Drop minimum RKP challenge size to 16 bytes
The current RKP server produces challenges smaller than 32 bytes.
As existing devices in the field may have some length limitations
due to this, let's not start sending larger challenges to those
devices. Instead, drop the challenge to 16 bytes to maintain compat.
There should be plenty of entropy in 16 bytes.
Test: n/a
Change-Id: I1dfd9b4b06131df907683207e4b6bfb2d1c93d65
diff --git a/security/rkp/aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl b/security/rkp/aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl
index ff710f1..75990da 100644
--- a/security/rkp/aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl
+++ b/security/rkp/aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl
@@ -335,7 +335,7 @@
* UdsCerts,
* DiceCertChain,
* SignedData<[
- * challenge: bstr .size (32..64), ; Provided by the method parameters
+ * challenge: bstr .size (16..64), ; Provided by the method parameters
* bstr .cbor T,
* ]>,
* ]
diff --git a/security/rkp/aidl/android/hardware/security/keymint/ProtectedData.aidl b/security/rkp/aidl/android/hardware/security/keymint/ProtectedData.aidl
index 3f699bc..bfe8417 100644
--- a/security/rkp/aidl/android/hardware/security/keymint/ProtectedData.aidl
+++ b/security/rkp/aidl/android/hardware/security/keymint/ProtectedData.aidl
@@ -134,7 +134,7 @@
* ]
*
* SignedMacAad = [
- * challenge : bstr .size (32..64), ; Size between 32 - 64
+ * challenge : bstr .size (16..64), ; Size between 16 - 64
* ; bytes inclusive
* VerifiedDeviceInfo,
* tag: bstr ; This is the tag from COSE_Mac0 of