identity: Add tests to check that implementations support 32 bytes for challenges.
Also update AIDL docs for this.
Bug: 216177025
Test: atest VtsHalIdentityTargetTest
Change-Id: I45cd0cc54f7e9f0d1f9c61d0649f7b7e7f6297a3
diff --git a/identity/aidl/vts/DeleteCredentialTests.cpp b/identity/aidl/vts/DeleteCredentialTests.cpp
index 7627c9c..a126463 100644
--- a/identity/aidl/vts/DeleteCredentialTests.cpp
+++ b/identity/aidl/vts/DeleteCredentialTests.cpp
@@ -146,7 +146,9 @@
credentialData_, &credential)
.isOk());
- vector<uint8_t> challenge = {65, 66, 67};
+ // Implementations must support at least 32 bytes.
+ string challengeString = "0123456789abcdef0123456789abcdef";
+ vector<uint8_t> challenge(challengeString.begin(), challengeString.end());
vector<uint8_t> proofOfDeletionSignature;
ASSERT_TRUE(
credential->deleteCredentialWithChallenge(challenge, &proofOfDeletionSignature).isOk());
@@ -154,8 +156,13 @@
support::coseSignGetPayload(proofOfDeletionSignature);
ASSERT_TRUE(proofOfDeletion);
string cborPretty = cppbor::prettyPrint(proofOfDeletion.value(), 32, {});
- EXPECT_EQ("['ProofOfDeletion', 'org.iso.18013-5.2019.mdl', {0x41, 0x42, 0x43}, true, ]",
- cborPretty);
+ EXPECT_EQ(
+ "['ProofOfDeletion', 'org.iso.18013-5.2019.mdl', {"
+ "0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, "
+ "0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, "
+ "0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, "
+ "0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66}, true, ]",
+ cborPretty);
EXPECT_TRUE(support::coseCheckEcDsaSignature(proofOfDeletionSignature, {}, // Additional data
credentialPubKey_));
}
diff --git a/identity/aidl/vts/ProveOwnershipTests.cpp b/identity/aidl/vts/ProveOwnershipTests.cpp
index c622193..f8ec670 100644
--- a/identity/aidl/vts/ProveOwnershipTests.cpp
+++ b/identity/aidl/vts/ProveOwnershipTests.cpp
@@ -125,14 +125,22 @@
credentialData_, &credential)
.isOk());
- vector<uint8_t> challenge = {17, 18};
+ // Implementations must support at least 32 bytes.
+ string challengeString = "0123456789abcdef0123456789abcdef";
+ vector<uint8_t> challenge(challengeString.begin(), challengeString.end());
vector<uint8_t> proofOfOwnershipSignature;
ASSERT_TRUE(credential->proveOwnership(challenge, &proofOfOwnershipSignature).isOk());
optional<vector<uint8_t>> proofOfOwnership =
support::coseSignGetPayload(proofOfOwnershipSignature);
ASSERT_TRUE(proofOfOwnership);
string cborPretty = cppbor::prettyPrint(proofOfOwnership.value(), 32, {});
- EXPECT_EQ("['ProofOfOwnership', 'org.iso.18013-5.2019.mdl', {0x11, 0x12}, true, ]", cborPretty);
+ EXPECT_EQ(
+ "['ProofOfOwnership', 'org.iso.18013-5.2019.mdl', {"
+ "0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, "
+ "0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, "
+ "0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, "
+ "0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66}, true, ]",
+ cborPretty);
EXPECT_TRUE(support::coseCheckEcDsaSignature(proofOfOwnershipSignature, {}, // Additional data
credentialPubKey_));
}
diff --git a/identity/aidl/vts/VtsAttestationTests.cpp b/identity/aidl/vts/VtsAttestationTests.cpp
index e12fe05..7caa259 100644
--- a/identity/aidl/vts/VtsAttestationTests.cpp
+++ b/identity/aidl/vts/VtsAttestationTests.cpp
@@ -66,7 +66,8 @@
ASSERT_TRUE(setupWritableCredential(writableCredential, credentialStore_,
false /* testCredential */));
- string challenge = "NotSoRandomChallenge1NotSoRandomChallenge1NotSoRandomChallenge1";
+ // Must support at least 32 bytes.
+ string challenge = "0123456789abcdef0123456789abcdef";
vector<uint8_t> attestationChallenge(challenge.begin(), challenge.end());
vector<Certificate> attestationCertificate;
string applicationId = "Attestation Verification";