Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_security / d0315735fdc56aa7e57746c413fe9cb0eeedd352^! / . / keystore / user_state.cpp
commitd0315735fdc56aa7e57746c413fe9cb0eeedd352[log] [tgz]
authorBranden Archer <brarcher@google.com>Thu Jan 10 14:56:05 2019 -0800
committerBranden Archer <brarcher@google.com>Thu Jan 10 17:01:14 2019 -0800
tree922158105fbbce1d52107fe1c6e9f27cd9c773d7
parentf5953d7ace12a7548503e0422c40dc176f46596b [diff] [blame]
Increase the master key size to 256 bits

NIAP certification finds that the 128 bit key size is insufficient
and requires a 256 bit key size. This change increases the
size of new master keys to 256 bits. Any existing master keys are
not changed and continue to be supported.

A new BlobType, TYPE_MASTER_KEY_AES256, is used to signal when a
key is the new larger size.

Bug: 121272336
Test: (1) Ran Keystore CTS tests against Walleye.
      (2) Created keys in build without change, moved to build
          with change and verified old key could be loaded and
	  used. Also, a new key could be created with the
	  increased size and could be reloaded after a reboot.
Change-Id: If00331c303e6cc7bc95a2ab624d0e19bec4e587e

diff --git a/keystore/user_state.cpp b/keystore/user_state.cpp
index 6026227..bc3f6d9 100644
--- a/keystore/user_state.cpp
+++ b/keystore/user_state.cpp

@@ -142,7 +142,8 @@
 ResponseCode UserState::writeMasterKey(const android::String8& pw) {
     std::vector<uint8_t> passwordKey(MASTER_KEY_SIZE_BYTES);
     generateKeyFromPassword(passwordKey, pw, mSalt);
-    Blob masterKeyBlob(mMasterKey.data(), mMasterKey.size(), mSalt, sizeof(mSalt), TYPE_MASTER_KEY);
+    Blob masterKeyBlob(mMasterKey.data(), mMasterKey.size(), mSalt, sizeof(mSalt),
+                       TYPE_MASTER_KEY_AES256);
     auto lockedEntry = LockedKeyBlobEntry::get(mMasterKeyEntry);
     return lockedEntry.writeBlobs(masterKeyBlob, {}, passwordKey, STATE_NO_ERROR);
 }
@@ -171,7 +172,12 @@
         salt = nullptr;
     }
 
-    std::vector<uint8_t> passwordKey(MASTER_KEY_SIZE_BYTES);
+    size_t masterKeySize = MASTER_KEY_SIZE_BYTES;
+    if (rawBlob.type == TYPE_MASTER_KEY) {
+        masterKeySize = SHA1_DIGEST_SIZE_BYTES;
+    }
+
+    std::vector<uint8_t> passwordKey(masterKeySize);
     generateKeyFromPassword(passwordKey, pw, salt);
     Blob masterKeyBlob, dummyBlob;
     ResponseCode response;
@@ -180,7 +186,10 @@
     if (response == ResponseCode::SYSTEM_ERROR) {
         return response;
     }
-    if (response == ResponseCode::NO_ERROR && masterKeyBlob.getLength() == MASTER_KEY_SIZE_BYTES) {
+
+    size_t masterKeyBlobLength = static_cast<size_t>(masterKeyBlob.getLength());
+
+    if (response == ResponseCode::NO_ERROR && masterKeyBlobLength == masterKeySize) {
         // If salt was missing, generate one and write a new master key file with the salt.
         if (salt == nullptr) {
             if (!generateSalt()) {