Skip to content
Commit a95550f8 authored by Alex Klyubin's avatar Alex Klyubin
Browse files

Add KM_MIN_MAC_LENGTH tag to HMAC and AES-GCM keys. 

This makes Android Keystore add the KM_MIN_MAC_LENGTH tag to generated
and imported HMAC and AES-GCM keys. This tag specifies the minimum
length of the MAC/authentication tag authorized to be used for the
key.

For HMAC keys the minimum MAC length is set to the length of the
digest associated with the key (HMAC keys are authorized for exactly
one digest). For AES keys the minimum authetication tag length is set
to 96 bit. This is the minimum supported by Android Keystore's AES-GCM
implementation.

Bug: 22337277
Change-Id: Ic6e47cf084734d1592788dc58088889f7fff74eb
parent f7592b23
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment