diff options
3 files changed, 42 insertions, 1 deletions
diff --git a/identity/aidl/android/hardware/identity/IWritableIdentityCredential.aidl b/identity/aidl/android/hardware/identity/IWritableIdentityCredential.aidl index 9673821b82..07486e6001 100644 --- a/identity/aidl/android/hardware/identity/IWritableIdentityCredential.aidl +++ b/identity/aidl/android/hardware/identity/IWritableIdentityCredential.aidl @@ -140,7 +140,8 @@ interface IWritableIdentityCredential { * with STATUS_INVALID_DATA. * * @param id a numeric identifier that must be unique within the context of a Credential and may - * be used to reference the profile. If this is not satisfied the call fails with + * be used to reference the profile. This id must be non-negative and less than 32 (allowing + * for a total of 32 profiles). If this is not satisfied the call fails with * STATUS_INVALID_DATA. * * @param readerCertificate if non-empty, specifies a single X.509 certificate (not a chain of diff --git a/identity/aidl/default/WritableIdentityCredential.cpp b/identity/aidl/default/WritableIdentityCredential.cpp index fd246d8fec..b3924447b2 100644 --- a/identity/aidl/default/WritableIdentityCredential.cpp +++ b/identity/aidl/default/WritableIdentityCredential.cpp @@ -143,6 +143,12 @@ ndk::ScopedAStatus WritableIdentityCredential::addAccessControlProfile( } accessControlProfileIds_.insert(id); + if (id < 0 || id >= 32) { + return ndk::ScopedAStatus(AStatus_fromServiceSpecificErrorWithMessage( + IIdentityCredentialStore::STATUS_INVALID_DATA, + "Access Control Profile id must be non-negative and less than 32")); + } + // Spec requires if |userAuthenticationRequired| is false, then |timeoutMillis| must also // be zero. if (!userAuthenticationRequired && timeoutMillis != 0) { diff --git a/identity/aidl/vts/VtsIWritableIdentityCredentialTests.cpp b/identity/aidl/vts/VtsIWritableIdentityCredentialTests.cpp index 56b30af9a4..b68fbb54f1 100644 --- a/identity/aidl/vts/VtsIWritableIdentityCredentialTests.cpp +++ b/identity/aidl/vts/VtsIWritableIdentityCredentialTests.cpp @@ -641,6 +641,40 @@ TEST_P(IdentityCredentialTests, verifyInterleavingEntryNameSpaceOrderingFails) { EXPECT_EQ(IIdentityCredentialStore::STATUS_INVALID_DATA, result.serviceSpecificErrorCode()); } +TEST_P(IdentityCredentialTests, verifyAccessControlProfileIdOutOfRange) { + sp<IWritableIdentityCredential> writableCredential; + ASSERT_TRUE(test_utils::SetupWritableCredential(writableCredential, credentialStore_)); + + const vector<int32_t> entryCounts = {1}; + Status result = writableCredential->startPersonalization(1, entryCounts); + ASSERT_TRUE(result.isOk()) << result.exceptionCode() << "; " << result.exceptionMessage() + << endl; + + SecureAccessControlProfile profile; + + // This should fail because the id is >= 32 + result = writableCredential->addAccessControlProfile(32, // id + {}, // readerCertificate + false, // userAuthenticationRequired + 0, // timeoutMillis + 42, // secureUserId + &profile); + ASSERT_FALSE(result.isOk()) << result.exceptionCode() << "; " << result.exceptionMessage(); + ASSERT_EQ(binder::Status::EX_SERVICE_SPECIFIC, result.exceptionCode()); + ASSERT_EQ(IIdentityCredentialStore::STATUS_INVALID_DATA, result.serviceSpecificErrorCode()); + + // This should fail because the id is < 0 + result = writableCredential->addAccessControlProfile(-1, // id + {}, // readerCertificate + false, // userAuthenticationRequired + 0, // timeoutMillis + 42, // secureUserId + &profile); + ASSERT_FALSE(result.isOk()) << result.exceptionCode() << "; " << result.exceptionMessage(); + ASSERT_EQ(binder::Status::EX_SERVICE_SPECIFIC, result.exceptionCode()); + ASSERT_EQ(IIdentityCredentialStore::STATUS_INVALID_DATA, result.serviceSpecificErrorCode()); +} + INSTANTIATE_TEST_SUITE_P( Identity, IdentityCredentialTests, testing::ValuesIn(android::getAidlHalInstanceNames(IIdentityCredentialStore::descriptor)), |