Add KM_MIN_MAC_LENGTH tag to HMAC and AES-GCM keys.
This makes Android Keystore add the KM_MIN_MAC_LENGTH tag to generated and imported HMAC and AES-GCM keys. This tag specifies the minimum length of the MAC/authentication tag authorized to be used for the key. For HMAC keys the minimum MAC length is set to the length of the digest associated with the key (HMAC keys are authorized for exactly one digest). For AES keys the minimum authetication tag length is set to 96 bit. This is the minimum supported by Android Keystore's AES-GCM implementation. Bug: 22337277 Change-Id: Ic6e47cf084734d1592788dc58088889f7fff74eb
Loading
Please register or sign in to comment