Fixed following bugs in WritableIdentityCredential.cpp
- Do not allow startPersonalization to be called more than once per
aidl.
- Do not preceed with beginAddEntry if addAccessControlProfile and
startPersonalization profile count mismatch.
- Verify access control profile ids are unique.
- Do not let empty name space to mess up beginAddEntry.
- Do not allow beginAddEntry to add entries interleaving namespace
groupings. Enforce all entries must be added in namespace "groups"
per aidl.
- Fix counting error that allowed one entries to be added per name
space than startPersonalization limit.
- Do not approve finishAddingEntries if there are more profiles or
entries to be added than startPersonalization set accounting.
- Add testing utilities library for identity credential.
- Refactored end to end tests.
Test: atest VtsHalIdentityTargetTest
Test: atest android.security.identity.cts
Change-Id: I51902681776c6230e49589fc75a8145e79d7d1a6
This change contains no actual syntactical or semantic changes, just
clarifications on the inputs and outputs.
Test: N/A
Bug: 151082886
Merged-In: I794b8d0360c1eda37b4dbe757d7a7fadcbdda7bc
Change-Id: I5ad596ec0fa4dac7473d8fd435f538dbb5529846
This change contains no actual syntactical or semantic changes, just
clarifications on the inputs and outputs.
Test: N/A
Bug: 151082886
Change-Id: I794b8d0360c1eda37b4dbe757d7a7fadcbdda7bc
AIDL interfaces which are vintf-stable have to be frozen in release.
But these interfaces have been never frozen, so freeze them.
- android.hardware.power
- android.hardware.identity
- android.hardware.keymaster
- android.hardware.vibrator
- android.hardware.light
- android.hardware.tests.extension.vibrator
Bug: 153500421
Bug: 153500550
Bug: 153511407
Bug: 153500549
Bug: 153501107
Bug: 153501202
Test: m
Change-Id: I643c25fc695f9d1e874dcceb327d465c49e9cab6
Merged-In: I643c25fc695f9d1e874dcceb327d465c49e9cab6
AIDL interfaces which are vintf-stable have to be frozen in release.
But these interfaces have been never frozen, so freeze them.
- android.hardware.power
- android.hardware.identity
- android.hardware.keymaster
- android.hardware.vibrator
- android.hardware.light
- android.hardware.tests.extension.vibrator
Bug: 153500421
Bug: 153500550
Bug: 153511407
Bug: 153500549
Bug: 153501107
Bug: 153501202
Test: m
Change-Id: I643c25fc695f9d1e874dcceb327d465c49e9cab6
All aidl_interface modules should by default considered as stable, in
case it is used across system and vendor partitions, or across modules.
Like other API surfaces, we need to have a dump for the current
(yet-to-be-released) version and update it when there is an API change.
This is done via .
Then the owner of the interface can freeze the current version as a
numbered version via .
This change shal be rejected only when the owner is certain that the
interface is not used across the updatable boundaries.
Bug: 152655547
Test: m
Change-Id: Ia633e3a143b35626c59b2447c38c1710ee270f0c
Merged-In: Ia633e3a143b35626c59b2447c38c1710ee270f0c
Bug: 151896491
Test: local build
Exempt-From-Owner-Approval: This CL update suite name vts-core to vts as
the suite name is updated. This CL won't change test logic or behavior.
Change-Id: I562b4dc50765e953800a814a8fd84a01c1b9352b
Merged-In: I562b4dc50765e953800a814a8fd84a01c1b9352b
Bug: 151896491
Test: local build
Exempt-From-Owner-Approval: This CL update suite name vts-core to vts as
the suite name is updated. This CL won't change test logic or behavior.
Change-Id: I562b4dc50765e953800a814a8fd84a01c1b9352b
Merged-In: I562b4dc50765e953800a814a8fd84a01c1b9352b
All aidl_interface modules should by default considered as stable, in
case it is used across system and vendor partitions, or across modules.
Like other API surfaces, we need to have a dump for the current
(yet-to-be-released) version and update it when there is an API change.
This is done via .
Then the owner of the interface can freeze the current version as a
numbered version via .
This change shal be rejected only when the owner is certain that the
interface is not used across the updatable boundaries.
