Gitiles
Code Review Sign In
gerrit.omnirom.org / android_hardware_interfaces / 3526efd0271e31d1e6fdf5055d8d190594117875^! / .
commit3526efd0271e31d1e6fdf5055d8d190594117875[log] [tgz]
authorShikha Panwar <shikhapanwar@google.com>Thu Dec 21 18:39:24 2023 +0000
committerShikha Panwar <shikhapanwar@google.com>Thu Dec 21 19:47:54 2023 +0000
tree95294d9a673166ac2fb140e846bfc644c511a2d9
parent3d33a135ad54c2b0ed23ea51d2dd2232f0efb66d [diff]
Secretkeeper: Use byte[64] as SecretId

SecretId is a parameter in deleteIds() method, which will be invoked by
host (Android). Restrict the size to 64 bytes to avoid unnecessarily
large bytes making it to HAL & TA.

Test: atest VtsSecretkeeperTargetTest
Bug: 317374882
Change-Id: Ieb34fee4efd11636bee133fe9132c1d739d08a1c

diff --git a/security/secretkeeper/aidl/aidl_api/android.hardware.security.secretkeeper/current/android/hardware/security/secretkeeper/SecretId.aidl b/security/secretkeeper/aidl/aidl_api/android.hardware.security.secretkeeper/current/android/hardware/security/secretkeeper/SecretId.aidl
index 87d0233..9887066 100644
--- a/security/secretkeeper/aidl/aidl_api/android.hardware.security.secretkeeper/current/android/hardware/security/secretkeeper/SecretId.aidl
+++ b/security/secretkeeper/aidl/aidl_api/android.hardware.security.secretkeeper/current/android/hardware/security/secretkeeper/SecretId.aidl

@@ -35,5 +35,5 @@
 /* @hide */
 @VintfStability
 parcelable SecretId {
-  byte[] id;
+  byte[64] id;
 }

diff --git a/security/secretkeeper/aidl/android/hardware/security/secretkeeper/SecretId.aidl b/security/secretkeeper/aidl/android/hardware/security/secretkeeper/SecretId.aidl
index bd982e7..b17917f 100644
--- a/security/secretkeeper/aidl/android/hardware/security/secretkeeper/SecretId.aidl
+++ b/security/secretkeeper/aidl/android/hardware/security/secretkeeper/SecretId.aidl

@@ -25,5 +25,5 @@
     /**
      * 64-byte identifier for a secret.
      */
-    byte[] id;
+    byte[64] id;
 }

diff --git a/security/secretkeeper/aidl/vts/secretkeeper_test_client.rs b/security/secretkeeper/aidl/vts/secretkeeper_test_client.rs
index 5d1306a..994f581 100644
--- a/security/secretkeeper/aidl/vts/secretkeeper_test_client.rs
+++ b/security/secretkeeper/aidl/vts/secretkeeper_test_client.rs

@@ -233,7 +233,7 @@
     fn delete(&self, ids: &[&Id]) {
         let ids: Vec<SecretId> = ids
             .iter()
-            .map(|id| SecretId { id: id.0.to_vec() })
+            .map(|id| SecretId { id: id.0 })
             .collect();
         self.sk.deleteIds(&ids).unwrap();
     }