Add support for passphrases.

Intodouce PassphraseConstraints class which can be used to specify
details about a passphrase, for example whether all characters are
numerical and the min/max length. This is helpful when e.g. the
passphrase is always a six-digit PIN because it allows the application
to present an UI/UX optimized towards that. Add support for this in
SoftwareSecureArea.

Introduce applyConfiguration() method on builders for classes derived
from CreateKeystoreSettings to allow the issuer to specify
configuration of how to create a key.

Add a requireUserAuthenticationToViewDocument setting to
DocumentConfiguration so the issuer can specify if they want the user
to authenticate in order to view document data. Enforce it in the
wallet app. For now just require LSKF/biometric authentication, in
the future we can use other methods as well.

Add new evidence type for having the user create a passphrase/PIN,
using PassphraseConstraints.

In the wallet app, rename some types to properly reflect the reality
of the recent Credential->Document and AuthenticationKey->Credential
rename. When in developer mode, add a number of extra screens to the
provisioning of an mDL including which Secure Area to use (Android
Keystore or Software), whether to use StrongBox (if using Android
Keystore), the passphrase/PIN (if using Software), and mdoc
authentication mode and curve.

Other minor fixes/changes

- rename dataItem to toDataItem on CertificateChain, for consistency
- use mutableState for evidenceRequest
- fix focus bug in MultipleChoice evidence request

Test: Manually tested and all unit tests pass.
Signed-off-by: David Zeuthen <zeuthen@google.com>

Author: davidz25

appholder/src/main/java/com/android/identity/wallet/util/ProvisioningUtil.kt

@@ -203,7 +203,7 @@ class ProvisioningUtil private constructor(
                     unprotectedHeaders = mapOf(
                         Pair(
                             CoseNumberLabel(Cose.COSE_LABEL_X5CHAIN),
-                            CertificateChain(listOf(Certificate(issuerCert.encoded))).dataItem
+                            CertificateChain(listOf(Certificate(issuerCert.encoded))).toDataItem
                         )
                     ),
                 ).toDataItem

identity-android/src/androidTest/java/com/android/identity/android/mdoc/deviceretrieval/DeviceRetrievalHelperTest.kt

@@ -195,7 +195,7 @@ class DeviceRetrievalHelperTest {
         )
         val unprotectedHeaders = java.util.Map.of<CoseLabel, DataItem>(
             CoseNumberLabel(Cose.COSE_LABEL_X5CHAIN),
-            CertificateChain(java.util.List.of(mDocumentSignerCert)).dataItem
+            CertificateChain(java.util.List.of(mDocumentSignerCert)).toDataItem
         )
         val encodedIssuerAuth = encode(
             coseSign1Sign(

identity-android/src/main/java/com/android/identity/android/securearea/AndroidKeystoreCreateKeySettings.kt

@@ -1,6 +1,7 @@
 package com.android.identity.android.securearea
 
 import android.os.Build
+import com.android.identity.cbor.DataItem
 import com.android.identity.crypto.EcCurve
 import com.android.identity.securearea.CreateKeySettings
 import com.android.identity.securearea.KeyPurpose
@@ -70,6 +71,33 @@ class AndroidKeystoreCreateKeySettings private constructor(
         private var validFrom: Timestamp? = null
         private var validUntil: Timestamp? = null
 
+        /**
+         * Apply settings from configuration object.
+         *
+         * @param configuration configuration from a CBOR map.
+         * @return the builder.
+         */
+        fun applyConfiguration(configuration: DataItem) = apply {
+            var userAutenticationRequired = false
+            var userAuthenticationTimeoutMillis = 0L
+            var userAuthenticationTypes = setOf<UserAuthenticationType>()
+            for ((key, value) in configuration.asMap) {
+                when (key.asTstr) {
+                    "purposes" -> setKeyPurposes(KeyPurpose.decodeSet(value.asNumber))
+                    "curve" -> setEcCurve(EcCurve.fromInt(value.asNumber.toInt()))
+                    "useStrongBox" -> setUseStrongBox(value.asBoolean)
+                    "userAuthenticationRequired" -> userAutenticationRequired = value.asBoolean
+                    "userAuthenticationTimeoutMillis" -> userAuthenticationTimeoutMillis = value.asNumber
+                    "userAuthenticationTypes" -> userAuthenticationTypes = UserAuthenticationType.decodeSet(value.asNumber)
+                }
+            }
+            setUserAuthenticationRequired(
+                userAutenticationRequired,
+                userAuthenticationTimeoutMillis,
+                userAuthenticationTypes
+            )
+        }
+
         /**
          * Sets the key purpose.
          *

identity-android/src/main/java/com/android/identity/android/securearea/AndroidKeystoreSecureArea.kt

