diff options
author | Shawn Willden <swillden@google.com> | 2018-01-08 10:00:29 -0700 |
---|---|---|
committer | Shawn Willden <swillden@google.com> | 2018-01-08 10:00:29 -0700 |
commit | ed45c3c8bab0de7d974c801ec553e8927aa678d9 (patch) | |
tree | b9d237f615222920b11760cfab7878f630260a57 | |
parent | 4d4e832752e5d3ae2a67b40dd4ebe7828c1d419b (diff) | |
download | keymaster-ed45c3c8bab0de7d974c801ec553e8927aa678d9.tar.gz |
Fix potential DoS on devices with old keymaster1 hardware.
The Keymaster1 specification allows implementations to provide less
than the full suite of digest algorithms. At minimum they need only
provide SHA256. If keystore detects that keymaster1 hardware provides
less than a full set, it creates a software keymaster wrapper around
the hardware. If an operation requests a digest algorithm that the
hardware does not support, the wrapper performs the digesting in
software and passes the pre-digested data to the hardware for the
final operation.
Each of these two keymaster instances (the software wrapper and the
wrapped hardware) manage their own operation table. The hardware
needs its table to figure out which in-progress operation to update or
finish. The software wrapper needs its table to figure out which
hardware operation handle to forward to the hardware for update or
finish. Note that the software wrapper's table is only used for
operations that require software digesting.
The bug causes the software wrapper to fail to remove entries from its
table when they're completed. After 16 such operations the table is
full, preventing any future operations from being started until the
device is rebooted.
Test: CTS
Bug: 71703554
Change-Id: Ifc1e2a9af9532e6a8f1cd3d0ad3ca079f126a0b7
-rw-r--r-- | legacy_support/ecdsa_keymaster1_operation.h | 3 | ||||
-rw-r--r-- | legacy_support/rsa_keymaster1_operation.h | 3 |
2 files changed, 0 insertions, 6 deletions
diff --git a/legacy_support/ecdsa_keymaster1_operation.h b/legacy_support/ecdsa_keymaster1_operation.h index b2255d6..7257e42 100644 --- a/legacy_support/ecdsa_keymaster1_operation.h +++ b/legacy_support/ecdsa_keymaster1_operation.h @@ -38,7 +38,6 @@ class EcdsaKeymaster1WrappedOperation { keymaster_error_t Begin(EVP_PKEY* ecdsa_key, const AuthorizationSet& input_params); keymaster_error_t PrepareFinish(EVP_PKEY* ecdsa_key, const AuthorizationSet& input_params); - void Finish() { operation_handle_ = 0; } keymaster_error_t Abort(); keymaster_error_t GetError(EVP_PKEY* ecdsa_key); @@ -79,8 +78,6 @@ template <typename BaseOperation> class EcdsaKeymaster1Operation : public BaseOp error = super::Finish(input_params, input, signature, output_params, output); if (wrapped_operation_.GetError(super::ecdsa_key_) != KM_ERROR_OK) error = wrapped_operation_.GetError(super::ecdsa_key_); - if (error == KM_ERROR_OK) - wrapped_operation_.Finish(); return error; } diff --git a/legacy_support/rsa_keymaster1_operation.h b/legacy_support/rsa_keymaster1_operation.h index 54b5df7..209072f 100644 --- a/legacy_support/rsa_keymaster1_operation.h +++ b/legacy_support/rsa_keymaster1_operation.h @@ -38,7 +38,6 @@ class RsaKeymaster1WrappedOperation { keymaster_error_t Begin(EVP_PKEY* rsa_key, const AuthorizationSet& input_params); keymaster_error_t PrepareFinish(EVP_PKEY* rsa_key, const AuthorizationSet& input_params); - void Finish() { operation_handle_ = 0; } keymaster_error_t Abort(); keymaster_error_t GetError(EVP_PKEY* rsa_key); @@ -79,8 +78,6 @@ template <typename BaseOperation> class RsaKeymaster1Operation : public BaseOper error = super::Finish(input_params, input, signature, output_params, output); if (wrapped_operation_.GetError(super::rsa_key_) != KM_ERROR_OK) error = wrapped_operation_.GetError(super::rsa_key_); - if (error == KM_ERROR_OK) - wrapped_operation_.Finish(); return error; } |