Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / frameworks / base / 7599f1366e8a08781f415e73f65cf270aae36868
commit7599f1366e8a08781f415e73f65cf270aae36868[log] [tgz]
authorMark Rathjen <mrathjen@google.com>Mon Jan 23 14:15:54 2017 -0800
committerMark Rathjen <mrathjen@google.com>Mon Jan 23 19:06:41 2017 -0800
treee325af936fa989f2fe2762453c7a5be2dacc2dc7
parentea617597c78e3a28304a85cfb3f790e1e36bca76 [diff]
Resolve Android security comments for Android ID migration.

- Use 32 byte key instead of 16 byte.
- Use HMAC-SHA256 instead of SHA256 for ssaid generation.
- Update HMAC with all package signatures.
- Use delimiter in between digest arguments.

This change will cause the ssaid of non-legacy installed apps (apps installed
post Android ID migration OTA) to change after an uninstall and reinstall sequence.

Bug: 34395671
Test: Unit tests, CTS tests, Manual tests
Change-Id: I19dec57947368ee5000c2c630b1e4030d46a4ab3
3 files changed
tree: e325af936fa989f2fe2762453c7a5be2dacc2dc7
  1. apct-tests/
  2. api/
  3. cmds/
  4. core/
  5. data/
  6. docs/
  7. drm/
  8. graphics/
  9. keystore/
  10. legacy-test/
  11. libs/
  12. location/
  13. media/
  14. native/
  15. nfc-extras/
  16. obex/
  17. opengl/
  18. packages/
  19. proto/
  20. rs/
  21. samples/
  22. sax/
  23. services/
  24. telecomm/
  25. telephony/
  26. test-runner/
  27. tests/
  28. tools/
  29. wifi/
  30. Android.bp
  31. Android.mk
  32. CleanSpec.mk
  33. compiled-classes-phone
  34. MODULE_LICENSE_APACHE2
  35. NOTICE
  36. preloaded-classes
  37. PREUPLOAD.cfg