diff options
| author | David Zeuthen <zeuthen@google.com> | 2020-10-16 11:27:24 -0400 |
|---|---|---|
| committer | David Zeuthen <zeuthen@google.com> | 2021-01-23 13:35:57 -0500 |
| commit | 49f2d2558ac417d090dfae9c78ab372d71e5140c (patch) | |
| tree | be240ccdfb0fa1e45aa03648cb385ff7ce82d84f /identity/aidl/default/common/IdentityCredential.h | |
| parent | eafa06164d1e1bafbe20562d540ab5420bb0f825 (diff) | |
Identity Credential changes for Android 12
- Add IIdentityCredential.deleteCredentialWithChallenge()
- Deprecate IIdentityCredential.deleteCredential()
- Add IIdentityCredential.proveOwership()
- Add IIdentityCredential.updateCredential()
- Add ProofOfBinding CBOR to AuthenticationKey X.509 certificate
- Document which API versions new methods/features appeared in.
- Mention need to declare android.hardware.identity_credential system
feature (w/ feature version number) and do this for the default
implementation.
Bug: 170146643
Test: atest VtsHalIdentityTargetTest
Change-Id: Ib47c7caa5f3d6fff6919f019eee44a735dba9cf8
Diffstat (limited to 'identity/aidl/default/common/IdentityCredential.h')
| -rw-r--r-- | identity/aidl/default/common/IdentityCredential.h | 20 |
1 files changed, 18 insertions, 2 deletions
diff --git a/identity/aidl/default/common/IdentityCredential.h b/identity/aidl/default/common/IdentityCredential.h index 228182160a..9913b86869 100644 --- a/identity/aidl/default/common/IdentityCredential.h +++ b/identity/aidl/default/common/IdentityCredential.h @@ -45,9 +45,11 @@ using ::std::vector; class IdentityCredential : public BnIdentityCredential { public: - IdentityCredential(sp<SecureHardwarePresentationProxy> hwProxy, + IdentityCredential(sp<SecureHardwareProxyFactory> hwProxyFactory, + sp<SecureHardwarePresentationProxy> hwProxy, const vector<uint8_t>& credentialData) - : hwProxy_(hwProxy), + : hwProxyFactory_(hwProxyFactory), + hwProxy_(hwProxy), credentialData_(credentialData), numStartRetrievalCalls_(0), expectedDeviceNameSpacesSize_(0) {} @@ -58,6 +60,11 @@ class IdentityCredential : public BnIdentityCredential { // Methods from IIdentityCredential follow. ndk::ScopedAStatus deleteCredential(vector<uint8_t>* outProofOfDeletionSignature) override; + ndk::ScopedAStatus deleteCredentialWithChallenge( + const vector<uint8_t>& challenge, + vector<uint8_t>* outProofOfDeletionSignature) override; + ndk::ScopedAStatus proveOwnership(const vector<uint8_t>& challenge, + vector<uint8_t>* outProofOfOwnershipSignature) override; ndk::ScopedAStatus createEphemeralKeyPair(vector<uint8_t>* outKeyPair) override; ndk::ScopedAStatus setReaderEphemeralPublicKey(const vector<uint8_t>& publicKey) override; ndk::ScopedAStatus createAuthChallenge(int64_t* outChallenge) override; @@ -79,8 +86,16 @@ class IdentityCredential : public BnIdentityCredential { ndk::ScopedAStatus generateSigningKeyPair(vector<uint8_t>* outSigningKeyBlob, Certificate* outSigningKeyCertificate) override; + ndk::ScopedAStatus updateCredential( + shared_ptr<IWritableIdentityCredential>* outWritableCredential) override; + private: + ndk::ScopedAStatus deleteCredentialCommon(const vector<uint8_t>& challenge, + bool includeChallenge, + vector<uint8_t>* outProofOfDeletionSignature); + // Set by constructor + sp<SecureHardwareProxyFactory> hwProxyFactory_; sp<SecureHardwarePresentationProxy> hwProxy_; vector<uint8_t> credentialData_; int numStartRetrievalCalls_; @@ -88,6 +103,7 @@ class IdentityCredential : public BnIdentityCredential { // Set by initialize() string docType_; bool testCredential_; + vector<uint8_t> encryptedCredentialKeys_; // Set by createEphemeralKeyPair() vector<uint8_t> ephemeralPublicKey_; |