Re-post from https://support.google.com/googleplay/android-developer/thread/277993015 as Google Support FAQ answer 9450925 states to post this here.
Since a while we’re hit by the “Your app contains unsafe cryptographic encryption patterns.” / Unsafe encryption error / “Security and Trust issue” in the Google Play console as well. We ignored that at first as we saw class and method referenced an AES-CMAC implementation.
See:
- “The AES-CMAC Algorithm” https://www.rfc-editor.org/rfc/rfc4493.html from 2006
- NIST publication NIST SP-800 38B https://csrc.nist.gov/pubs/sp/800/38/b/upd1/final
- high-level at https://en.wikipedia.org/wiki/One-key_MAC
for the details. We hoped this would be reviewed and fixed – but didn’t happen for years.
Obviously the app scanner has been designed without knowledge of the interiors of a Cipher-MAC. The operations in the initializer include the generation of a sub-key. Exactly this involves the encryption of a blocksized (16-byte for AES) ALL-ZEROES byte array.
See section 2.3 and figure 2.2 of RFC 4493:
Constants: const_Zero is 0x00000000000000000000000000000000
const_Rb is 0x00000000000000000000000000000087
Variables: L for output of AES-128 applied to 0^128
Step 1. L := AES-128(K, const_Zero)
Step 2. if MSB(L) is equal to 0
then K1 := L << 1;
else K1 := (L << 1) XOR const_Rb;
Step 3. if MSB(K1) is equal to 0
then K2 := K1 << 1;
else K2 := (K1 << 1) XOR const_Rb;
Step 4. return K1, K2;
No, it is not a remediation to use Jetpack Security or EncryptedSharedPreferences – especially as this functionality is not provided there and it is a complete false alarm.
So, the FAQ answer is invalid here.
Yes, this functionality is vital for the app as the infrastructure around requires this in
standards as well:
- BSI TR-03110-3 section A.1.1 https://www.bsi.bund.de/dok/TR-03110-en
- BSI TR-03111 section 5.3.1.2 https://www.bsi.bund.de/dok/TR-03111-en
- ANSSI eIDAS https://cyber.gouv.fr/en/publications/electronic-identity-technical-specifications-eidas
and more.
My questions: 1) who is responsible for this? 2) when will this be fixed?
Thanks & best regards,
Christian
ck1 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.