From e8a6bffec0c965393ad414aec02854102de7d13c Mon Sep 17 00:00:00 2001 From: David Zeuthen Date: Thu, 13 Feb 2020 15:24:09 -0500 Subject: Update counters for session encryption to start at 1. The DIS version of 18013-5 now specifically says The first encryption with a key shall use a counter value of 1. For each following encryption the counter value shall be increased by 1. in section '9.2.1.4 Mechanism". The previous version said The counter value is an unsigned integer, which starts at 0 for both the mDL and the mDL Reader. For each encryption the counter value shall be increased by 1. which for some strange reason was interpreted by someone to mean that counters should start at 1. Update our implementation to use 1 as now called for by the standard. Bug: 111446262 Test: atest android.security.identity.cts Change-Id: I09d1216713d57b54036e4f9aa6677dfa5713133c --- .../java/android/security/identity/CredstoreIdentityCredential.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'identity') diff --git a/identity/java/android/security/identity/CredstoreIdentityCredential.java b/identity/java/android/security/identity/CredstoreIdentityCredential.java index c520331ab72d..7c0af6def696 100644 --- a/identity/java/android/security/identity/CredstoreIdentityCredential.java +++ b/identity/java/android/security/identity/CredstoreIdentityCredential.java @@ -152,8 +152,8 @@ class CredstoreIdentityCredential extends IdentityCredential { derivedKey = Util.computeHkdf("HmacSha256", sharedSecret, salt, info, 32); mReaderSecretKey = new SecretKeySpec(derivedKey, "AES"); - mEphemeralCounter = 0; - mReadersExpectedEphemeralCounter = 0; + mEphemeralCounter = 1; + mReadersExpectedEphemeralCounter = 1; } catch (NoSuchAlgorithmException e) { throw new RuntimeException("Error performing key agreement", e); -- cgit v1.2.3