drgreen/android_frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

identity: Specify that challenges can be up to 32 bytes in length.

Browse Source 
Bug: 216177025
Test: atest CtsIdentityTestCases
Change-Id: I507ab6b9ecd095ec53caaf859b236a8fdc7bfce9
This commit is contained in:
David Zeuthen 2022-01-24 17:29:43 -05:00
parent 3789826e68
commit fbb1cca01a
2 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
identity/java/android/security/identity/IdentityCredential.java
View File

@ -454,7 +454,8 @@ public abstract class IdentityCredential {
* @param challenge is a non-empty byte array whose contents should be unique, fresh and * @param challenge is a non-empty byte array whose contents should be unique, fresh and
* provided by the issuing authority. The value provided is embedded in the * provided by the issuing authority. The value provided is embedded in the
* generated CBOR and enables the issuing authority to verify that the * generated CBOR and enables the issuing authority to verify that the
* returned proof is fresh. * returned proof is fresh. Implementations are required to support
* challenges at least 32 bytes of length.
* @return the COSE_Sign1 data structure above * @return the COSE_Sign1 data structure above
*/ */
public @NonNull byte[] proveOwnership(@NonNull byte[] challenge) { public @NonNull byte[] proveOwnership(@NonNull byte[] challenge) {
@ -485,7 +486,8 @@ public abstract class IdentityCredential {
* @param challenge is a non-empty byte array whose contents should be unique, fresh and * @param challenge is a non-empty byte array whose contents should be unique, fresh and
* provided by the issuing authority. The value provided is embedded in the * provided by the issuing authority. The value provided is embedded in the
* generated CBOR and enables the issuing authority to verify that the * generated CBOR and enables the issuing authority to verify that the
* returned proof is fresh. * returned proof is fresh. Implementations are required to support
* challenges at least 32 bytes of length.
* @return the COSE_Sign1 data structure above * @return the COSE_Sign1 data structure above
*/ */
public @NonNull byte[] delete(@NonNull byte[] challenge) { public @NonNull byte[] delete(@NonNull byte[] challenge) {

3
identity/java/android/security/identity/WritableIdentityCredential.java
View File

@ -59,7 +59,8 @@ public abstract class WritableIdentityCredential {
* @param challenge is a non-empty byte array whose contents should be unique, fresh and * @param challenge is a non-empty byte array whose contents should be unique, fresh and
* provided by the issuing authority. The value provided is embedded in the * provided by the issuing authority. The value provided is embedded in the
* attestation extension and enables the issuing authority to verify that the * attestation extension and enables the issuing authority to verify that the
* attestation certificate is fresh. * attestation certificate is fresh. Implementations are required to support
* challenges at least 32 bytes of length.
* @return the X.509 certificate for this credential's CredentialKey. * @return the X.509 certificate for this credential's CredentialKey.
*/ */
public abstract @NonNull Collection<X509Certificate> getCredentialKeyCertificateChain( public abstract @NonNull Collection<X509Certificate> getCredentialKeyCertificateChain(