commit c6b8907a322adc6e0861346ae2749a4e05703659
author David Drysdale <drysdale@google.com> Tue Dec 14 14:32:51 2021 +0000
committer David Drysdale <drysdale@google.com> Thu Jan 13 09:13:08 2022 +0000
tree 90467a2a5bec29ac45547becb4c8115e16326a68
parent ac91c7c9dde8b5123c13c8a5927a33e74c7dc64b

Alter spec text for RSA-PSS to match reality

The Key{Mint,Master} spec previously said that RSA-PSS mode should use
SHA-1 for the MGF1 digest, separately from whatever Tag::DIGEST gets
specified as the main digest.

However, both the reference implementation and the VTS/CTS tests
use BoringSSL's defaults, which is to re-use the main digest as the MGF1
digest if none is separately specified.

Given that this behaviour is embedded in many implementations over
several years (and given that there isn't a security implication),
change the spec to match this behaviour.  Also update the VTS test
code to make this clear/obvious.

Test: VtsAidlKeyMintTargetTest, VtsHalKeymasterV4_0TargetTest
Bug: 210424594
Merged-In: I4303f28d094ef4d4b9dc931d6728b1fa040de20d
Change-Id: I4303f28d094ef4d4b9dc931d6728b1fa040de20d

current.txt

diff --git a/current.txt b/current.txt
index 21ee123..7718b98 100644
--- a/current.txt
+++ b/current.txt
@@ -903,6 +903,7 @@
 
 # ABI preserving changes to HALs during Android T
 62ace52d9c3ff1f60f94118557a2aaf0b953513e59dcd34d5f94ae28d4c7e780 android.hardware.fastboot@1.0::IFastboot
+d0fb32f3ddeb9af7115ab32905225ea69b930d2472be8e9610f0cf136c15aefb android.hardware.keymaster@4.0::IKeymasterDevice # b/210424594
 ca62a2a95d173ed323309e5e00f653ad3cceec82a6e5e4976a249cb5aafe2515 android.hardware.neuralnetworks@1.2::types
 fa76bced6b1b71c40fc706c508a9011284c57f57831cd0cf5f45653ed4ea463e android.hardware.neuralnetworks@1.3::types