Merge "[rkp] Derive HMAC key from DICE sealing CDI" into main
diff --git a/TEST_MAPPING b/TEST_MAPPING
index 171389b..adf6309 100644
--- a/TEST_MAPPING
+++ b/TEST_MAPPING
@@ -72,6 +72,9 @@
"path": "packages/modules/Virtualization/libs/avb"
},
{
+ "path": "packages/modules/Virtualization/libs/bssl"
+ },
+ {
"path": "packages/modules/Virtualization/libs/capabilities"
},
{
diff --git a/libs/bssl/Android.bp b/libs/bssl/Android.bp
new file mode 100644
index 0000000..9b464c6
--- /dev/null
+++ b/libs/bssl/Android.bp
@@ -0,0 +1,47 @@
+package {
+ default_applicable_licenses: ["Android-Apache-2.0"],
+}
+
+rust_defaults {
+ name: "libbssl_avf_defaults",
+ crate_name: "bssl_avf",
+ srcs: ["src/lib.rs"],
+ prefer_rlib: true,
+ apex_available: [
+ "com.android.virt",
+ ],
+}
+
+rust_library_rlib {
+ name: "libbssl_avf_nostd",
+ defaults: ["libbssl_avf_defaults"],
+ no_stdlibs: true,
+ stdlibs: [
+ "libcompiler_builtins.rust_sysroot",
+ "libcore.rust_sysroot",
+ ],
+ rustlibs: [
+ "libbssl_avf_error_nostd",
+ "libbssl_ffi_nostd",
+ "libcoset_nostd",
+ "libzeroize_nostd",
+ ],
+}
+
+rust_defaults {
+ name: "libbssl_avf_test_defaults",
+ crate_name: "bssl_avf_test",
+ srcs: ["tests/*.rs"],
+ test_suites: ["general-tests"],
+ static_libs: [
+ "libcrypto_baremetal",
+ ],
+}
+
+rust_test {
+ name: "libbssl_avf_nostd.test",
+ defaults: ["libbssl_avf_test_defaults"],
+ rustlibs: [
+ "libbssl_avf_nostd",
+ ],
+}
diff --git a/libs/bssl/TEST_MAPPING b/libs/bssl/TEST_MAPPING
new file mode 100644
index 0000000..a91e8c5
--- /dev/null
+++ b/libs/bssl/TEST_MAPPING
@@ -0,0 +1,9 @@
+// When adding or removing tests here, don't forget to amend _all_modules list in
+// wireless/android/busytown/ath_config/configs/prod/avf/tests.gcl
+{
+ "avf-presubmit" : [
+ {
+ "name" : "libbssl_avf_nostd.test"
+ }
+ ]
+}
\ No newline at end of file
diff --git a/libs/bssl/error/Android.bp b/libs/bssl/error/Android.bp
new file mode 100644
index 0000000..dc2902e
--- /dev/null
+++ b/libs/bssl/error/Android.bp
@@ -0,0 +1,37 @@
+package {
+ default_applicable_licenses: ["Android-Apache-2.0"],
+}
+
+rust_defaults {
+ name: "libbssl_avf_error_defaults",
+ crate_name: "bssl_avf_error",
+ srcs: ["src/lib.rs"],
+ prefer_rlib: true,
+ apex_available: [
+ "com.android.virt",
+ ],
+}
+
+rust_library_rlib {
+ name: "libbssl_avf_error_nostd",
+ defaults: ["libbssl_avf_error_defaults"],
+ no_stdlibs: true,
+ stdlibs: [
+ "libcompiler_builtins.rust_sysroot",
+ "libcore.rust_sysroot",
+ ],
+ rustlibs: [
+ "libserde_nostd",
+ ],
+}
+
+rust_library {
+ name: "libbssl_avf_error",
+ defaults: ["libbssl_avf_error_defaults"],
+ features: [
+ "std",
+ ],
+ rustlibs: [
+ "libserde",
+ ],
+}
diff --git a/libs/bssl/error/src/lib.rs b/libs/bssl/error/src/lib.rs
new file mode 100644
index 0000000..24e5a56
--- /dev/null
+++ b/libs/bssl/error/src/lib.rs
@@ -0,0 +1,59 @@
+// Copyright 2023, The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+//! Errors and relating structs thrown by the BoringSSL wrapper library.
