diff options
| author | David Zeuthen <zeuthen@google.com> | 2021-09-11 13:59:43 -0400 |
|---|---|---|
| committer | David Zeuthen <zeuthen@google.com> | 2022-01-10 15:12:33 -0500 |
| commit | 1eb12b29728adcbbe5b8694f671c67b8a624fe4a (patch) | |
| tree | e62dafc3d8e318621ec258811ac02b9af7f61039 /identity/aidl/default/common/IdentityCredentialStore.cpp | |
| parent | 02d2df7135351dad3ae5f11295fca50a483f8754 (diff) | |
identity: Add multi-document presentation support.
This new IPresentationSession interface enables an application to do a
multi-document presentation, something which isn't possible with the
existing API. As a practical example of this consider presenting both
your Mobile Driving License and your Vaccination Certificate in a single
transaction.
Bug: 197965513
Test: New CTS tests and new screen in CtsVerifier
Change-Id: I11712dca35df7f1224debf454731bc17ea9bfb37
Diffstat (limited to 'identity/aidl/default/common/IdentityCredentialStore.cpp')
| -rw-r--r-- | identity/aidl/default/common/IdentityCredentialStore.cpp | 27 |
1 files changed, 24 insertions, 3 deletions
diff --git a/identity/aidl/default/common/IdentityCredentialStore.cpp b/identity/aidl/default/common/IdentityCredentialStore.cpp index e6b5466096..4703ffe646 100644 --- a/identity/aidl/default/common/IdentityCredentialStore.cpp +++ b/identity/aidl/default/common/IdentityCredentialStore.cpp @@ -20,6 +20,7 @@ #include "IdentityCredential.h" #include "IdentityCredentialStore.h" +#include "PresentationSession.h" #include "WritableIdentityCredential.h" namespace aidl::android::hardware::identity { @@ -61,9 +62,8 @@ ndk::ScopedAStatus IdentityCredentialStore::getCredential( "Unsupported cipher suite")); } - sp<SecureHardwarePresentationProxy> hwProxy = hwProxyFactory_->createPresentationProxy(); - shared_ptr<IdentityCredential> credential = - ndk::SharedRefBase::make<IdentityCredential>(hwProxyFactory_, hwProxy, credentialData); + shared_ptr<IdentityCredential> credential = ndk::SharedRefBase::make<IdentityCredential>( + hwProxyFactory_, credentialData, nullptr /* session */); auto ret = credential->initialize(); if (ret != IIdentityCredentialStore::STATUS_OK) { return ndk::ScopedAStatus(AStatus_fromServiceSpecificErrorWithMessage( @@ -73,4 +73,25 @@ ndk::ScopedAStatus IdentityCredentialStore::getCredential( return ndk::ScopedAStatus::ok(); } +ndk::ScopedAStatus IdentityCredentialStore::createPresentationSession( + CipherSuite cipherSuite, shared_ptr<IPresentationSession>* outSession) { + // We only support CIPHERSUITE_ECDHE_HKDF_ECDSA_WITH_AES_256_GCM_SHA256 right now. + if (cipherSuite != CipherSuite::CIPHERSUITE_ECDHE_HKDF_ECDSA_WITH_AES_256_GCM_SHA256) { + return ndk::ScopedAStatus(AStatus_fromServiceSpecificErrorWithMessage( + IIdentityCredentialStore::STATUS_CIPHER_SUITE_NOT_SUPPORTED, + "Unsupported cipher suite")); + } + + sp<SecureHardwareSessionProxy> hwProxy = hwProxyFactory_->createSessionProxy(); + shared_ptr<PresentationSession> session = + ndk::SharedRefBase::make<PresentationSession>(hwProxyFactory_, hwProxy); + auto ret = session->initialize(); + if (ret != IIdentityCredentialStore::STATUS_OK) { + return ndk::ScopedAStatus(AStatus_fromServiceSpecificErrorWithMessage( + int(ret), "Error initializing PresentationSession")); + } + *outSession = session; + return ndk::ScopedAStatus::ok(); +} + } // namespace aidl::android::hardware::identity |