diff --git a/identity/aidl/android/hardware/identity/IIdentityCredential.aidl b/identity/aidl/android/hardware/identity/IIdentityCredential.aidl index 84d6ed0e8a..82b0a83fc7 100644 --- a/identity/aidl/android/hardware/identity/IIdentityCredential.aidl +++ b/identity/aidl/android/hardware/identity/IIdentityCredential.aidl @@ -438,8 +438,9 @@ interface IIdentityCredential { * If the method is called on an instance obtained via IPresentationSession.getCredential(), * STATUS_FAILED must be returned. * - * @param challenge a challenge set by the issuer to ensure freshness. Maximum size is 32 bytes - * and it may be empty. Fails with STATUS_INVALID_DATA if bigger than 32 bytes. + * @param challenge a challenge set by the issuer to ensure freshness. Implementations must + * support challenges that are at least 32 bytes. Fails with STATUS_INVALID_DATA if bigger + * than 32 bytes. * @return a COSE_Sign1 signature described above. */ byte[] deleteCredentialWithChallenge(in byte[] challenge); @@ -463,8 +464,9 @@ interface IIdentityCredential { * If the method is called on an instance obtained via IPresentationSession.getCredential(), * STATUS_FAILED must be returned. * - * @param challenge a challenge set by the issuer to ensure freshness. Maximum size is 32 bytes - * and it may be empty. Fails with STATUS_INVALID_DATA if bigger than 32 bytes. + * @param challenge a challenge set by the issuer to ensure freshness. Implementations must + * support challenges that are at least 32 bytes. Fails with STATUS_INVALID_DATA if bigger + * than 32 bytes. * @return a COSE_Sign1 signature described above. */ byte[] proveOwnership(in byte[] challenge); diff --git a/identity/aidl/android/hardware/identity/IWritableIdentityCredential.aidl b/identity/aidl/android/hardware/identity/IWritableIdentityCredential.aidl index 756b008aa5..1c80cbbe82 100644 --- a/identity/aidl/android/hardware/identity/IWritableIdentityCredential.aidl +++ b/identity/aidl/android/hardware/identity/IWritableIdentityCredential.aidl @@ -127,7 +127,8 @@ interface IWritableIdentityCredential { * https://developer.android.com/training/articles/security-key-attestation#certificate_schema_attestationid * * @param attestationChallenge a challenge set by the issuer to ensure freshness. If - * this is empty, the call fails with STATUS_INVALID_DATA. + * this is empty, the call fails with STATUS_INVALID_DATA. Implementations must + * support challenges of at least 32 bytes. * * @return the X.509 certificate chain for the credentialKey */ diff --git a/identity/aidl/vts/DeleteCredentialTests.cpp b/identity/aidl/vts/DeleteCredentialTests.cpp index 7627c9cbb9..a1264632f3 100644 --- a/identity/aidl/vts/DeleteCredentialTests.cpp +++ b/identity/aidl/vts/DeleteCredentialTests.cpp @@ -146,7 +146,9 @@ TEST_P(DeleteCredentialTests, DeleteWithChallenge) { credentialData_, &credential) .isOk()); - vector challenge = {65, 66, 67}; + // Implementations must support at least 32 bytes. + string challengeString = "0123456789abcdef0123456789abcdef"; + vector challenge(challengeString.begin(), challengeString.end()); vector proofOfDeletionSignature; ASSERT_TRUE( credential->deleteCredentialWithChallenge(challenge, &proofOfDeletionSignature).isOk()); @@ -154,8 +156,13 @@ TEST_P(DeleteCredentialTests, DeleteWithChallenge) { support::coseSignGetPayload(proofOfDeletionSignature); ASSERT_TRUE(proofOfDeletion); string cborPretty = cppbor::prettyPrint(proofOfDeletion.value(), 32, {}); - EXPECT_EQ("['ProofOfDeletion', 'org.iso.18013-5.2019.mdl', {0x41, 0x42, 0x43}, true, ]", - cborPretty); + EXPECT_EQ( + "['ProofOfDeletion', 'org.iso.18013-5.2019.mdl', {" + "0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, " + "0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, " + "0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, " + "0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66}, true, ]", + cborPretty); EXPECT_TRUE(support::coseCheckEcDsaSignature(proofOfDeletionSignature, {}, // Additional data credentialPubKey_)); } diff --git a/identity/aidl/vts/ProveOwnershipTests.cpp b/identity/aidl/vts/ProveOwnershipTests.cpp index c622193ef5..f8ec6706db 100644 --- a/identity/aidl/vts/ProveOwnershipTests.cpp +++ b/identity/aidl/vts/ProveOwnershipTests.cpp @@ -125,14 +125,22 @@ TEST_P(ProveOwnershipTests, proveOwnership) { credentialData_, &credential) .isOk()); - vector challenge = {17, 18}; + // Implementations must support at least 32 bytes. + string challengeString = "0123456789abcdef0123456789abcdef"; + vector challenge(challengeString.begin(), challengeString.end()); vector proofOfOwnershipSignature; ASSERT_TRUE(credential->proveOwnership(challenge, &proofOfOwnershipSignature).isOk()); optional> proofOfOwnership = support::coseSignGetPayload(proofOfOwnershipSignature); ASSERT_TRUE(proofOfOwnership); string cborPretty = cppbor::prettyPrint(proofOfOwnership.value(), 32, {}); - EXPECT_EQ("['ProofOfOwnership', 'org.iso.18013-5.2019.mdl', {0x11, 0x12}, true, ]", cborPretty); + EXPECT_EQ( + "['ProofOfOwnership', 'org.iso.18013-5.2019.mdl', {" + "0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, " + "0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, " + "0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, " + "0x38, 0x39, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66}, true, ]", + cborPretty); EXPECT_TRUE(support::coseCheckEcDsaSignature(proofOfOwnershipSignature, {}, // Additional data credentialPubKey_)); } diff --git a/identity/aidl/vts/VtsAttestationTests.cpp b/identity/aidl/vts/VtsAttestationTests.cpp index e12fe051d5..7caa2599af 100644 --- a/identity/aidl/vts/VtsAttestationTests.cpp +++ b/identity/aidl/vts/VtsAttestationTests.cpp @@ -66,7 +66,8 @@ TEST_P(VtsAttestationTests, verifyAttestationWithNonemptyChallengeNonemptyId) { ASSERT_TRUE(setupWritableCredential(writableCredential, credentialStore_, false /* testCredential */)); - string challenge = "NotSoRandomChallenge1NotSoRandomChallenge1NotSoRandomChallenge1"; + // Must support at least 32 bytes. + string challenge = "0123456789abcdef0123456789abcdef"; vector attestationChallenge(challenge.begin(), challenge.end()); vector attestationCertificate; string applicationId = "Attestation Verification";