+
+#![cfg_attr(not(feature = "std"), no_std)]
+
+use core::{fmt, result};
+use serde::{Deserialize, Serialize};
+
+/// libbssl_avf result type.
+pub type Result<T> = result::Result<T, Error>;
+
+/// Error type used by libbssl_avf.
+#[derive(Clone, Debug, PartialEq, Eq, Serialize, Deserialize)]
+pub enum Error {
+ /// Failed to invoke a BoringSSL API.
+ CallFailed(ApiName),
+}
+
+impl fmt::Display for Error {
+ fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
+ match self {
+ Self::CallFailed(api_name) => {
+ write!(f, "Failed to invoke the BoringSSL API: {api_name:?}")
+ }
+ }
+ }
+}
+
+/// BoringSSL API names.
+#[allow(missing_docs)]
+#[allow(non_camel_case_types)]
+#[derive(Clone, Copy, Debug, PartialEq, Eq, Serialize, Deserialize)]
+pub enum ApiName {
+ BN_new,
+ BN_bn2bin_padded,
+ CBB_flush,
+ CBB_len,
+ EC_KEY_check_key,
+ EC_KEY_generate_key,
+ EC_KEY_get0_group,
+ EC_KEY_get0_public_key,
+ EC_KEY_marshal_private_key,
+ EC_KEY_new_by_curve_name,
+ EC_POINT_get_affine_coordinates,
+ HMAC,
+}
diff --git a/rialto/src/requests/cbb.rs b/libs/bssl/src/cbb.rs
similarity index 81%
rename from rialto/src/requests/cbb.rs
rename to libs/bssl/src/cbb.rs
index 93cebe4..9b5f7fe 100644
--- a/rialto/src/requests/cbb.rs
+++ b/libs/bssl/src/cbb.rs
@@ -13,6 +13,7 @@
// limitations under the License.
//! Helpers for using BoringSSL CBB (crypto byte builder) objects.
+
use bssl_ffi::{CBB_init_fixed, CBB};
use core::marker::PhantomData;
use core::mem::MaybeUninit;
@@ -21,14 +22,14 @@
/// buffer cannot grow.
pub struct CbbFixed<'a> {
cbb: CBB,
- // The CBB contains a mutable reference to the buffer, disguised as a pointer.
- // Make sure the borrow checker knows that.
+ /// The CBB contains a mutable reference to the buffer, disguised as a pointer.
+ /// Make sure the borrow checker knows that.
_buffer: PhantomData<&'a mut [u8]>,
}
-impl CbbFixed<'_> {
- // Create a new CBB that writes to the given buffer.
- pub fn new(buffer: &mut [u8]) -> Self {
+impl<'a> CbbFixed<'a> {
+ /// Create a new CBB that writes to the given buffer.
+ pub fn new(buffer: &'a mut [u8]) -> Self {
let mut cbb = MaybeUninit::uninit();
// SAFETY: `CBB_init_fixed()` is infallible and always returns one.
// The buffer remains valid during the lifetime of `cbb`.
@@ -39,13 +40,13 @@
}
}
-impl AsRef<CBB> for CbbFixed<'_> {
+impl<'a> AsRef<CBB> for CbbFixed<'a> {
fn as_ref(&self) -> &CBB {
&self.cbb
}
}
-impl AsMut<CBB> for CbbFixed<'_> {
+impl<'a> AsMut<CBB> for CbbFixed<'a> {
fn as_mut(&mut self) -> &mut CBB {
&mut self.cbb
}
diff --git a/libs/bssl/src/digest.rs b/libs/bssl/src/digest.rs
new file mode 100644
index 0000000..47e4aba
--- /dev/null
+++ b/libs/bssl/src/digest.rs
@@ -0,0 +1,50 @@
+// Copyright 2023, The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+//! Wrappers of the digest functions in BoringSSL digest.h.
