On Thu, Jun 13, 2013 at 8:55 PM, Rex Ching <[email protected]> wrote: >... > static ResponseCode sign(KeyStore* keyStore, int sock, uid_t uid, Value* > keyName, Value* data, > ...... > ..... > params.digest_type = DIGEST_NONE; > params.padding_type = PADDING_NONE; > > The function would use the private RSA key from keystore to sign the > incoming data with NO PADDING option. This seems to be a well known > vulnerability to hackers if they can control the input (meaning if they root > device and can control the call the sign() API calls in keystore) If the device is rooted, your adversary will just egress the signing key. In this case, padding oracles probably do not apply.
Jeff -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/android-security-discuss. For more options, visit https://groups.google.com/groups/opt_out.
