DECRYPT) != 0)) {
-            // Permit caller-specified IV. This is needed for the Cipher abstraction.
+                && (!params.isRandomizedEncryptionRequired())) {
+            // Permit caller-provided IV when encrypting with this key
             args.addBoolean(KeymasterDefs.KM_TAG_CALLER_NONCE);
         }
author	Alex Klyubin <klyubin@google.com>	2015-04-08 13:36:22 -0700
committer	Alex Klyubin <klyubin@google.com>	2015-04-08 16:28:27 -0700
commit	f853f649981ed3cf2f1fbf1363a0932e9736daf6 (patch)
tree	28bcbf8b3cfccddb3051803ed814329c96a063a0 /keystore/java/android/security/AndroidKeyStore.java
parent	c0d6b7cb752b50ed37197e15cc6f305a0038e61b (diff)