Merge pull request #233 from subrahmanyaman/import_wrapped_key_fix

Unwrapping params should have SH256 and RSA_OAEP as digest and padding
divegeek · Nov 1, 2022 · b9dae94 · b9dae94
2 parents aa81641 + 547ab3f
commit b9dae94
Showing 1 changed file with 9 additions and 0 deletions.
diff --git a/Applet/src/com/android/javacard/keymaster/KMKeymasterApplet.java b/Applet/src/com/android/javacard/keymaster/KMKeymasterApplet.java
@@ -1362,6 +1362,15 @@ private void validateWrappingKeyBlob(){
     if (!KMEnumArrayTag.contains(KMType.PURPOSE, KMType.WRAP_KEY, data[HW_PARAMETERS])) {
       KMException.throwIt((KMError.INCOMPATIBLE_PURPOSE));
     }
+
+    // Check that the digest and padding mode specified in unwrapping  parameters are SHA2_256
+    // and RSA_OAEP respectively.
+    if (!KMEnumArrayTag.contains(KMType.DIGEST, KMType.SHA2_256, data[KEY_PARAMETERS])) {
+      KMException.throwIt(KMError.INCOMPATIBLE_DIGEST);
+    }
+    if (!KMEnumArrayTag.contains(KMType.PADDING, KMType.RSA_OAEP, data[KEY_PARAMETERS])) {
+      KMException.throwIt(KMError.INCOMPATIBLE_PADDING_MODE);
+    }
   }
 
   private short decryptTransportKey(short privExp, short modulus, short transportKey, byte[] scratchPad){