Document the allowed challenge size KeyMint should be able to handle challenges up to 128 bytes. Document this (and the expected error code) in Tag.aidl. Bug: 307714384 Test: m Change-Id: Id099dd055c81b10d777effdf364395f84d8b35c6

commit: 79cb9920338e061d83cd4d584502b579b785b93b [log] [tgz]
author: Eran Messeri <eranm@google.com> Wed Oct 25 14:24:34 2023 +0100
committer: Eran Messeri <eranm@google.com> Wed Nov 01 19:22:30 2023 +0000
tree: 8c1c834800042a226236f2dfe6b70608a9765870
parent: db1da1c8a6532aab11d1ca71be41ca6f5076b2aa [diff]
diff --git a/security/keymint/aidl/android/hardware/security/keymint/Tag.aidl b/security/keymint/aidl/android/hardware/security/keymint/Tag.aidl
index 36f0106..aa7bf28 100644
--- a/security/keymint/aidl/android/hardware/security/keymint/Tag.aidl
+++ b/security/keymint/aidl/android/hardware/security/keymint/Tag.aidl

@@ -643,6 +643,8 @@
      * Tag::ATTESTATION_CHALLENGE is used to deliver a "challenge" value to the attested key
      * generation/import methods, which must place the value in the KeyDescription SEQUENCE of the
      * attestation extension.
+     * The challenge value may be up to 128 bytes. If the caller provides a bigger challenge,
+     * INVALID_INPUT_LENGTH error should be returned.
      *
      * Must never appear in KeyCharacteristics.
      */
commit	79cb9920338e061d83cd4d584502b579b785b93b	[log] [tgz]
author	Eran Messeri <eranm@google.com>	Wed Oct 25 14:24:34 2023 +0100
committer	Eran Messeri <eranm@google.com>	Wed Nov 01 19:22:30 2023 +0000
tree	8c1c834800042a226236f2dfe6b70608a9765870
parent	db1da1c8a6532aab11d1ca71be41ca6f5076b2aa [diff]