Identity Credential: Apply changes identified in API review.
Bug: 150817385
Test: atest android.security.identity.cts
Change-Id: I4e005fa7a81ef363a80278224bb706441dad2241
diff --git a/api/current.txt b/api/current.txt
index 04f9688..0a460b7 100644
--- a/api/current.txt
+++ b/api/current.txt
@@ -17581,9 +17581,7 @@
ctor @Deprecated public FingerprintManager.CryptoObject(@NonNull java.security.Signature);
ctor @Deprecated public FingerprintManager.CryptoObject(@NonNull javax.crypto.Cipher);
ctor @Deprecated public FingerprintManager.CryptoObject(@NonNull javax.crypto.Mac);
- ctor @Deprecated public FingerprintManager.CryptoObject(@NonNull android.security.identity.IdentityCredential);
method @Deprecated public javax.crypto.Cipher getCipher();
- method @Deprecated @Nullable public android.security.identity.IdentityCredential getIdentityCredential();
method @Deprecated public javax.crypto.Mac getMac();
method @Deprecated public java.security.Signature getSignature();
}
@@ -41247,7 +41245,7 @@
ctor public PersonalizationData.Builder();
method @NonNull public android.security.identity.PersonalizationData.Builder addAccessControlProfile(@NonNull android.security.identity.AccessControlProfile);
method @NonNull public android.security.identity.PersonalizationData build();
- method @NonNull public android.security.identity.PersonalizationData.Builder setEntry(@NonNull String, @NonNull String, @NonNull java.util.Collection<android.security.identity.AccessControlProfileId>, @NonNull byte[]);
+ method @NonNull public android.security.identity.PersonalizationData.Builder putEntry(@NonNull String, @NonNull String, @NonNull java.util.Collection<android.security.identity.AccessControlProfileId>, @NonNull byte[]);
}
public abstract class ResultData {
@@ -41255,7 +41253,7 @@
method @Nullable public abstract byte[] getEntry(@NonNull String, @NonNull String);
method @Nullable public abstract java.util.Collection<java.lang.String> getEntryNames(@NonNull String);
method @Nullable public abstract byte[] getMessageAuthenticationCode();
- method @NonNull public abstract java.util.Collection<java.lang.String> getNamespaceNames();
+ method @NonNull public abstract java.util.Collection<java.lang.String> getNamespaces();
method @Nullable public abstract java.util.Collection<java.lang.String> getRetrievedEntryNames(@NonNull String);
method @NonNull public abstract byte[] getStaticAuthenticationData();
method public abstract int getStatus(@NonNull String, @NonNull String);
diff --git a/core/java/android/hardware/fingerprint/FingerprintManager.java b/core/java/android/hardware/fingerprint/FingerprintManager.java
index 16f9688..eb99a60 100644
--- a/core/java/android/hardware/fingerprint/FingerprintManager.java
+++ b/core/java/android/hardware/fingerprint/FingerprintManager.java
@@ -126,10 +126,6 @@
super(mac);
}
- public CryptoObject(@NonNull IdentityCredential credential) {
- super(credential);
- }
-
/**
* Get {@link Signature} object.
* @return {@link Signature} object or null if this doesn't contain one.
@@ -157,8 +153,9 @@
/**
* Get {@link IdentityCredential} object.
* @return {@link IdentityCredential} object or null if this doesn't contain one.