@@ -33,6 +33,7 @@ import com.android.identity.crypto.CertificateChain
 import com.android.identity.crypto.EcCurve
 import com.android.identity.crypto.EcPublicKey
 import com.android.identity.crypto.javaPublicKey
+import com.android.identity.securearea.CreateKeySettings
 import com.android.identity.securearea.KeyInvalidatedException
 import com.android.identity.securearea.KeyLockedException
 import com.android.identity.securearea.KeyPurpose
@@ -574,7 +575,7 @@ class AndroidKeystoreSecureArea(
         map.put("userAuthenticationRequired", settings.userAuthenticationRequired)
         map.put("userAuthenticationTimeoutMillis", settings.userAuthenticationTimeoutMillis)
         map.put("useStrongBox", settings.useStrongBox)
-        map.put("attestation", attestation.dataItem)
+        map.put("attestation", attestation.toDataItem)
         storageEngine.put(PREFIX + alias, Cbor.encode(map.end().build()))
     }
 

identity-mdoc/src/main/java/com/android/identity/mdoc/request/DeviceRequestGenerator.kt

@@ -121,7 +121,7 @@ class DeviceRequestGenerator(
             val unprotectedHeaders = mapOf<CoseLabel, DataItem>(
                 Pair(
                     CoseNumberLabel(Cose.COSE_LABEL_X5CHAIN),
-                    readerKeyCertificateChain.dataItem
+                    readerKeyCertificateChain.toDataItem
                 )
             )
             readerAuth = coseSign1Sign(

identity-mdoc/src/test/java/com/android/identity/mdoc/response/DeviceResponseGeneratorTest.kt

@@ -177,7 +177,7 @@ class DeviceResponseGeneratorTest {
         )
         val unprotectedHeaders = java.util.Map.of<CoseLabel, DataItem>(
             CoseNumberLabel(Cose.COSE_LABEL_X5CHAIN),
-            CertificateChain(java.util.List.of(documentSignerCert)).dataItem
+            CertificateChain(java.util.List.of(documentSignerCert)).toDataItem
         )
         val encodedIssuerAuth = Cbor.encode(
             Cose.coseSign1Sign(

identity/src/main/java/com/android/identity/crypto/CertificateChain.kt

@@ -22,7 +22,7 @@ data class CertificateChain(
      *
      * Use [fromDataItem] to decode the returned data item.
      */
-    val dataItem: DataItem
+    val toDataItem: DataItem
         get() = if (certificates.size == 1) {
             certificates[0].toDataItem
         } else {

identity/src/main/java/com/android/identity/document/DocumentUtil.kt

@@ -43,7 +43,7 @@ object DocumentUtil {
      * from the issuer.
      *
      * @param document the document to manage credentials for.
-     * @param secureArea the secure area to use for new credentials.
+     * @param secureArea the secure area to use for new credentials, must not be null if `dryRun` is false.
      * @param createKeySettings the settings used to create new credentials.
      * @param domain the domain to use for created credentials.
      * @param now the time right now, used for determining which existing credentials to replace.
@@ -56,7 +56,7 @@ object DocumentUtil {
     @JvmStatic
     fun managedCredentialHelper(
         document: Document,
-        secureArea: SecureArea,
+        secureArea: SecureArea?,
         createKeySettings: CreateKeySettings?,
         domain: String,
         now: Timestamp,
@@ -65,6 +65,7 @@ object DocumentUtil {
         minValidTimeMillis: Long,
         dryRun: Boolean
     ): Int {
+        check(dryRun || (secureArea != null && createKeySettings != null))
         // First determine which of the existing credentials need a replacement...
         var numCredentialsNotNeedingReplacement = 0
         var numReplacementsGenerated = 0
@@ -85,7 +86,7 @@ object DocumentUtil {
                     if (!dryRun) {
                         document.createCredential(
                             domain,
-                            secureArea,
+                            secureArea!!,
                             createKeySettings!!,
                             authCredential
                         )
@@ -112,7 +113,7 @@ object DocumentUtil {
                 for (n in 0 until numNonReplacementsToGenerate) {
                     val pendingCredential = document.createCredential(
                         domain,
-                        secureArea,
+                        secureArea!!,
                         createKeySettings!!,
                         null
                     )

