Increase the master key size to 256 bits
NIAP certification finds that the 128 bit key size is insufficient
and requires a 256 bit key size. This change increases the
size of new master keys to 256 bits. Any existing master keys are
not changed and continue to be supported.
A new BlobType, TYPE_MASTER_KEY_AES256, is used to signal when a
key is the new larger size.
Bug: 121272336
Test: (1) Ran Keystore CTS tests against Walleye,
no new test failures observed.
(2) Created keys in build without change, moved to build
with change and verified old key could be loaded and
used. Also, a new key could be created with the
increased size and could be reloaded after a reboot.
Change-Id: Ie120f514bc1db7a8a9eeaaf842178bafe128ee19
Merged-In: If00331c303e6cc7bc95a2ab624d0e19bec4e587e
diff --git a/keystore/blob.cpp b/keystore/blob.cpp
index c8a9cbf..c3956f0 100644
--- a/keystore/blob.cpp
+++ b/keystore/blob.cpp
@@ -60,13 +60,28 @@
size_t mSize;
};
+/**
+ * Returns a EVP_CIPHER appropriate for the given key, based on the key's size.
+ */
+const EVP_CIPHER* getAesCipherForKey(const std::vector<uint8_t>& key) {
+ const EVP_CIPHER* cipher = EVP_aes_256_gcm();
+ if (key.size() == kAes128KeySizeBytes) {
+ cipher = EVP_aes_128_gcm();
+ }
+ return cipher;
+}
+
/*
- * Encrypt 'len' data at 'in' with AES-GCM, using 128-bit key at 'key', 96-bit IV at 'iv' and write
- * output to 'out' (which may be the same location as 'in') and 128-bit tag to 'tag'.
+ * Encrypt 'len' data at 'in' with AES-GCM, using 128-bit or 256-bit key at 'key', 96-bit IV at
+ * 'iv' and write output to 'out' (which may be the same location as 'in') and 128-bit tag to
+ * 'tag'.
*/
ResponseCode AES_gcm_encrypt(const uint8_t* in, uint8_t* out, size_t len,
const std::vector<uint8_t>& key, const uint8_t* iv, uint8_t* tag) {
- const EVP_CIPHER* cipher = EVP_aes_128_gcm();
+
+ // There can be 128-bit and 256-bit keys
+ const EVP_CIPHER* cipher = getAesCipherForKey(key);
+
EVP_CIPHER_CTX_Ptr ctx(EVP_CIPHER_CTX_new());
EVP_EncryptInit_ex(ctx.get(), cipher, nullptr /* engine */, key.data(), iv);
@@ -93,13 +108,17 @@
}
/*
- * Decrypt 'len' data at 'in' with AES-GCM, using 128-bit key at 'key', 96-bit IV at 'iv', checking
- * 128-bit tag at 'tag' and writing plaintext to 'out' (which may be the same location as 'in').
+ * Decrypt 'len' data at 'in' with AES-GCM, using 128-bit or 256-bit key at 'key', 96-bit IV at
+ * 'iv', checking 128-bit tag at 'tag' and writing plaintext to 'out'(which may be the same
+ * location as 'in').
*/
ResponseCode AES_gcm_decrypt(const uint8_t* in, uint8_t* out, size_t len,
const std::vector<uint8_t> key, const uint8_t* iv,
const uint8_t* tag) {
- const EVP_CIPHER* cipher = EVP_aes_128_gcm();
+
+ // There can be 128-bit and 256-bit keys
+ const EVP_CIPHER* cipher = getAesCipherForKey(key);
+
EVP_CIPHER_CTX_Ptr ctx(EVP_CIPHER_CTX_new());
EVP_DecryptInit_ex(ctx.get(), cipher, nullptr /* engine */, key.data(), iv);