Identity Credential: Apply changes identified in API review.

Bug: 150817385
Test: atest android.security.identity.cts
Merged-In: I4e005fa7a81ef363a80278224bb706441dad2241
Change-Id: I25e09df09e8a56dc7f639b2aa4636af0166d5050

api/current.txt

@@ -18118,9 +18118,7 @@ package android.hardware.fingerprint {
     ctor @Deprecated public FingerprintManager.CryptoObject(@NonNull java.security.Signature);
     ctor @Deprecated public FingerprintManager.CryptoObject(@NonNull javax.crypto.Cipher);
     ctor @Deprecated public FingerprintManager.CryptoObject(@NonNull javax.crypto.Mac);
-    ctor @Deprecated public FingerprintManager.CryptoObject(@NonNull android.security.identity.IdentityCredential);
     method @Deprecated public javax.crypto.Cipher getCipher();
-    method @Deprecated @Nullable public android.security.identity.IdentityCredential getIdentityCredential();
     method @Deprecated public javax.crypto.Mac getMac();
     method @Deprecated public java.security.Signature getSignature();
   }
@@ -42690,7 +42688,7 @@ package android.security.identity {
     ctor public PersonalizationData.Builder();
     method @NonNull public android.security.identity.PersonalizationData.Builder addAccessControlProfile(@NonNull android.security.identity.AccessControlProfile);
     method @NonNull public android.security.identity.PersonalizationData build();
-    method @NonNull public android.security.identity.PersonalizationData.Builder setEntry(@NonNull String, @NonNull String, @NonNull java.util.Collection<android.security.identity.AccessControlProfileId>, @NonNull byte[]);
+    method @NonNull public android.security.identity.PersonalizationData.Builder putEntry(@NonNull String, @NonNull String, @NonNull java.util.Collection<android.security.identity.AccessControlProfileId>, @NonNull byte[]);
   }
 
   public abstract class ResultData {
@@ -42698,7 +42696,7 @@ package android.security.identity {
     method @Nullable public abstract byte[] getEntry(@NonNull String, @NonNull String);
     method @Nullable public abstract java.util.Collection<java.lang.String> getEntryNames(@NonNull String);
     method @Nullable public abstract byte[] getMessageAuthenticationCode();
-    method @NonNull public abstract java.util.Collection<java.lang.String> getNamespaceNames();
+    method @NonNull public abstract java.util.Collection<java.lang.String> getNamespaces();
     method @Nullable public abstract java.util.Collection<java.lang.String> getRetrievedEntryNames(@NonNull String);
     method @NonNull public abstract byte[] getStaticAuthenticationData();
     method public abstract int getStatus(@NonNull String, @NonNull String);

core/java/android/hardware/fingerprint/FingerprintManager.java

@@ -129,10 +129,6 @@ public class FingerprintManager implements BiometricAuthenticator, BiometricFing
             super(mac);
         }
 
-        public CryptoObject(@NonNull IdentityCredential credential) {
-            super(credential);
-        }
-
         /**
          * Get {@link Signature} object.
          * @return {@link Signature} object or null if this doesn't contain one.
@@ -160,8 +156,9 @@ public class FingerprintManager implements BiometricAuthenticator, BiometricFing
         /**
          * Get {@link IdentityCredential} object.
          * @return {@link IdentityCredential} object or null if this doesn't contain one.
+         * @hide
          */
-        public @Nullable IdentityCredential getIdentityCredential() {
+        public IdentityCredential getIdentityCredential() {
             return super.getIdentityCredential();
         }
     }

identity/java/android/security/identity/CredstoreResultData.java

@@ -66,7 +66,7 @@ class CredstoreResultData extends ResultData {
     }
 
     @Override
-    public @NonNull Collection<String> getNamespaceNames() {
+    public @NonNull Collection<String> getNamespaces() {
         return Collections.unmodifiableCollection(mData.keySet());
     }
 

identity/java/android/security/identity/CredstoreWritableIdentityCredential.java

@@ -105,11 +105,11 @@ class CredstoreWritableIdentityCredential extends WritableIdentityCredential {
             n++;
         }
 
-        Collection<String> namespaceNames = personalizationData.getNamespaceNames();
+        Collection<String> namespaces = personalizationData.getNamespaces();
 
-        EntryNamespaceParcel[] ensParcels  = new EntryNamespaceParcel[namespaceNames.size()];
+        EntryNamespaceParcel[] ensParcels  = new EntryNamespaceParcel[namespaces.size()];
         n = 0;
-        for (String namespaceName : namespaceNames) {
+        for (String namespaceName : namespaces) {
             PersonalizationData.NamespaceData nsd =
                     personalizationData.getNamespaceData(namespaceName);
 

identity/java/android/security/identity/IdentityCredential.java

@@ -209,6 +209,11 @@ public abstract class IdentityCredential {
      * <p>Note that only items referenced in {@code entriesToRequest} are returned - the
      * {@code requestMessage} parameter is only used to for enforcing reader authentication.
      *
+     * <p>The reason for having {@code requestMessage} and {@code entriesToRequest} as separate
+     * parameters is that the former represents a request from the remote verifier device
+     * (optionally signed) and this allows the application to filter the request to not include
+     * data elements which the user has not consented to sharing.
+     *
      * @param requestMessage         If not {@code null}, must contain CBOR data conforming to
      *                               the schema mentioned above.
      * @param entriesToRequest       The entries to request, organized as a map of namespace

identity/java/android/security/identity/PersonalizationData.java

@@ -46,7 +46,7 @@ public class PersonalizationData {
         return Collections.unmodifiableCollection(mProfiles);
     }
 
-    Collection<String> getNamespaceNames() {
+    Collection<String> getNamespaces() {
         return Collections.unmodifiableCollection(mNamespaces.keySet());
     }
 
@@ -120,7 +120,7 @@ public class PersonalizationData {
          * @param value                   The value to add, in CBOR encoding.
          * @return The builder.
          */
-        public @NonNull Builder setEntry(@NonNull String namespace, @NonNull String name,
+        public @NonNull Builder putEntry(@NonNull String namespace, @NonNull String name,
                 @NonNull Collection<AccessControlProfileId> accessControlProfileIds,
                 @NonNull byte[] value) {
             NamespaceData namespaceData = mData.mNamespaces.get(namespace);

identity/java/android/security/identity/ResultData.java

@@ -152,7 +152,7 @@ public abstract class ResultData {
      * @return collection of name of namespaces containing retrieved entries. May be empty if no
      *     data was retrieved.
      */
-    public abstract @NonNull Collection<String> getNamespaceNames();
+    public abstract @NonNull Collection<String> getNamespaces();
 
     /**
      * Get the names of all entries.
@@ -196,8 +196,7 @@ public abstract class ResultData {
      * @param name the name of the entry to get the value for.
      * @return the status indicating whether the value was retrieved and if not, why.
      */
-    @Status
-    public abstract int getStatus(@NonNull String namespaceName, @NonNull String name);
+    public abstract @Status int getStatus(@NonNull String namespaceName, @NonNull String name);
 
     /**
      * Gets the raw CBOR data for the value of an entry.