commit e489a0371ed8251bc80d0a0328767d568cb1da30
author Branden Archer <brarcher@google.com> Fri Dec 28 09:10:49 2018 -0800
committer Branden Archer <brarcher@google.com> Fri Jan 11 12:35:55 2019 -0800
tree e3fc13f5165f1e3f76b5e33bb719d2c10fe96433
parent f8feed620bd607427ded702cce91bb0eb749bc6a

Replace Entropy with RAND_bytes

/dev/urandom is not an approved random number generator
for NIAP certification. Changing to use BoringSSL's
RAND_bytes(), which is approved.

Bug: 121272336
Test: Ran Keystore CTS tests against Walleye, no new
      test failures observed.
Change-Id: I0fb87c955512074fa714c1986ce99063ab430470
Merged-In: I579d140ef56c90b477b0d8989e3b02375681aee8

keystore/user_state.cpp

diff --git a/keystore/user_state.cpp b/keystore/user_state.cpp
index 5f9cd5f..b62598d 100644
--- a/keystore/user_state.cpp
+++ b/keystore/user_state.cpp
@@ -25,6 +25,7 @@
 #include <sys/stat.h>
 
 #include <openssl/evp.h>
+#include <openssl/rand.h>
 
 #include <cutils/log.h>
 
@@ -76,11 +77,11 @@
     return unlink(mMasterKeyFile) == 0 || errno == ENOENT;
 }
 
-ResponseCode UserState::initialize(const android::String8& pw, Entropy* entropy) {
-    if (!generateMasterKey(entropy)) {
+ResponseCode UserState::initialize(const android::String8& pw) {
+    if (!generateMasterKey()) {
         return ResponseCode::SYSTEM_ERROR;
     }
-    ResponseCode response = writeMasterKey(pw, entropy);
+    ResponseCode response = writeMasterKey(pw);
     if (response != ResponseCode::NO_ERROR) {
         return response;
     }
@@ -130,14 +131,14 @@
     return ResponseCode::NO_ERROR;
 }
 
-ResponseCode UserState::writeMasterKey(const android::String8& pw, Entropy* entropy) {
+ResponseCode UserState::writeMasterKey(const android::String8& pw) {
     uint8_t passwordKey[MASTER_KEY_SIZE_BYTES];
     generateKeyFromPassword(passwordKey, MASTER_KEY_SIZE_BYTES, pw, mSalt);
     Blob masterKeyBlob(mMasterKey, sizeof(mMasterKey), mSalt, sizeof(mSalt), TYPE_MASTER_KEY);
-    return masterKeyBlob.writeBlob(mMasterKeyFile, passwordKey, STATE_NO_ERROR, entropy);
+    return masterKeyBlob.writeBlob(mMasterKeyFile, passwordKey, STATE_NO_ERROR);
 }
 
-ResponseCode UserState::readMasterKey(const android::String8& pw, Entropy* entropy) {
+ResponseCode UserState::readMasterKey(const android::String8& pw) {
     int in = TEMP_FAILURE_RETRY(open(mMasterKeyFile, O_RDONLY));
     if (in < 0) {
         return ResponseCode::SYSTEM_ERROR;
@@ -167,10 +168,10 @@
     if (response == ResponseCode::NO_ERROR && masterKeyBlob.getLength() == MASTER_KEY_SIZE_BYTES) {
         // If salt was missing, generate one and write a new master key file with the salt.
         if (salt == NULL) {
-            if (!generateSalt(entropy)) {
+            if (!generateSalt()) {
                 return ResponseCode::SYSTEM_ERROR;
             }
-            response = writeMasterKey(pw, entropy);
+            response = writeMasterKey(pw);
         }
         if (response == ResponseCode::NO_ERROR) {
             memcpy(mMasterKey, masterKeyBlob.getValue(), MASTER_KEY_SIZE_BYTES);
@@ -237,15 +238,15 @@
                            8192, keySize, key);
 }
 
-bool UserState::generateSalt(Entropy* entropy) {
-    return entropy->generate_random_data(mSalt, sizeof(mSalt));
+bool UserState::generateSalt() {
+    return RAND_bytes(mSalt, sizeof(mSalt));
 }
 
-bool UserState::generateMasterKey(Entropy* entropy) {
-    if (!entropy->generate_random_data(mMasterKey, sizeof(mMasterKey))) {
+bool UserState::generateMasterKey() {
+    if (!RAND_bytes(mMasterKey, sizeof(mMasterKey))) {
         return false;
     }
-    if (!generateSalt(entropy)) {
+    if (!generateSalt()) {
         return false;
     }
     return true;