Bug: 152655547
Test: m
Change-Id: Ia633e3a143b35626c59b2447c38c1710ee270f0c
In native world, byte stream is typically represented in uint8_t[]
or vector<uint8_t>. C++ backend already generates that way. This
change involves NDK backend.
Now NDK backend also uses vector<uint8_t> just like C++ backend.
Bug: 144957764
Test: atest CtsNdkBinderTestCases
Merged-In: I8de348b57cf92dd99b3ee16252f56300ce5f4683
Change-Id: I8de348b57cf92dd99b3ee16252f56300ce5f4683
(cherry picked from commit 9070318462)
Exempt-From-Owner-Approval: cp from internal
The problem was that VtsHalIdentityTargetTest was dynamically linking
libraries that (currently) only are pulled in by the default IC HAL
implementaiton. This caused linking problems when copying
VtsHalIdentityTargetTest onto a device a running it.
Fix this by only dynamically linking libbinder and libcrypto.
Bug: 150475275
Test: VtsHalIdentityTargetTest runs on a device without Identity Credential.
Merged-In: I4162cc81ade0373c31c96008f3a2bc95684fd2c2
Change-Id: I7a55a6e602b9902bd725190aa5631644f7639b95
The implementation of the Identity Credential TA in constrained
environments may need to incrementally update the HMAC-SHA256 of
DeviceAuthencation CBOR to avoid keeping the entire CBOR structure in
memory. To do this they need to calculate the derived key before
starting to build the CBOR so they need access to the signingKey
earlier on.
Bug: 150390415
Test: atest android.security.identity.cts
Test: VtsHalIdentityTargetTest
Merged-In: I72ad30ec3ccec0b8161cbea360ef8c9212f8cbbc
Change-Id: I95e28dd46b35bc31dec8d77ee14b5a1b3b5c0391
The problem was that VtsHalIdentityTargetTest was dynamically linking
libraries that (currently) only are pulled in by the default IC HAL
implementaiton. This caused linking problems when copying
VtsHalIdentityTargetTest onto a device a running it.
Fix this by only dynamically linking libbinder and libcrypto.
Bug: 150475275
Test: VtsHalIdentityTargetTest runs on a device without Identity Credential.
Change-Id: I4162cc81ade0373c31c96008f3a2bc95684fd2c2
The implementation of the Identity Credential TA in constrained
environments may need to incrementally update the HMAC-SHA256 of
DeviceAuthencation CBOR to avoid keeping the entire CBOR structure in
memory. To do this they need to calculate the derived key before
starting to build the CBOR so they need access to the signingKey
earlier on.
Bug: 150390415
Test: atest android.security.identity.cts
Test: VtsHalIdentityTargetTest
Change-Id: I72ad30ec3ccec0b8161cbea360ef8c9212f8cbbc
This includes add a partial types-only HAL for KeyMaster for
HardwareAuthToken.
Bug: 111446262
Test: atest android.security.identity.cts
Test: VtsHalIdentityTargetTest
Test: android.hardware.identity-support-lib-test
Change-Id: I7a6254d33200bfd62269aed1957cbb2a84b16272
Since the attestation format includes the applicationId, we need this
to be passed from credstore. Also clarify other requirements about
what needs to be in the attestation data.
Bug: 111446262
Test: atest android.security.identity.cts
Test: VtsHalIdentityCredentialTargetTest
Test: android.hardware.identity-support-lib-test
Change-Id: I623849bd61e55752a573002dc7a97c6658d94c91
IIdentityCredentialStore provides an interface to a secure store for
user identity documents. This HAL is deliberately fairly general and
abstract. To the extent possible, specification of the message
formats and semantics of communication with credential verification
devices and issuing authorities (IAs) is out of scope for this HAL.
It provides the interface with secure storage but a
credential-specific Android application will be required to implement
the presentation and verification protocols and processes appropriate
for the specific credential type.
Bug: 111446262
Test: VtsHalIdentityCredentialTargetTest
Test: android.hardware.identity-support-lib-test
Test: CtsIdentityTestCases
Change-Id: I64eb50114d645dd475012ad1b889d2177aaf1d37