+
+use bssl_ffi::{EVP_MD_size, EVP_sha256, EVP_sha512, EVP_MD};
+
+/// Message digester wrapping `EVP_MD`.
+#[derive(Clone, Debug)]
+pub struct Digester(pub(crate) &'static EVP_MD);
+
+impl Digester {
+ /// Returns a `Digester` implementing `SHA-256` algorithm.
+ pub fn sha256() -> Self {
+ // SAFETY: This function does not access any Rust variables and simply returns
+ // a pointer to the static variable in BoringSSL.
+ let p = unsafe { EVP_sha256() };
+ // SAFETY: The returned pointer should always be valid and points to a static
+ // `EVP_MD`.
+ Self(unsafe { &*p })
+ }
+
+ /// Returns a `Digester` implementing `SHA-512` algorithm.
+ #[allow(dead_code)]
+ pub fn sha512() -> Self {
+ // SAFETY: This function does not access any Rust variables and simply returns
+ // a pointer to the static variable in BoringSSL.
+ let p = unsafe { EVP_sha512() };
+ // SAFETY: The returned pointer should always be valid and points to a static
+ // `EVP_MD`.
+ Self(unsafe { &*p })
+ }
+
+ /// Returns the digest size in bytes.
+ pub fn size(&self) -> usize {
+ // SAFETY: The inner pointer is fetched from EVP_* hash functions in BoringSSL digest.h
+ unsafe { EVP_MD_size(self.0) }
+ }
+}
diff --git a/rialto/src/requests/ec_key.rs b/libs/bssl/src/ec_key.rs
similarity index 82%
rename from rialto/src/requests/ec_key.rs
rename to libs/bssl/src/ec_key.rs
index 4578526..fdd6f61 100644
--- a/rialto/src/requests/ec_key.rs
+++ b/libs/bssl/src/ec_key.rs
@@ -15,8 +15,9 @@
//! Contains struct and functions that wraps the API related to EC_KEY in
//! BoringSSL.
-use super::cbb::CbbFixed;
+use crate::cbb::CbbFixed;
use alloc::vec::Vec;
+use bssl_avf_error::{ApiName, Error, Result};
use bssl_ffi::{
BN_bn2bin_padded, BN_clear_free, BN_new, CBB_flush, CBB_len, EC_KEY_free, EC_KEY_generate_key,
EC_KEY_get0_group, EC_KEY_get0_public_key, EC_KEY_marshal_private_key,
@@ -26,12 +27,10 @@
use core::ptr::{self, NonNull};
use core::result;
use coset::{iana, CoseKey, CoseKeyBuilder};
-use service_vm_comm::{BoringSSLApiName, RequestProcessingError};
use zeroize::{Zeroize, ZeroizeOnDrop, Zeroizing};
const P256_AFFINE_COORDINATE_SIZE: usize = 32;
-type Result<T> = result::Result<T, RequestProcessingError>;
type Coordinate = [u8; P256_AFFINE_COORDINATE_SIZE];
/// Wrapper of an `EC_KEY` object, representing a public or private EC key.
@@ -52,9 +51,9 @@
let ec_key = unsafe {
EC_KEY_new_by_curve_name(NID_X9_62_prime256v1) // EC P-256 CURVE Nid
};
- let mut ec_key = NonNull::new(ec_key).map(Self).ok_or(
- RequestProcessingError::BoringSSLCallFailed(BoringSSLApiName::EC_KEY_new_by_curve_name),
- )?;
+ let mut ec_key = NonNull::new(ec_key)
+ .map(Self)
+ .ok_or(Error::CallFailed(ApiName::EC_KEY_new_by_curve_name))?;
ec_key.generate_key()?;
Ok(ec_key)
}
@@ -66,7 +65,7 @@
// point to a valid `EC_KEY`.
