Dear Android security experts
I am a device developer working on a secured storage implementation on a
JB422 device.
I got a concern on a signature verificaiton vulnerability in the reference
implementation of Android's keystore daemon
Here is the code details:
static ResponseCode sign(KeyStore* keyStore, int sock, uid_t uid, Value*
keyName, Value* data,
......
.....
params.digest_type = DIGEST_NONE;
params.padding_type = PADDING_NONE;
The function would use the private RSA key from keystore to sign the
incoming data with NO PADDING option. This seems to be a well known
vulnerability to hackers if they can control the input (meaning if they
root device and can control the call the sign() API calls in keystore)
Some context here:
http://rdist.root.org/2009/10/06/why-rsa-encryption-padding-is-critical/
Wonder if any security experts from Android team can comment on this
implementation and if agreed, how we can fix that ?
Thanks
Rex
--
You received this message because you are subscribed to the Google Groups
"Android Security Discussions" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/android-security-discuss.
For more options, visit https://groups.google.com/groups/opt_out.