identity/src/main/java/com/android/identity/securearea/PassphraseConstraints.kt

@@ -0,0 +1,33 @@
+package com.android.identity.securearea
+
+import com.android.identity.cbor.annotation.CborSerializable
+
+/**
+ * Enumeration used to convey constraints on passphrases and PINs.
+ *
+ * This information is helpful for user interfaces when creating and validating passphrases.
+ *
+ * @param minLength the minimum allowed length of the passphrase.
+ * @param maxLength the maximum allowed length of the passphrase.
+ * @param requireNumerical if `true`, each character in the passphrase must be decimal digits (0-9).
+ */
+@CborSerializable
+data class PassphraseConstraints(
+    val minLength: Int,
+    val maxLength: Int,
+    val requireNumerical: Boolean
+) {
+    companion object {
+        val NONE = PassphraseConstraints(0, Int.MAX_VALUE, false)
+
+        val PIN_FOUR_DIGITS = PassphraseConstraints(4, 4, true)
+        val PIN_FOUR_DIGITS_OR_LONGER = PassphraseConstraints(4, Int.MAX_VALUE, true)
+        val PASSPHRASE_FOUR_CHARS = PassphraseConstraints(4, 4, false)
+        val PASSPHRASE_FOUR_CHARS_OR_LONGER = PassphraseConstraints(4, Int.MAX_VALUE, true)
+
+        val PIN_SIX_DIGITS = PassphraseConstraints(6, 6, true)
+        val PIN_SIX_DIGITS_OR_LONGER = PassphraseConstraints(6, Int.MAX_VALUE, true)
+        val PASSPHRASE_SIX_CHARS = PassphraseConstraints(6, 6, false)
+        val PASSPHRASE_SIX_CHARS_OR_LONGER = PassphraseConstraints(6, Int.MAX_VALUE, true)
+    }
+}

identity/src/main/java/com/android/identity/securearea/software/SoftwareCreateKeySettings.kt

@@ -1,18 +1,23 @@
 package com.android.identity.securearea.software
 
+import com.android.identity.cbor.DataItem
 import com.android.identity.crypto.Algorithm
 import com.android.identity.crypto.CertificateChain
 import com.android.identity.crypto.EcCurve
 import com.android.identity.crypto.EcPrivateKey
+import com.android.identity.securearea.CreateKeySettings
 import com.android.identity.securearea.KeyPurpose
+import com.android.identity.securearea.PassphraseConstraints
+import com.android.identity.securearea.fromDataItem
 import com.android.identity.util.Timestamp
 