// The randomness is provided by `getentropy()` in `vmbase`.
let ret = unsafe { EC_KEY_generate_key(self.0.as_ptr()) };
- check_int_result(ret, BoringSSLApiName::EC_KEY_generate_key)
+ check_int_result(ret, ApiName::EC_KEY_generate_key)
}
/// Returns the `CoseKey` for the public key.
@@ -92,7 +91,7 @@
let ret = unsafe {
EC_POINT_get_affine_coordinates(ec_group, ec_point, x.as_mut_ptr(), y.as_mut_ptr(), ctx)
};
- check_int_result(ret, BoringSSLApiName::EC_POINT_get_affine_coordinates)?;
+ check_int_result(ret, ApiName::EC_POINT_get_affine_coordinates)?;
Ok((x.try_into()?, y.try_into()?))
}
@@ -104,9 +103,7 @@
// `EC_KEY` pointer.
unsafe { EC_KEY_get0_public_key(self.0.as_ptr()) };
if ec_point.is_null() {
- Err(RequestProcessingError::BoringSSLCallFailed(
- BoringSSLApiName::EC_KEY_get0_public_key,
- ))
+ Err(Error::CallFailed(ApiName::EC_KEY_get0_public_key))
} else {
Ok(ec_point)
}
@@ -120,7 +117,7 @@
// `EC_KEY` pointer.
unsafe { EC_KEY_get0_group(self.0.as_ptr()) };
if group.is_null() {
- Err(RequestProcessingError::BoringSSLCallFailed(BoringSSLApiName::EC_KEY_get0_group))
+ Err(Error::CallFailed(ApiName::EC_KEY_get0_group))
} else {
Ok(group)
}
@@ -139,18 +136,14 @@
// object, and the key has been allocated by BoringSSL.
unsafe { EC_KEY_marshal_private_key(cbb.as_mut(), self.0.as_ptr(), enc_flags) };
- check_int_result(ret, BoringSSLApiName::EC_KEY_marshal_private_key)?;
+ check_int_result(ret, ApiName::EC_KEY_marshal_private_key)?;
// SAFETY: This is safe because the CBB pointer is a valid pointer initialized with
// `CBB_init_fixed()`.
- check_int_result(unsafe { CBB_flush(cbb.as_mut()) }, BoringSSLApiName::CBB_flush)?;
+ check_int_result(unsafe { CBB_flush(cbb.as_mut()) }, ApiName::CBB_flush)?;
// SAFETY: This is safe because the CBB pointer is initialized with `CBB_init_fixed()`,
// and it has been flushed, thus it has no active children.
let len = unsafe { CBB_len(cbb.as_ref()) };
- Ok(buf
- .get(0..len)
- .ok_or(RequestProcessingError::BoringSSLCallFailed(BoringSSLApiName::CBB_len))?
- .to_vec()
- .into())
+ Ok(buf.get(0..len).ok_or(Error::CallFailed(ApiName::CBB_len))?.to_vec().into())
}
}
@@ -184,9 +177,7 @@
fn new() -> Result<Self> {
// SAFETY: The returned pointer is checked below.
let bn = unsafe { BN_new() };
- NonNull::new(bn)
- .map(Self)
- .ok_or(RequestProcessingError::BoringSSLCallFailed(BoringSSLApiName::BN_new))
+ NonNull::new(bn).map(Self).ok_or(Error::CallFailed(ApiName::BN_new))
}
fn as_mut_ptr(&mut self) -> *mut BIGNUM {
@@ -197,23 +188,23 @@
/// Converts the `BigNum` to a big-endian integer. The integer is padded with leading zeros up to
/// size `N`. The conversion fails if `N` is smaller thanthe size of the integer.
