From 7c3b65e9b184c975b77b2c202e0d675a6770bd2d Mon Sep 17 00:00:00 2001
From: Shawn Willden <swillden@google.com>
Date: Tue, 22 Nov 2016 06:53:02 -0700
Subject: [PATCH] Reject HMAC keys smaller than 64 bits.

Test: CTS test has been updated to verify this.
Change-Id: I6389d9fa2ff75d08a2223c789e5437190c4b82c6
---
 .../security/keystore/AndroidKeyStoreKeyGeneratorSpi.java    | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/keystore/java/android/security/keystore/AndroidKeyStoreKeyGeneratorSpi.java b/keystore/java/android/security/keystore/AndroidKeyStoreKeyGeneratorSpi.java
index b234d0f81a894..70f57b59e9917 100644
--- a/keystore/java/android/security/keystore/AndroidKeyStoreKeyGeneratorSpi.java
+++ b/keystore/java/android/security/keystore/AndroidKeyStoreKeyGeneratorSpi.java
@@ -199,6 +199,11 @@ public abstract class AndroidKeyStoreKeyGeneratorSpi extends KeyGeneratorSpi {
                 }
 
                 if (mKeymasterAlgorithm == KeymasterDefs.KM_ALGORITHM_HMAC) {
+                    if (mKeySizeBits < 64) {
+                        throw new InvalidAlgorithmParameterException(
+                            "HMAC key size must be at least 64 bits.");
+                    }
+
                     // JCA HMAC key algorithm implies a digest (e.g., HmacSHA256 key algorithm
                     // implies SHA-256 digest). Because keymaster HMAC key is authorized only for
                     // one digest, we don't let algorithm parameter spec override the digest implied