| 90d771fa1619463a872c26152e3f35168eeb1790 |
|
27-Mar-2017 |
Adam Vartanian <flooey@google.com> |
Throw an exception if CipherOutputStream's cipher does.
The upstream CipherOutputStream just suppresses outputting further
bytes when it gets an exception from the underlying cipher during
doFinal(), which means an invalid authentication tag will be silently
ignored. Instead, have it throw an exception in that case.
This could theoretically impact app compatibility, but it's unlikely
because this only impacts the case where an AEAD cipher is being
used and the tags don't actually verify, which should only happen in
the case that someone has tampered with the ciphertext. We also
consider it acceptable to break anyone relying on the behavior that
invalid ciphertexts are silently accepted, since that's inappropriate
behavior in the case of malicious tampering.
Bug: 36636576
Test: cts -m CtsLibcoreTestCases
(cherry picked from commit e5a6402f50561ef98d7d1fe55e4b8db67b247e69)
Change-Id: I7c9b936cd4ff61e0e045eb862152810c7201635c
|
| e5a6402f50561ef98d7d1fe55e4b8db67b247e69 |
|
27-Mar-2017 |
Adam Vartanian <flooey@google.com> |
Throw an exception if CipherOutputStream's cipher does.
The upstream CipherOutputStream just suppresses outputting further
bytes when it gets an exception from the underlying cipher during
doFinal(), which means an invalid authentication tag will be silently
ignored. Instead, have it throw an exception in that case.
This could theoretically impact app compatibility, but it's unlikely
because this only impacts the case where an AEAD cipher is being
used and the tags don't actually verify, which should only happen in
the case that someone has tampered with the ciphertext. We also
consider it acceptable to break anyone relying on the behavior that
invalid ciphertexts are silently accepted, since that's inappropriate
behavior in the case of malicious tampering.
Bug: 36636576
Test: cts -m CtsLibcoreTestCases
Change-Id: Ic087015ca3bef8683f23b86ee34b4ecd391e3bdb
|