impl<const N: usize> TryFrom<BigNum> for [u8; N] {
- type Error = RequestProcessingError;
+ type Error = Error;
fn try_from(bn: BigNum) -> result::Result<Self, Self::Error> {
let mut num = [0u8; N];
// SAFETY: The `BIGNUM` pointer has been created with `BN_new`.
let ret = unsafe { BN_bn2bin_padded(num.as_mut_ptr(), num.len(), bn.0.as_ptr()) };
- check_int_result(ret, BoringSSLApiName::BN_bn2bin_padded)?;
+ check_int_result(ret, ApiName::BN_bn2bin_padded)?;
Ok(num)
}
}
-fn check_int_result(ret: i32, api_name: BoringSSLApiName) -> Result<()> {
+fn check_int_result(ret: i32, api_name: ApiName) -> Result<()> {
if ret == 1 {
Ok(())
} else {
assert_eq!(ret, 0, "Unexpected return value {ret} for {api_name:?}");
- Err(RequestProcessingError::BoringSSLCallFailed(api_name))
+ Err(Error::CallFailed(api_name))
}
}
diff --git a/libs/bssl/src/hmac.rs b/libs/bssl/src/hmac.rs
new file mode 100644
index 0000000..1e09315
--- /dev/null
+++ b/libs/bssl/src/hmac.rs
@@ -0,0 +1,58 @@
+// Copyright 2023, The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+//! Wrappers of the HMAC functions in BoringSSL hmac.h.
+
+use crate::digest::Digester;
+use bssl_avf_error::{ApiName, Error, Result};
+use bssl_ffi::{HMAC, SHA256_DIGEST_LENGTH};
+
+const SHA256_LEN: usize = SHA256_DIGEST_LENGTH as usize;
+
+/// Computes the HMAC using SHA-256 for the given `data` with the given `key`.
+pub fn hmac_sha256(key: &[u8], data: &[u8]) -> Result<[u8; SHA256_LEN]> {
+ hmac::<SHA256_LEN>(key, data, Digester::sha256())
+}
+
+/// Computes the HMAC for the given `data` with the given `key` and `digester`.
+///
+/// The output size `HASH_LEN` should correspond to the length of the hash function's
+/// digest size in bytes.
+fn hmac<const HASH_LEN: usize>(
+ key: &[u8],
+ data: &[u8],
+ digester: Digester,
+) -> Result<[u8; HASH_LEN]> {
+ assert_eq!(digester.size(), HASH_LEN);
+
+ let mut out = [0u8; HASH_LEN];
+ let mut out_len = 0;
+ // SAFETY: Only reads from/writes to the provided slices and the digester was non-null.
+ let ret = unsafe {
+ HMAC(
+ digester.0,
+ key.as_ptr() as *const _,
+ key.len(),
+ data.as_ptr(),
+ data.len(),
+ out.as_mut_ptr(),
+ &mut out_len,
+ )
+ };
+ if !ret.is_null() && out_len == (out.len() as u32) {
+ Ok(out)
+ } else {
+ Err(Error::CallFailed(ApiName::HMAC))
+ }
+}
diff --git a/libs/bssl/src/lib.rs b/libs/bssl/src/lib.rs
new file mode 100644
index 0000000..500419b
--- /dev/null
+++ b/libs/bssl/src/lib.rs
@@ -0,0 +1,29 @@
+// Copyright 2023, The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+//! Safe wrappers around the BoringSSL API.
