diff options
| author | Shawn Willden <swillden@google.com> | 2015-07-16 18:15:45 -0600 |
|---|---|---|
| committer | Shawn Willden <swillden@google.com> | 2015-07-20 08:38:15 -0600 |
| commit | 53488c665d57bf64ed7cf45b72599cff29c517c3 (patch) | |
| tree | f1692ea70b9ab3c73547765ee993bec9a69e2ad0 | |
| parent | 9972a539acb4d17368ee607465d61b48acd71bde (diff) | |
| download | android_system_keymaster-53488c665d57bf64ed7cf45b72599cff29c517c3.tar.gz android_system_keymaster-53488c665d57bf64ed7cf45b72599cff29c517c3.tar.bz2 android_system_keymaster-53488c665d57bf64ed7cf45b72599cff29c517c3.zip | |
Use minimum 20 bytes salt for RSA PSS.
This is for compatibility with Bouncy Castle.
Bug: 22492259
Change-Id: I753e5fd223404ba960b6a35862bbd20f519f369b
| -rw-r--r-- | android_keymaster_test.cpp | 2 | ||||
| -rw-r--r-- | rsa_operation.cpp | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/android_keymaster_test.cpp b/android_keymaster_test.cpp index 3e9d125..9a76b1b 100644 --- a/android_keymaster_test.cpp +++ b/android_keymaster_test.cpp @@ -1373,7 +1373,7 @@ TEST_P(VerificationOperationsTest, RsaAllDigestAndPadCombinations) { key_bits = digest_bits + 8 * (11 + 19); break; case KM_PAD_RSA_PSS: - key_bits = digest_bits + 8 * 10; + key_bits = digest_bits + 22 * 8; break; default: FAIL() << "Missing padding"; diff --git a/rsa_operation.cpp b/rsa_operation.cpp index d9217fd..20ef45f 100644 --- a/rsa_operation.cpp +++ b/rsa_operation.cpp @@ -31,7 +31,7 @@ namespace keymaster { const size_t kPssOverhead = 2; -const size_t kMinPssSaltSize = 8; +const size_t kMinPssSaltSize = 20; // Overhead for PKCS#1 v1.5 signature padding of undigested messages. Digested messages have // additional overhead, for the digest algorithmIdentifier required by PKCS#1. |