- Add Credential.proveOwership()
- Add Credential.deleteWithChallenge()
- Add Credential.updateCredential()
- Add Credential.storeStaticAuthenticationDataWithExpirationDate()
- Store this on disk. For entries stored without this parameter
assume they never expire.
- Add allowUsingExpiredKeys to Credential.selectAuthKey() and
Credential.getEntries()
- Unless set to true, never select an expired key
- Introduce ERROR_NOT_SUPPORTED and return this if HAL does not
support operation
Bug: 170146643
Test: atest android.security.identity.cts
Change-Id: Ic5dafc6498c9c59b82942def9d348d974f008589
This fixes a bug in credstore where it only worked if a credential
used ACP ids starting at zero and upwards (e.g. no holes). This is not
a reasonable requirement, it just happened to be a bug which wasn't
triggered because all CTS tests uses identifiers starting at 0 with
no holes.
This bug-fix is merged along with a new CTS test to check this bug no
longer exists.
Bug: 160966911
Test: atest android.security.identity.cts
Test: New CTS test testProvisionAcpIdNotStartingAtZero
Change-Id: I58595e6bf5f3ca3f82ebe9291fde54b7cf11e0dd
TEMP_FAILURE_RETRY expects an argument that returns -1 on temporary
failure, not a boolean.
Test: TreeHugger
Change-Id: If8cb4a440e909c4ed7cbfdd34454670b0d5ee045
Exempt-From-Owner-Approval: Janitorial fix
This is needed because the Secure Areas backing the Identity
Credential HAL may exist in a different environment from where the
auth token is minted. In this case, the Secure Area needs a
verification token to make sense of the timestamp in the auth token.
Getting a verification token is an asynchronous operation so change
the binder method used by credstore to be asynchronous as well.
Bug: 156076333
Test: atest VtsHalIdentityTargetTest
Test: atest android.security.identity.cts
Change-Id: Id6cb6812a31d968069b7d72bd2b39b512d38d241
Without this extra information passed upfront it's not practical to
implement a HAL which incrementally builds up cryptographically
authenticated data.
This information is conveyed by using two new methods on version 2 of
the Identity Credential HAL. If these methods are not implemented (if
a version 1 HAL is running) the invocation fails and we handle this
gracefully by just ignoring the error.
Bug: 154631410
Test: atest VtsHalIdentityTargetTest
Test: atest android.security.identity.cts
Change-Id: I17d516e41e800f58daa4c11dcca0305c80740d5b
The implementation of the Identity Credential TA in constrained
environments may need to incrementally update the HMAC-SHA256 of
DeviceAuthencation CBOR to avoid keeping the entire CBOR structure in
memory. To do this they need to calculate the derived key before
starting to build the CBOR so they need access to the signingKey
earlier on. Update credstore to pass the signingKey earlier.
Bug: 150390415
Test: atest android.security.identity.cts
Test: VtsHalIdentityTargetTest
Change-Id: If2479a10f80fba748591c30aa7b8662e1063787e
This was needed because credstore needs to generate and pass the
generated AttestationApplicationId to the Identity Credential HAL.
Bug: 111446262
Test: atest android.security.identity.cts
Test: VtsHalIdentityCredentialTargetTest
Test: android.hardware.identity-support-lib-test
Change-Id: Id22b85ca083e23c7e1fbd3459910fba37a5db137
The results of TEMP_FAILURE_RETRY can be negative in an error
case. But we were assigning it to an unsigned size_t, and
thus our check to see if it was negative would always be false.
We switch to storing this result in a signed ssize_t, so we'll
properly handle a negative return value. As long as we're
never writing more than 2GB (ssize_t max on a 32-bit system),
this shouldn't be a problem.
Test: TreeHugger
Change-Id: I3d417fab7c3ee7557221f9757567379d1b8cb6da
The credstore system daemon is sitting below the Identity Credential
Framework APIs and on top of the Identity Credential HALs. Its main
job is to store credential data and provide a way for applications to
communicate with the secure hardware abstracted by the HAL.
This daemon runs as an unprivileged user, credstore.
The auth-tokens needed by credstore are supplied by keystore and this
CL includes the requisite changes to keystore for this to work.
Bug: 111446262
Test: CTS tests for Framework APIs
Change-Id: Ieb4d59852a143482436a1c418c25ed96e25c0047