+
+#![cfg_attr(not(feature = "std"), no_std)]
+
+extern crate alloc;
+
+mod cbb;
+mod digest;
+mod ec_key;
+mod hmac;
+
+pub use bssl_avf_error::{ApiName, Error, Result};
+pub use cbb::CbbFixed;
+pub use ec_key::{EcKey, ZVec};
+pub use hmac::hmac_sha256;
diff --git a/libs/bssl/tests/api_test.rs b/libs/bssl/tests/api_test.rs
new file mode 100644
index 0000000..25aaf04
--- /dev/null
+++ b/libs/bssl/tests/api_test.rs
@@ -0,0 +1,40 @@
+// Copyright 2023, The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+use bssl_avf::{hmac_sha256, Result};
+
+const DATA1: [u8; 32] = [
+ 0xdb, 0x16, 0xcc, 0xbf, 0xf0, 0xc4, 0xbc, 0x93, 0xc3, 0x5f, 0x11, 0xc5, 0xfa, 0xae, 0x03, 0x6c,
+ 0x75, 0x40, 0x1f, 0x60, 0xb6, 0x3e, 0xb9, 0x2a, 0x6c, 0x84, 0x06, 0x4b, 0x36, 0x7f, 0xed, 0xdb,
+];
+const DATA2: [u8; 32] = [
+ 0xaa, 0x57, 0x7a, 0x1a, 0x8b, 0xa2, 0x59, 0x3b, 0xad, 0x5f, 0x4d, 0x29, 0xe1, 0x0c, 0xaa, 0x85,
+ 0xde, 0xf9, 0xad, 0xad, 0x8c, 0x11, 0x0c, 0x2e, 0x13, 0x43, 0xd7, 0xdf, 0x2a, 0x43, 0xb9, 0xdd,
+];
+
+#[test]
+fn hmac_sha256_returns_correct_result() -> Result<()> {
+ // The EXPECTED_HMAC can by computed with python:
+ // ```
+ // import hashlib; import base64; import hmac;
+ // print(hmac.new(bytes(DATA1), bytes(DATA2), hashlib.sha256).hexdigest())
+ // ```
+ const EXPECTED_HMAC: [u8; 32] = [
+ 0xe9, 0x0d, 0x40, 0x9a, 0xef, 0x0d, 0xb1, 0x0b, 0x57, 0x82, 0xc4, 0x95, 0x6b, 0x4d, 0x54,
+ 0x38, 0xa9, 0x41, 0xb0, 0xc9, 0xe2, 0x15, 0x59, 0x72, 0xb1, 0x0b, 0x0a, 0x03, 0xe1, 0x38,
+ 0x8d, 0x07,
+ ];
+ assert_eq!(EXPECTED_HMAC, hmac_sha256(&DATA1, &DATA2)?);
+ Ok(())
+}
diff --git a/libs/libfdt/src/lib.rs b/libs/libfdt/src/lib.rs
index 1bf285e..9da2054 100644
--- a/libs/libfdt/src/lib.rs
+++ b/libs/libfdt/src/lib.rs
@@ -802,13 +802,12 @@
}
fn check_full(&self) -> Result<()> {
- let len = self.buffer.len();
// SAFETY: Only performs read accesses within the limits of the slice. If successful, this
// call guarantees to other unsafe calls that the header contains a valid totalsize (w.r.t.
// 'len' i.e. the self.fdt slice) that those C functions can use to perform bounds
// checking. The library doesn't maintain an internal state (such as pointers) between
// calls as it expects the client code to keep track of the objects (DT, nodes, ...).
