Reject too-large key attestation challenges.

Attestation certificates include an app-provided challenge value, which
is defined in the documentation as an arbitrary byte array between 0 and
128 bytes in length, inclusive. SoftKeymaster does not restrict the
length of challenge values during key attestation, and it should.

Bug: 28369352
Change-Id: Ibf16fb93f3bc82783bcc7736eb6de789be70d7a8

1 files changed, 9 insertions, 0 deletions

diff --git a/soft_keymaster_device.cpp b/soft_keymaster_device.cpp
index d6c9e6b..eddbc5d 100644
--- a/soft_keymaster_device.cpp
+++ b/soft_keymaster_device.cpp
@@ -73,6 +73,7 @@ struct keystore_module soft_keymaster2_device_module = {
 
 namespace keymaster {
 
+const size_t kMaximumAttestationChallengeLength = 128;
 const size_t kOperationTableSize = 16;
 
 template <typename T> std::vector<T> make_vector(const T* array, size_t len) {
@@ -1060,6 +1061,14 @@ keymaster_error_t SoftKeymasterDevice::attest_key(const keymaster2_device_t* dev
     request.SetKeyMaterial(*key_to_attest);
     request.attest_params.Reinitialize(*attest_params);
 
+    keymaster_blob_t attestation_challenge = {};
+    request.attest_params.GetTagValue(TAG_ATTESTATION_CHALLENGE, &attestation_challenge);
+    if (attestation_challenge.data_length > kMaximumAttestationChallengeLength) {
+        LOG_E("%d-byte attestation challenge; only %d bytes allowed",
+              attestation_challenge.data_length, kMaximumAttestationChallengeLength);
+        return KM_ERROR_INVALID_INPUT_LENGTH;
+    }
+
     AttestKeyResponse response;
     convert_device(dev)->impl_->AttestKey(request, &response);
     if (response.error != KM_ERROR_OK)