 /**
  * Class used to indicate key creation settings for software-backed keys.
  */
-class SoftwareCreateKeySettings private constructor(
+class SoftwareCreateKeySettings internal constructor(
     val passphraseRequired: Boolean,
-    val passphrase: String,
+    val passphrase: String?,
+    val passphraseConstraints: PassphraseConstraints?,
     ecCurve: EcCurve,
     keyPurposes: Set<KeyPurpose>,
     attestationChallenge: ByteArray,
@@ -23,7 +28,7 @@ class SoftwareCreateKeySettings private constructor(
     val attestationKeySignatureAlgorithm: Algorithm?,
     val attestationKeyIssuer: String?,
     val attestationKeyCertification: CertificateChain?,
-) : com.android.identity.securearea.CreateKeySettings(
+) : CreateKeySettings(
     attestationChallenge,
     keyPurposes,
     ecCurve
@@ -34,20 +39,47 @@ class SoftwareCreateKeySettings private constructor(
      * @param attestationChallenge challenge to include in attestation for the key.
      */
     class Builder(
-        private val attestationChallenge: ByteArray,
-        private var keyPurposes: Set<KeyPurpose> = setOf(KeyPurpose.SIGN),
-        private var ecCurve: EcCurve = EcCurve.P256,
-        private var passphraseRequired: Boolean = false,
-        private var passphrase: String? = "",
-        private var subject: String? = null,
-        private var validFrom: Timestamp? = null,
-        private var validUntil: Timestamp? = null,
-        private var attestationKey: EcPrivateKey? = null,
-        private var attestationKeySignatureAlgorithm: Algorithm? = null,
-        private var attestationKeyIssuer: String? = null,
-        private var attestationKeyCertification: CertificateChain? = null
+        private val attestationChallenge: ByteArray
     ) {
-        constructor(challenge: ByteArray) : this(challenge, setOf(KeyPurpose.SIGN))
+        private var keyPurposes: Set<KeyPurpose> = setOf(KeyPurpose.SIGN)
+        private var ecCurve: EcCurve = EcCurve.P256
+        private var passphraseRequired: Boolean = false
+        private var passphrase: String? = null
+        private var passphraseConstraints: PassphraseConstraints? = null
+        private var subject: String? = null
+        private var validFrom: Timestamp? = null
+        private var validUntil: Timestamp? = null
+        private var attestationKey: EcPrivateKey? = null
+        private var attestationKeySignatureAlgorithm: Algorithm? = null
+        private var attestationKeyIssuer: String? = null
+        private var attestationKeyCertification: CertificateChain? = null
+
+        /**
+         * Apply settings from configuration object.
+         *
+         * @param configuration configuration from a CBOR map.
+         * @return the builder.
+         */
+        fun applyConfiguration(configuration: DataItem) = apply {
+            var passphraseRequired = false
+            var passphrase: String? = null
+            var passphraseConstraints: PassphraseConstraints? = null
+            for ((key, value) in configuration.asMap) {
+                when (key.asTstr) {
+                    "purposes" -> setKeyPurposes(KeyPurpose.decodeSet(value.asNumber))
+                    "curve" -> setEcCurve(EcCurve.fromInt(value.asNumber.toInt()))
+                    "passphrase" -> {
+                        passphraseRequired = true
+                        passphrase = value.asTstr
+                    }
+                    "passphraseConstraints" -> {
+                        passphraseRequired = true
+                        passphraseConstraints = PassphraseConstraints.fromDataItem(value)
+                    }
+                }
+            }
+            setPassphraseRequired(passphraseRequired, passphrase, passphraseConstraints)
+        }
 
         /**
          * Sets the attestation key to use for attesting to the key.
@@ -102,12 +134,20 @@ class SoftwareCreateKeySettings private constructor(
          *
          * @param required whether a passphrase is required.
          * @param passphrase the passphrase to use, must not be `null` if `required` is `true`.
+         * @param constraints constraints for the passphrase or `null` if not constrained.
          * @return the builder.
          */
-        fun setPassphraseRequired(required: Boolean, passphrase: String?) = apply {
-            check(!(passphraseRequired && passphrase == null)) { "Passphrase cannot be null if it's required" }
+        fun setPassphraseRequired(
+            required: Boolean,
+            passphrase: String?,
+            constraints: PassphraseConstraints?
+        ) = apply {
+            check(!passphraseRequired || passphrase != null) {
+                "Passphrase cannot be null if passphrase is required"
+            }
             passphraseRequired = required
             this.passphrase = passphrase
+            this.passphraseConstraints = constraints
         }
 
         /**
@@ -141,7 +181,7 @@ class SoftwareCreateKeySettings private constructor(
          */
         fun build(): SoftwareCreateKeySettings =
             SoftwareCreateKeySettings(
-                passphraseRequired, passphrase!!, ecCurve,
+                passphraseRequired, passphrase, passphraseConstraints, ecCurve,
                 keyPurposes, attestationChallenge,
                 subject, validFrom, validUntil,
                 attestationKey, attestationKeySignatureAlgorithm,

identity/src/main/java/com/android/identity/securearea/software/SoftwareKeyInfo.kt

