From 79cb9920338e061d83cd4d584502b579b785b93b Mon Sep 17 00:00:00 2001 From: Eran Messeri Date: Wed, 25 Oct 2023 14:24:34 +0100 Subject: [PATCH] Document the allowed challenge size KeyMint should be able to handle challenges up to 128 bytes. Document this (and the expected error code) in Tag.aidl. Bug: 307714384 Test: m Change-Id: Id099dd055c81b10d777effdf364395f84d8b35c6 --- .../keymint/aidl/android/hardware/security/keymint/Tag.aidl | 2 ++ 1 file changed, 2 insertions(+) diff --git a/security/keymint/aidl/android/hardware/security/keymint/Tag.aidl b/security/keymint/aidl/android/hardware/security/keymint/Tag.aidl index 36f01064b2..aa7bf286cc 100644 --- a/security/keymint/aidl/android/hardware/security/keymint/Tag.aidl +++ b/security/keymint/aidl/android/hardware/security/keymint/Tag.aidl @@ -643,6 +643,8 @@ enum Tag { * Tag::ATTESTATION_CHALLENGE is used to deliver a "challenge" value to the attested key * generation/import methods, which must place the value in the KeyDescription SEQUENCE of the * attestation extension. + * The challenge value may be up to 128 bytes. If the caller provides a bigger challenge, + * INVALID_INPUT_LENGTH error should be returned. * * Must never appear in KeyCharacteristics. */