From 3526efd0271e31d1e6fdf5055d8d190594117875 Mon Sep 17 00:00:00 2001
From: Shikha Panwar <shikhapanwar@google.com>
Date: Thu, 21 Dec 2023 18:39:24 +0000
Subject: [PATCH] Secretkeeper: Use byte[64] as SecretId

SecretId is a parameter in deleteIds() method, which will be invoked by
host (Android). Restrict the size to 64 bytes to avoid unnecessarily
large bytes making it to HAL & TA.

Test: atest VtsSecretkeeperTargetTest
Bug: 317374882
Change-Id: Ieb34fee4efd11636bee133fe9132c1d739d08a1c
---
 .../android/hardware/security/secretkeeper/SecretId.aidl        | 2 +-
 .../aidl/android/hardware/security/secretkeeper/SecretId.aidl   | 2 +-
 security/secretkeeper/aidl/vts/secretkeeper_test_client.rs      | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/security/secretkeeper/aidl/aidl_api/android.hardware.security.secretkeeper/current/android/hardware/security/secretkeeper/SecretId.aidl b/security/secretkeeper/aidl/aidl_api/android.hardware.security.secretkeeper/current/android/hardware/security/secretkeeper/SecretId.aidl
index 87d0233d03..9887066512 100644
--- a/security/secretkeeper/aidl/aidl_api/android.hardware.security.secretkeeper/current/android/hardware/security/secretkeeper/SecretId.aidl
+++ b/security/secretkeeper/aidl/aidl_api/android.hardware.security.secretkeeper/current/android/hardware/security/secretkeeper/SecretId.aidl
@@ -35,5 +35,5 @@ package android.hardware.security.secretkeeper;
 /* @hide */
 @VintfStability
 parcelable SecretId {
-  byte[] id;
+  byte[64] id;
 }
diff --git a/security/secretkeeper/aidl/android/hardware/security/secretkeeper/SecretId.aidl b/security/secretkeeper/aidl/android/hardware/security/secretkeeper/SecretId.aidl
index bd982e7c69..b17917f2b5 100644
--- a/security/secretkeeper/aidl/android/hardware/security/secretkeeper/SecretId.aidl
+++ b/security/secretkeeper/aidl/android/hardware/security/secretkeeper/SecretId.aidl
@@ -25,5 +25,5 @@ parcelable SecretId {
     /**
      * 64-byte identifier for a secret.
      */
-    byte[] id;
+    byte[64] id;
 }
diff --git a/security/secretkeeper/aidl/vts/secretkeeper_test_client.rs b/security/secretkeeper/aidl/vts/secretkeeper_test_client.rs
index 5d1306afaf..994f581c27 100644
--- a/security/secretkeeper/aidl/vts/secretkeeper_test_client.rs
+++ b/security/secretkeeper/aidl/vts/secretkeeper_test_client.rs
@@ -233,7 +233,7 @@ impl SkClient {
     fn delete(&self, ids: &[&Id]) {
         let ids: Vec<SecretId> = ids
             .iter()
-            .map(|id| SecretId { id: id.0.to_vec() })
+            .map(|id| SecretId { id: id.0 })
             .collect();
         self.sk.deleteIds(&ids).unwrap();
     }