Fix encryption/decryption of large blocks.
There's a long-standing bug (since ~Marshmallow) that causes
AndroidKeyStore to truncate large (>64 KiB) blocks of data. This can
be avoided by callers by processing data in smaller chunks, and
smaller chunks are more memory-efficient while not being much (if any)
more time-efficient. But, Keystore should handle large blocks
correctly. This CL adds a test to all block cipher tests that
attempts to encrypt and then decrypt a 100 KiB block.
Bug: 123391046
Test: CtsKeystoreTestCases
Change-Id: I0c0286fd5360d4fe62cbd8130aa0c17f97318801
diff --git a/keystore/java/android/security/keystore/KeyStoreCryptoOperationChunkedStreamer.java b/keystore/java/android/security/keystore/KeyStoreCryptoOperationChunkedStreamer.java
index dbb79bc..e030478 100644
--- a/keystore/java/android/security/keystore/KeyStoreCryptoOperationChunkedStreamer.java
+++ b/keystore/java/android/security/keystore/KeyStoreCryptoOperationChunkedStreamer.java
@@ -162,15 +162,15 @@
}
if ((opResult.output != null) && (opResult.output.length > 0)) {
- if (inputLength > 0) {
+ if (inputLength + mBufferedLength > 0) {
// More output might be produced in this loop -- buffer the current output
if (bufferedOutput == null) {
bufferedOutput = new ByteArrayOutputStream();
- try {
- bufferedOutput.write(opResult.output);
- } catch (IOException e) {
- throw new ProviderException("Failed to buffer output", e);
- }
+ }
+ try {
+ bufferedOutput.write(opResult.output);
+ } catch (IOException e) {
+ throw new ProviderException("Failed to buffer output", e);
}
} else {
// No more output will be produced in this loop