+ * @hide
*/
- public @Nullable IdentityCredential getIdentityCredential() {
+ public IdentityCredential getIdentityCredential() {
return super.getIdentityCredential();
}
}
diff --git a/identity/java/android/security/identity/CredstoreResultData.java b/identity/java/android/security/identity/CredstoreResultData.java
index ef7afca..2ef735e 100644
--- a/identity/java/android/security/identity/CredstoreResultData.java
+++ b/identity/java/android/security/identity/CredstoreResultData.java
@@ -66,7 +66,7 @@
}
@Override
- public @NonNull Collection<String> getNamespaceNames() {
+ public @NonNull Collection<String> getNamespaces() {
return Collections.unmodifiableCollection(mData.keySet());
}
diff --git a/identity/java/android/security/identity/CredstoreWritableIdentityCredential.java b/identity/java/android/security/identity/CredstoreWritableIdentityCredential.java
index 335636c..725e3d8 100644
--- a/identity/java/android/security/identity/CredstoreWritableIdentityCredential.java
+++ b/identity/java/android/security/identity/CredstoreWritableIdentityCredential.java
@@ -105,11 +105,11 @@
n++;
}
- Collection<String> namespaceNames = personalizationData.getNamespaceNames();
+ Collection<String> namespaces = personalizationData.getNamespaces();
- EntryNamespaceParcel[] ensParcels = new EntryNamespaceParcel[namespaceNames.size()];
+ EntryNamespaceParcel[] ensParcels = new EntryNamespaceParcel[namespaces.size()];
n = 0;
- for (String namespaceName : namespaceNames) {
+ for (String namespaceName : namespaces) {
PersonalizationData.NamespaceData nsd =
personalizationData.getNamespaceData(namespaceName);
diff --git a/identity/java/android/security/identity/IdentityCredential.java b/identity/java/android/security/identity/IdentityCredential.java
index bd43919..1db2f63 100644
--- a/identity/java/android/security/identity/IdentityCredential.java
+++ b/identity/java/android/security/identity/IdentityCredential.java
@@ -209,6 +209,11 @@
* <p>Note that only items referenced in {@code entriesToRequest} are returned - the
* {@code requestMessage} parameter is only used to for enforcing reader authentication.
*
+ * <p>The reason for having {@code requestMessage} and {@code entriesToRequest} as separate
+ * parameters is that the former represents a request from the remote verifier device
+ * (optionally signed) and this allows the application to filter the request to not include
+ * data elements which the user has not consented to sharing.
+ *
* @param requestMessage If not {@code null}, must contain CBOR data conforming to
* the schema mentioned above.
* @param entriesToRequest The entries to request, organized as a map of namespace
diff --git a/identity/java/android/security/identity/PersonalizationData.java b/identity/java/android/security/identity/PersonalizationData.java
index 44370a1..b34f250 100644
--- a/identity/java/android/security/identity/PersonalizationData.java
+++ b/identity/java/android/security/identity/PersonalizationData.java
@@ -46,7 +46,7 @@
return Collections.unmodifiableCollection(mProfiles);
}
- Collection<String> getNamespaceNames() {
+ Collection<String> getNamespaces() {
return Collections.unmodifiableCollection(mNamespaces.keySet());
}
@@ -120,7 +120,7 @@
* @param value The value to add, in CBOR encoding.
* @return The builder.
*/
- public @NonNull Builder setEntry(@NonNull String namespace, @NonNull String name,
+ public @NonNull Builder putEntry(@NonNull String namespace, @NonNull String name,
@NonNull Collection<AccessControlProfileId> accessControlProfileIds,
@NonNull byte[] value) {
NamespaceData namespaceData = mData.mNamespaces.get(namespace);
diff --git a/identity/java/android/security/identity/ResultData.java b/identity/java/android/security/identity/ResultData.java
index 0982c8a..13552d6 100644
--- a/identity/java/android/security/identity/ResultData.java
+++ b/identity/java/android/security/identity/ResultData.java
@@ -152,7 +152,7 @@
* @return collection of name of namespaces containing retrieved entries. May be empty if no
* data was retrieved.
*/
- public abstract @NonNull Collection<String> getNamespaceNames();
+ public abstract @NonNull Collection<String> getNamespaces();
/**
* Get the names of all entries.
@@ -196,8 +196,7 @@
* @param name the name of the entry to get the value for.
* @return the status indicating whether the value was retrieved and if not, why.
*/
- @Status
- public abstract int getStatus(@NonNull String namespaceName, @NonNull String name);
+ public abstract @Status int getStatus(@NonNull String namespaceName, @NonNull String name);
/**
* Gets the raw CBOR data for the value of an entry.