Merge "Reject too-large key attestation challenges." into nyc-dev

am: 32fabdcc35

* commit '32fabdcc35dfd138e01e39803b98ecf34a314244':
  Reject too-large key attestation challenges.

Change-Id: Iafb41716f5b7006f714648cb06cdbe45d0bf05da

1 files changed, 9 insertions, 0 deletions

diff --git a/soft_keymaster_device.cpp b/soft_keymaster_device.cpp
index d6c9e6b..eddbc5d 100644
--- a/soft_keymaster_device.cpp
+++ b/soft_keymaster_device.cpp
@@ -73,6 +73,7 @@ struct keystore_module soft_keymaster2_device_module = {
 
 namespace keymaster {
 
+const size_t kMaximumAttestationChallengeLength = 128;
 const size_t kOperationTableSize = 16;
 
 template <typename T> std::vector<T> make_vector(const T* array, size_t len) {
@@ -1060,6 +1061,14 @@ keymaster_error_t SoftKeymasterDevice::attest_key(const keymaster2_device_t* dev
     request.SetKeyMaterial(*key_to_attest);
     request.attest_params.Reinitialize(*attest_params);
 
+    keymaster_blob_t attestation_challenge = {};
+    request.attest_params.GetTagValue(TAG_ATTESTATION_CHALLENGE, &attestation_challenge);
+    if (attestation_challenge.data_length > kMaximumAttestationChallengeLength) {
+        LOG_E("%d-byte attestation challenge; only %d bytes allowed",
+              attestation_challenge.data_length, kMaximumAttestationChallengeLength);
+        return KM_ERROR_INVALID_INPUT_LENGTH;
+    }
+
     AttestKeyResponse response;
     convert_device(dev)->impl_->AttestKey(request, &response);
     if (response.error != KM_ERROR_OK)