identity: Add tests to check that implementations support 32 bytes for challenges.
Also update AIDL docs for this.
Bug: 216177025
Test: atest VtsHalIdentityTargetTest
Change-Id: I45cd0cc54f7e9f0d1f9c61d0649f7b7e7f6297a3
diff --git a/identity/aidl/android/hardware/identity/IIdentityCredential.aidl b/identity/aidl/android/hardware/identity/IIdentityCredential.aidl
index 84d6ed0..82b0a83 100644
--- a/identity/aidl/android/hardware/identity/IIdentityCredential.aidl
+++ b/identity/aidl/android/hardware/identity/IIdentityCredential.aidl
@@ -438,8 +438,9 @@
* If the method is called on an instance obtained via IPresentationSession.getCredential(),
* STATUS_FAILED must be returned.
*
- * @param challenge a challenge set by the issuer to ensure freshness. Maximum size is 32 bytes
- * and it may be empty. Fails with STATUS_INVALID_DATA if bigger than 32 bytes.
+ * @param challenge a challenge set by the issuer to ensure freshness. Implementations must
+ * support challenges that are at least 32 bytes. Fails with STATUS_INVALID_DATA if bigger
+ * than 32 bytes.
* @return a COSE_Sign1 signature described above.
*/
byte[] deleteCredentialWithChallenge(in byte[] challenge);
@@ -463,8 +464,9 @@
* If the method is called on an instance obtained via IPresentationSession.getCredential(),
* STATUS_FAILED must be returned.
*
- * @param challenge a challenge set by the issuer to ensure freshness. Maximum size is 32 bytes
- * and it may be empty. Fails with STATUS_INVALID_DATA if bigger than 32 bytes.
+ * @param challenge a challenge set by the issuer to ensure freshness. Implementations must
+ * support challenges that are at least 32 bytes. Fails with STATUS_INVALID_DATA if bigger
+ * than 32 bytes.
* @return a COSE_Sign1 signature described above.
*/
byte[] proveOwnership(in byte[] challenge);
diff --git a/identity/aidl/android/hardware/identity/IWritableIdentityCredential.aidl b/identity/aidl/android/hardware/identity/IWritableIdentityCredential.aidl
index 756b008..1c80cbb 100644
--- a/identity/aidl/android/hardware/identity/IWritableIdentityCredential.aidl
+++ b/identity/aidl/android/hardware/identity/IWritableIdentityCredential.aidl
@@ -127,7 +127,8 @@
* https://developer.android.com/training/articles/security-key-attestation#certificate_schema_attestationid
*
* @param attestationChallenge a challenge set by the issuer to ensure freshness. If
- * this is empty, the call fails with STATUS_INVALID_DATA.
+ * this is empty, the call fails with STATUS_INVALID_DATA. Implementations must
+ * support challenges of at least 32 bytes.
*
* @return the X.509 certificate chain for the credentialKey
*/
diff --git a/identity/aidl/vts/DeleteCredentialTests.cpp b/identity/aidl/vts/DeleteCredentialTests.cpp
index 7627c9c..a126463 100644
--- a/identity/aidl/vts/DeleteCredentialTests.cpp
+++ b/identity/aidl/vts/DeleteCredentialTests.cpp
@@ -146,7 +146,9 @@
credentialData_, &credential)
.isOk());
- vector<uint8_t> challenge = {65, 66, 67};
+ // Implementations must support at least 32 bytes.
+ string challengeString = "0123456789abcdef0123456789abcdef";
+ vector<uint8_t> challenge(challengeString.begin(), challengeString.end());
vector<uint8_t> proofOfDeletionSignature;
ASSERT_TRUE(
credential->deleteCredentialWithChallenge(challenge, &proofOfDeletionSignature).isOk());
@@ -154,8 +156,13 @@
support::coseSignGetPayload(proofOfDeletionSignature);
ASSERT_TRUE(proofOfDeletion);
string cborPretty = cppbor::prettyPrint(proofOfDeletion.value(), 32, {});
- EXPECT_EQ("['ProofOfDeletion', 'org.iso.18013-5.2019.mdl', {0x41, 0x42, 0x43}, true, ]",
- cborPretty);
+ EXPECT_EQ(
+ "['ProofOfDeletion', 'org.iso.18013-5.2019.mdl', {"
+ "0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, "
+ "0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, "
+ "0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, "
+ "0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66}, true, ]",
+ cborPretty);
EXPECT_TRUE(support::coseCheckEcDsaSignature(proofOfDeletionSignature, {}, // Additional data
credentialPubKey_));
}
diff --git a/identity/aidl/vts/ProveOwnershipTests.cpp b/identity/aidl/vts/ProveOwnershipTests.cpp
index c622193..f8ec670 100644
--- a/identity/aidl/vts/ProveOwnershipTests.cpp
+++ b/identity/aidl/vts/ProveOwnershipTests.cpp
@@ -125,14 +125,22 @@
credentialData_, &credential)
.isOk());
- vector<uint8_t> challenge = {17, 18};
+ // Implementations must support at least 32 bytes.
+ string challengeString = "0123456789abcdef0123456789abcdef";
+ vector<uint8_t> challenge(challengeString.begin(), challengeString.end());
vector<uint8_t> proofOfOwnershipSignature;
ASSERT_TRUE(credential->proveOwnership(challenge, &proofOfOwnershipSignature).isOk());
optional<vector<uint8_t>> proofOfOwnership =
support::coseSignGetPayload(proofOfOwnershipSignature);
ASSERT_TRUE(proofOfOwnership);
string cborPretty = cppbor::prettyPrint(proofOfOwnership.value(), 32, {});
- EXPECT_EQ("['ProofOfOwnership', 'org.iso.18013-5.2019.mdl', {0x11, 0x12}, true, ]", cborPretty);
+ EXPECT_EQ(
+ "['ProofOfOwnership', 'org.iso.18013-5.2019.mdl', {"
+ "0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, "
+ "0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, "
+ "0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, "
+ "0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66}, true, ]",
+ cborPretty);
EXPECT_TRUE(support::coseCheckEcDsaSignature(proofOfOwnershipSignature, {}, // Additional data
credentialPubKey_));
}
diff --git a/identity/aidl/vts/VtsAttestationTests.cpp b/identity/aidl/vts/VtsAttestationTests.cpp
index e12fe05..7caa259 100644
--- a/identity/aidl/vts/VtsAttestationTests.cpp
+++ b/identity/aidl/vts/VtsAttestationTests.cpp
@@ -66,7 +66,8 @@
ASSERT_TRUE(setupWritableCredential(writableCredential, credentialStore_,
false /* testCredential */));
- string challenge = "NotSoRandomChallenge1NotSoRandomChallenge1NotSoRandomChallenge1";
+ // Must support at least 32 bytes.
+ string challenge = "0123456789abcdef0123456789abcdef";
vector<uint8_t> attestationChallenge(challenge.begin(), challenge.end());
vector<Certificate> attestationCertificate;
string applicationId = "Attestation Verification";