Enforce 128-byte limit for attestation challenge

This commit aligns the simulator's behavior with the Android Keymaster/KeyMint specification by enforcing a maximum length of 128 bytes for the attestation challenge.
Previously, the simulator accepted attestation challenges of arbitrary length during `generateKey`. This discrepancy allowed detection tools to identify the emulated environment by intentionally sending an oversized challenge (e.g., > 128 bytes) and observing that it was accepted instead of rejected.
The implementation now validates the size of the `TAG_ATTESTATION_CHALLENGE` parameter. If the challenge exceeds the limit, the transaction is intercepted, and a `ServiceSpecificException` is constructed manually via Binder (using the `EX_SERVICE_SPECIFIC` header) to return the `INVALID_INPUT_LENGTH` (-21) error code. This matches the error code and Binder-visible behavior defined by the KeyMint specification.

See AOSP source for the length constraint and error definition:
https://cs.android.com/android/platform/superproject/main/+/main:system/keymaster/android_keymaster/android_keymaster.cpp;l=330
https://cs.android.com/android/platform/superproject/main/+/main:system/keymaster/km_openssl/attestation_record.cpp;l=257
https://cs.android.com/android/platform/superproject/main/+/main:hardware/interfaces/security/keymint/aidl/android/hardware/security/keymint/ErrorCode.aidl;l=48

Author: XiaoTong6666

app/src/main/java/org/matrix/TEESimulator/interception/keystore/InterceptorUtils.kt

@@ -96,4 +96,39 @@ object InterceptorUtils {
     fun hasException(reply: Parcel): Boolean {
         return runCatching { reply.readException() }.exceptionOrNull() != null
     }
+
+    /**
+     * Creates an `OverrideReply` containing a ServiceSpecificException encoded in a Parcel.
+     *
+     * This method is used to return KeyMint/Keymaster error codes directly through Binder, such as
+     * `ErrorCode.INVALID_INPUT_LENGTH` (-21), so that the caller observes the same exception
+     * behavior as with a real KeyMint HAL implementation.
+     *
+     * @param errorCode KeyMint error code to return (for example, -21 for INVALID_INPUT_LENGTH).
+     * @param message Optional error message associated with the error code.
+     */
+    fun createErrorReply(
+        errorCode: Int,
+        message: String?,
+    ): BinderInterceptor.TransactionResult.OverrideReply {
+        val parcel = Parcel.obtain()
+        try {
+            // Write a ServiceSpecificException into the Parcel.
+            // Parcel.EX_SERVICE_SPECIFIC is defined as -8.
+            // The layout is:
+            //   int    exceptionCode (EX_SERVICE_SPECIFIC)
+            //   int    serviceSpecificErrorCode
+            //   String errorMessage
+            parcel.writeInt(-8)
+            parcel.writeInt(errorCode)
+            parcel.writeString(message)
+        } catch (e: Exception) {
+            parcel.recycle()
+            throw e
+        }
+
+        // The returned Parcel will be written to the Binder reply by BinderInterceptor.
+        // On the client side, this will be decoded and rethrown as a ServiceSpecificException.
+        return BinderInterceptor.TransactionResult.OverrideReply(parcel)
+    }
 }

app/src/main/java/org/matrix/TEESimulator/interception/keystore/shim/KeyMintSecurityLevelInterceptor.kt

@@ -229,6 +229,19 @@ class KeyMintSecurityLevelInterceptor(
                 )
                 val params = data.createTypedArray(KeyParameter.CREATOR)!!
                 val parsedParams = KeyMintAttestation(params)
+                // Validate the length of TAG_ATTESTATION_CHALLENGE.
+                // The Android KeyMint / KeyStore specification defines a maximum length of
+                // 128 bytes for the attestation challenge.
+                // If the provided challenge exceeds this limit, the operation must fail with
+                // ErrorCode.INVALID_INPUT_LENGTH (-21).
+                val challenge = parsedParams.attestationChallenge
+                if (challenge != null && challenge.size > 128) {
+                    SystemLogger.info(
+                        "Rejecting generateKey: attestation challenge length exceeds 128 bytes (${challenge.size})."
+                    )
+                    // Return INVALID_INPUT_LENGTH as defined by the KeyMint error codes.
+                    return InterceptorUtils.createErrorReply(-21, "Attestation challenge too large")
+                }
                 val keyId = KeyIdentifier(callingUid, keyDescriptor.alias)
                 val isAttestKeyRequest =
                     parsedParams.purpose.size == 1 &&