Android 14 VSR no longer requires Identity Credential at feature
version 202301 or later. Remove the test which was added to verify
this.
Test: m
Bug: 249767070
Change-Id: Id767e7b9ee97a30741899afcec6895f57993642e
The AIDL said "one year in the future (365 days)" which is not a
constant amount of time given that leap years and leap seconds may
exist. Change this to be a constant amount of seconds instead.
Bug: 271948315
Test: atest VtsHalIdentityTargetTest
Change-Id: I324a809900feb898d2343e02066f2fb237a46e86
This adds a new method which allows applications to use mdoc ECDSA
authentication instead of mdoc MAC authentication. Additionally, also
relax requirements on SessionTranscript so the APIs can be used even
when mdoc session encryption isn't being used.
Also add new VTS test to check for this.
Since this is new API, bump API version to 5 and the Identity
Credential feature version to 202301.
Bug: 241912421
Test: atest VtsHalIdentityTargetTest
Test: atest android.security.identity.cts
Change-Id: I4085a89be0382c10f5449e13c6a92a46c74c225d
V5 was a temporary version, to handle mismatched import versions,
but now that the temporary version (and differences) are removed,
it's causing an error.
Bug: 259146177
Change-Id: I0595c4e414701918a6f51128bbbb596633330c4c
Test: N/A
Android 14 VSR requires Identity Credential at feature version 202301
or later. This adds a test which verifies this.
Also bump the feature version of the default implementation to 202301.
Bug: 249767070
Test: atest IdentityCredentialImplementedTest
Change-Id: Ifdbaba764e457ceb84fe6347c9992608ed4ba651
Import versions are changed, but the build system
doesn't currently have a way to recognize this.
Adding an extra bug enum for now, to be reverted,
until the build support lands.
Bug: 231903487
Bug: 254774724
Test: N/A
Change-Id: I3d0231e9d69cf95a028e47b7a9fe557910f6b45a
Imported interfaces are versioned, i.e. bumping an interface version
necessiates bumping the version of importing interfaces.
Keystore and Identity import KM. We are uprevving KM, so all three need
to be bumped at the same time.
Test: m
Change-Id: I46b253e72f2f245bd628ed2ae1f2f4e0572827e7
In the reference implementation of the identity function, there are two places where the memory requested in the openssl algorithm is not released. This memory should be freed.
Test: Vts/Cts
Bug: 242927524
Change-Id: I88ffba39cb6ec887f395122e4670bf9f1a2d8e12
Some are still in VNDK because they are used in other VNDK libs.
Ignore-AOSP-First: some libs are still in internal master only.
Bug: 234181591
Test: m
Merged-In: If999df9c78a20df931177da11742b1c5de19bc08
Change-Id: If999df9c78a20df931177da11742b1c5de19bc08
(cherry picked from commit 5527adfd7f)
Android 13 will be API level 32, not API level 31.
Bug: None
Test: atest IdentityCredentialImplementedTest
Change-Id: I1102970895b9a0fdf9ec7178b42d33c66bfe7616
Chipsets launching with Android 13 must support Identity Credential at
feature version 202201 or later. Verify this.
Bug: 217197568
Test: atest IdentityCredentialImplementedTest
Change-Id: Icddb2c63571a4a69213bd9796ba78f5b384f7d5d
Revert "Add dependency on keymint cpp lib"
Revert "Allow default identity service to call keymint"
Revert submission 1956689-add rkp to identity-default
Reason for revert: Broke git-master. Will resubmit later.
Reverted Changes:
I96dcf3027:Add remote key provisioning to the IC HAL
Id686ac33a:Add dependency on keymint cpp lib
Ib368a2a00:Log to logd in the default identity service
I7d2906de0:Refactor IC support for RKP
Iae0f14f1c:Fix formatting of identity credential aidl
I01d086a4b:Allow default identity service to call keymint
Change-Id: I36a012ca72d7b214bde813fd3a1c08a99101f607
Revert "Add dependency on keymint cpp lib"
Revert "Allow default identity service to call keymint"
Revert submission 1956689-add rkp to identity-default
Reason for revert: Broke git-master. Will resubmit later.
