[rkp] Restore the EC_Key from the remotely provisioned key blob
This cl builds EcKey from the decrypted remotely provisioned
key blob inside the service VM.
The restored EC_Key will be used to sign the new certificate to
be appended to the remotely provisioned cert chain using ECDSA.
An implementation of __memset_chk has been added because it is
needed by BoringSSL.
Bug: 241428146
Test: atest libbssl_avf_nostd.test rialto_test
Change-Id: I805c73efa309c01f55eb13a085dcca36f1e39f54
diff --git a/libs/bssl/tests/eckey_test.rs b/libs/bssl/tests/eckey_test.rs
new file mode 100644
index 0000000..a013fba
--- /dev/null
+++ b/libs/bssl/tests/eckey_test.rs
@@ -0,0 +1,25 @@
+// Copyright 2023, The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+use bssl_avf::{EcKey, Result};
+
+#[test]
+fn ec_private_key_serialization() -> Result<()> {
+ let ec_key = EcKey::new_p256()?;
+ let der_encoded_ec_private_key = ec_key.ec_private_key()?;
+ let deserialized_ec_key = EcKey::from_ec_private_key(der_encoded_ec_private_key.as_slice())?;
+
+ assert_eq!(ec_key.cose_public_key()?, deserialized_ec_key.cose_public_key()?);
+ Ok(())
+}