Key derivation for session encryption and MACing now involves mixing
in SessionTranscriptBytes. Update docs to reflect this.
Also, the standard changed such that instead of DeviceAuthentication
being MACed or signed, it's instead DeviceAuthenticationBytes which is
defined as #6.24(bstr .cbor DeviceAuthentication). The same also for
ReaderAuthentication, now ReaderAuthenticationBytes is the CBOR which
is signed by the reader.
Also make a note that the encryptMessageToReader() and
decryptMessageFromReader() should NOT be used and applications should
instead implement these themselves. This is because we don't have the
SessionTranscript available and it's way too late to start adding
public API now. For the next Android version these methods will be
deprecated. Realistically this shouldn't be a problem because
applications are expected to use the Jetpack anyway.
Bug: 159482543
Test: atest android.security.identity.cts
Change-Id: I380a973a0cc78f1206fd7a33d0bd4896a0b16c6d
4e63378884