@@ -4,17 +4,20 @@ import com.android.identity.crypto.CertificateChain
 import com.android.identity.crypto.EcPublicKey
 import com.android.identity.securearea.KeyInfo
 import com.android.identity.securearea.KeyPurpose
+import com.android.identity.securearea.PassphraseConstraints
 
 /**
  * Specialization of [KeyInfo] specific to software-backed keys.
  *
  * @param isPassphraseProtected whether the key is passphrase protected.
+ * @param passphraseConstraints constraints on the passphrase, if any.
  */
 class SoftwareKeyInfo internal constructor(
     publicKey: EcPublicKey,
     attestation: CertificateChain,
     keyPurposes: Set<KeyPurpose>,
-    val isPassphraseProtected: Boolean
+    val isPassphraseProtected: Boolean,
+    val passphraseConstraints: PassphraseConstraints?
 ): KeyInfo(
     publicKey,
     attestation,

identity/src/main/java/com/android/identity/securearea/software/SoftwareSecureArea.kt

@@ -28,8 +28,11 @@ import com.android.identity.securearea.KeyLockedException
 import com.android.identity.securearea.KeyPurpose
 import com.android.identity.securearea.KeyPurpose.Companion.encodeSet
 import com.android.identity.securearea.KeyUnlockData
+import com.android.identity.securearea.PassphraseConstraints
 import com.android.identity.securearea.SecureArea
+import com.android.identity.securearea.fromDataItem
 import com.android.identity.securearea.keyPurposeSet
+import com.android.identity.securearea.toDataItem
 import com.android.identity.storage.StorageEngine
 import kotlinx.datetime.Clock
 import kotlinx.datetime.Instant
@@ -82,7 +85,7 @@ class SoftwareSecureArea(private val storageEngine: StorageEngine) : SecureArea
                 val encodedPublicKey = Cbor.encode(privateKey.publicKey.toCoseKey().toDataItem)
                 val secretKey = derivePrivateKeyEncryptionKey(
                     encodedPublicKey,
-                    settings.passphrase
+                    settings.passphrase!!
                 )
                 val cleartextPrivateKey = Cbor.encode(privateKey.toCoseKey().toDataItem)
                 val iv = Random.Default.nextBytes(12)
@@ -150,7 +153,10 @@ class SoftwareSecureArea(private val storageEngine: StorageEngine) : SecureArea
                 }
             }
             mapBuilder.put("publicKey", privateKey.publicKey.toCoseKey().toDataItem)
-            val attestationBuilder = mapBuilder.put("attestation", CertificateChain(certs).dataItem)
+            if (settings.passphraseConstraints != null) {
+                mapBuilder.put("passphraseConstraints", settings.passphraseConstraints.toDataItem)
+            }
+            val attestationBuilder = mapBuilder.put("attestation", CertificateChain(certs).toDataItem)
             attestationBuilder.end()
             storageEngine.put(PREFIX + alias, Cbor.encode(mapBuilder.end().build()))
         } catch (e: Exception) {
@@ -259,7 +265,16 @@ class SoftwareSecureArea(private val storageEngine: StorageEngine) : SecureArea
         val passphraseRequired = map["passphraseRequired"].asBoolean
         val publicKey = map["publicKey"].asCoseKey.ecPublicKey
         val attestation = map["attestation"].asCertificateChain
-        return SoftwareKeyInfo(publicKey, attestation, keyPurposes, passphraseRequired)
+        val passphraseConstraints = map.getOrNull("passphraseConstraints")?.let {
+            PassphraseConstraints.fromDataItem(it)
+        }
+        return SoftwareKeyInfo(
+            publicKey,
+            attestation,
+            keyPurposes,
+            passphraseRequired,
+            passphraseConstraints
+        )
     }
 
     override fun getKeyInvalidated(alias: String): Boolean {

identity/src/main/java/com/android/identity/util/Timestamp.kt

@@ -15,6 +15,9 @@
  */
 package com.android.identity.util
 
+import com.android.identity.cbor.DataItem
+import com.android.identity.cbor.toDataItem
+
 /**
  * Represents a single instant in time. Ideally, we'd use `java.time.Instant`, but we cannot
  * do so until we move to API level 26.