Reverted Changes:
I96dcf3027:Add remote key provisioning to the IC HAL
Id686ac33a:Add dependency on keymint cpp lib
Ib368a2a00:Log to logd in the default identity service
I7d2906de0:Refactor IC support for RKP
Iae0f14f1c:Fix formatting of identity credential aidl
I01d086a4b:Allow default identity service to call keymint
Change-Id: I051e97b4b7ec8c060b46de42092c049f12379ea5
Revert "Add dependency on keymint cpp lib"
Revert "Allow default identity service to call keymint"
Revert submission 1956689-add rkp to identity-default
Reason for revert: Broke git-master. Will resubmit later.
Reverted Changes:
I96dcf3027:Add remote key provisioning to the IC HAL
Id686ac33a:Add dependency on keymint cpp lib
Ib368a2a00:Log to logd in the default identity service
I7d2906de0:Refactor IC support for RKP
Iae0f14f1c:Fix formatting of identity credential aidl
I01d086a4b:Allow default identity service to call keymint
Change-Id: I76a898c04090c5befe5fb5a5d07ec2e397fdd8b3
The IIdentityCredentialStore can now advertise the correct
IRemotelyProvisionedComponent that is used for getting remotely
provisioned attestation keys.
IWritableIdentityCredential has a new method so it can accept remotely
provisioned keys.
Update the VTS tests to check the new RKP functionality.
Support RKP in the default identity cred service
Test: VtsHalIdentityTargetTest
Bug: 194696876
Change-Id: I96dcf3027e0f21790c35900ddf8cc0953bd3b1ca
This allows us to see logs in logcat for the default service.
Test: VtsHalIdentityTargetTest
Bug: 194696876
Change-Id: Ib368a2a0021f72b457fc5e4717e34bb696dfb0fb
Fix formatting errors to keep file in compliance with the aidl style.
This allows the aidl to pass the presubmit hook.
Test: n/a
Change-Id: Iae0f14f1c0662c862d658b38465467f7f8e036ec
This new IPresentationSession interface enables an application to do a
multi-document presentation, something which isn't possible with the
existing API. As a practical example of this consider presenting both
your Mobile Driving License and your Vaccination Certificate in a single
transaction.
Bug: 197965513
Test: New CTS tests and new screen in CtsVerifier
Change-Id: I11712dca35df7f1224debf454731bc17ea9bfb37
1. Add input parameter buffer size for CBOR data encoding
because Nugget OS protobuf buffer is not null terminated.
2. Modify some libeic APIs to align with NoS libeic.
Bug: 198403263
Test: atest VtsHalIdentityTargetTest
atest android.security.identity.cts
Change-Id: I9bc3689da2571c0925972f33b7314cbaaad0e28d
The ndk_platform backend will soon be deprecated because the ndk backend
can serve the same purpose. This is to eliminate the confusion about
having two variants (ndk and ndk_platform) for the same 'ndk' backend.
Bug: 161456198
Test: m
Change-Id: Ibe8beeaf0d1b33968fb782f1f70c17ae9e9bf871
Also add a new libeic_test binary which has a regression test for this
vulnerability.
Bug: 190757775
Test: atest libeic_test
Test: atest VtsHalIdentityTargetTest
Test: atest CtsIdentityTestCases
Merged-In: I8344655c59930d6bf1baa4e0f8d0f60e4fc9e48d
Change-Id: I8344655c59930d6bf1baa4e0f8d0f60e4fc9e48d
Also add a new libeic_test binary which has a regression test for this
vulnerability.
Bug: 190757775
Test: atest libeic_test
Test: atest VtsHalIdentityTargetTest
Test: atest CtsIdentityTestCases
Change-Id: I8344655c59930d6bf1baa4e0f8d0f60e4fc9e48d
