commit e2a78a48c0751400e8357b16c9355bef70ff7247
author David Zeuthen <zeuthen@google.com> Mon Apr 27 13:34:38 2020 -0400
committer David Zeuthen <zeuthen@google.com> Wed Apr 29 09:52:51 2020 -0400
tree 408bc8bebb8ed2f68cb41e7002cdd9e682692a25
parent da132924a0c0a1d0f4acaecc1c08c03e6659bbe9

credstore: Pass additional information to Identity Credential HAL.

Without this extra information passed upfront it's not practical to
implement a HAL which incrementally builds up cryptographically
authenticated data.

This information is conveyed by using two new methods on version 2 of
the Identity Credential HAL. If these methods are not implemented (if
a version 1 HAL is running) the invocation fails and we handle this
gracefully by just ignoring the error.

Bug: 154631410
Test: atest VtsHalIdentityTargetTest
Test: atest android.security.identity.cts

Change-Id: I17d516e41e800f58daa4c11dcca0305c80740d5b

identity/Credential.h

diff --git a/identity/Credential.h b/identity/Credential.h
index a0d9063..e2880d9 100644
--- a/identity/Credential.h
+++ b/identity/Credential.h
@@ -38,6 +38,8 @@
 using ::android::hardware::identity::CipherSuite;
 using ::android::hardware::identity::IIdentityCredential;
 using ::android::hardware::identity::IIdentityCredentialStore;
+using ::android::hardware::identity::RequestDataItem;
+using ::android::hardware::identity::RequestNamespace;
 
 class Credential : public BnCredential {
   public:
@@ -80,6 +82,11 @@
     sp<CredentialData> data_;
 
     sp<IIdentityCredential> halBinder_;
+
+    ssize_t
+    calcExpectedDeviceNameSpacesSize(const vector<uint8_t>& requestMessage,
+                                     const vector<RequestNamespaceParcel>& requestNamespaces,
+                                     uint32_t authorizedAcps);
 };
 
 }  // namespace identity