If the device retrieval mdoc request contains an incorrect version number, the mdoc doesn't communicate the correct status code in the DeviceResponse

[vaimut]

Expected Behavior

1)If the device retrieval mdoc request from the verifier contains an incorrect version number i.e 1.1 2) The mdoc should communicates the correct status code which is 10 or 12 without document key pair in the DeviceResponse by validating against the major version number as per ISO 18013-5 (8.1 Encoding of data structures and data elements)

Actual Behaviour

1)The validation of version number doesn't takes place properly 2) successful engagement takes place with status code as 0 and document key pair is present with empty array

Steps to Reproduce the Problem

1. Perform device engagement using QR code or NFC and set up BLE for device retrieval
2. Generate a DeviceRequest message with version number as 1.1 which doesn't matches the major version number as per ISO 18013

Specifications

• Version: Android 10(Quince Tart)
• Platform: Android

[davidz25]

Yeah, I believe we don't have proper error checking here... as we get around to adding support for 18013-7 (which will have a version number > 1.0) we'll get around to fixing this.

[davidz25]

I think the library supports everything you need, that is

• DeviceRequestParser.DeviceRequest has a getVersion() method which conveys the version string in DeviceRequest CBOR
• DeviceResponseGenerator has a way for the application to set the status code which will appear in the DeviceResponse CBOR

Our reference mdoc app however is always using DEVICE_RESPONSE_STATUS_OK. We should fix that so it's returning DEVICE_RESPONSE_STATUS_GENERAL_ERROR (status 10) if version isn't "1.0" or "1.1".