Merge "keystore_cli_v2 --prompt_text expects a UTF-8 string" into pi-dev

commit: b479003e6f1b9cbcc2ea9290f4388135236b2d0b [log] [tgz]
author: TreeHugger Robot <treehugger-gerrit@google.com> Thu Mar 29 23:46:27 2018 +0000
committer: Android (Google) Code Review <android-gerrit@google.com> Thu Mar 29 23:46:27 2018 +0000
tree: 27dd17df13b11ef767e238de7687ec80b623e27e
parent: 4a1da2f371de41a397a019020d402b95b0d9dd7e [diff]
parent: 1a8d580cf549050e1ac166d3c582aa7f21543633 [diff]
diff --git a/keystore/key_store_service.cpp b/keystore/key_store_service.cpp
index 1b927b8..3e8783b 100644
--- a/keystore/key_store_service.cpp
+++ b/keystore/key_store_service.cpp

@@ -818,6 +818,16 @@
     if (!error.isOk()) {
         ALOGE("Failed to generate key -> falling back to software keymaster");
         securityLevel = SecurityLevel::SOFTWARE;
+
+        // No fall back for 3DES
+        for (auto& param : params.getParameters()) {
+            auto algorithm = authorizationValue(TAG_ALGORITHM, param);
+            if (algorithm.isOk() && algorithm.value() == Algorithm::TRIPLE_DES) {
+                *aidl_return = static_cast<int32_t>(ErrorCode::UNSUPPORTED_ALGORITHM);
+                return Status::ok();
+            }
+        }
+
         auto fallback = mKeyStore->getFallbackDevice();
         if (!fallback) {
             *aidl_return = static_cast<int32_t>(error);
@@ -1031,6 +1041,16 @@
     if (!error.isOk()) {
         ALOGE("Failed to import key -> falling back to software keymaster");
         securityLevel = SecurityLevel::SOFTWARE;
+
+        // No fall back for 3DES
+        for (auto& param : params.getParameters()) {
+            auto algorithm = authorizationValue(TAG_ALGORITHM, param);
+            if (algorithm.isOk() && algorithm.value() == Algorithm::TRIPLE_DES) {
+                *aidl_return = static_cast<int32_t>(ErrorCode::UNSUPPORTED_ALGORITHM);
+                return Status::ok();
+            }
+        }
+
         auto fallback = mKeyStore->getFallbackDevice();
         if (!fallback) {
             *aidl_return = static_cast<int32_t>(error);
commit	b479003e6f1b9cbcc2ea9290f4388135236b2d0b	[log] [tgz]
author	TreeHugger Robot <treehugger-gerrit@google.com>	Thu Mar 29 23:46:27 2018 +0000
committer	Android (Google) Code Review <android-gerrit@google.com>	Thu Mar 29 23:46:27 2018 +0000
tree	27dd17df13b11ef767e238de7687ec80b623e27e
parent	4a1da2f371de41a397a019020d402b95b0d9dd7e [diff]
parent	1a8d580cf549050e1ac166d3c582aa7f21543633 [diff]