- let ret = unsafe { libfdt_bindgen::fdt_check_full(self.as_ptr(), len) };
+ let ret = unsafe { libfdt_bindgen::fdt_check_full(self.as_ptr(), self.capacity()) };
fdt_err_expect_zero(ret)
}
diff --git a/rialto/Android.bp b/rialto/Android.bp
index 8a56ebe..bc08d8c 100644
--- a/rialto/Android.bp
+++ b/rialto/Android.bp
@@ -9,6 +9,7 @@
defaults: ["vmbase_ffi_defaults"],
rustlibs: [
"libaarch64_paging",
+ "libbssl_avf_nostd",
"libbssl_ffi_nostd",
"libciborium_io_nostd",
"libciborium_nostd",
@@ -25,9 +26,6 @@
"libvmbase",
"libzeroize_nostd",
],
- static_libs: [
- "libcrypto_baremetal",
- ],
}
cc_binary {
diff --git a/rialto/src/requests/mod.rs b/rialto/src/requests/mod.rs
index 12838f3..d9e6f37 100644
--- a/rialto/src/requests/mod.rs
+++ b/rialto/src/requests/mod.rs
@@ -15,8 +15,6 @@
//! This module contains functions for the request processing.
mod api;
-mod cbb;
-mod ec_key;
mod pub_key;
mod rkp;
diff --git a/rialto/src/requests/pub_key.rs b/rialto/src/requests/pub_key.rs
index 3a69a2e..110e3d2 100644
--- a/rialto/src/requests/pub_key.rs
+++ b/rialto/src/requests/pub_key.rs
@@ -14,13 +14,11 @@
//! Handles the construction of the MACed public key.
-use alloc::vec;
use alloc::vec::Vec;
-use bssl_ffi::EVP_sha256;
-use bssl_ffi::HMAC;
+use bssl_avf::hmac_sha256;
use core::result;
use coset::{iana, CborSerializable, CoseKey, CoseMac0, CoseMac0Builder, HeaderBuilder};
-use service_vm_comm::{BoringSSLApiName, RequestProcessingError};
+use service_vm_comm::RequestProcessingError;
type Result<T> = result::Result<T, RequestProcessingError>;
@@ -50,39 +48,7 @@
let cose_mac = CoseMac0Builder::new()
.protected(protected)
.payload(public_key.to_vec()?)
- .try_create_tag(external_aad, |data| hmac_sha256(hmac_key, data))?
+ .try_create_tag(external_aad, |data| hmac_sha256(hmac_key, data).map(|v| v.to_vec()))?
.build();
Ok(cose_mac.to_vec()?)
}
-
-/// Computes the HMAC using SHA-256 for the given `data` with the given `key`.
-fn hmac_sha256(key: &[u8], data: &[u8]) -> Result<Vec<u8>> {
- const SHA256_HMAC_LEN: usize = 32;
-
- let mut out = vec![0u8; SHA256_HMAC_LEN];
- let mut out_len = 0;
- // SAFETY: The function shouldn't access any Rust variable and the returned value is accepted
- // as a potentially NULL pointer.
- let digester = unsafe { EVP_sha256() };
- if digester.is_null() {
- return Err(RequestProcessingError::BoringSSLCallFailed(BoringSSLApiName::EVP_sha256));
- }
- // SAFETY: Only reads from/writes to the provided slices and supports digester was checked not
- // be NULL.
- let ret = unsafe {
- HMAC(
- digester,
- key.as_ptr() as *const _,
- key.len(),
- data.as_ptr(),
- data.len(),
- out.as_mut_ptr(),
- &mut out_len,
- )
- };
- if !ret.is_null() && out_len == (out.len() as u32) {
- Ok(out)
- } else {
- Err(RequestProcessingError::BoringSSLCallFailed(BoringSSLApiName::HMAC))
- }
-}
diff --git a/rialto/src/requests/rkp.rs b/rialto/src/requests/rkp.rs
index 1af53ad..f96b85d 100644
--- a/rialto/src/requests/rkp.rs
+++ b/rialto/src/requests/rkp.rs
@@ -15,11 +15,11 @@
//! This module contains functions related to the attestation of the
//! service VM via the RKP (Remote Key Provisioning) server.
-use super::ec_key::EcKey;
use super::pub_key::{build_maced_public_key, validate_public_key};
use alloc::string::String;
use alloc::vec;
use alloc::vec::Vec;
+use bssl_avf::EcKey;
use ciborium::{cbor, value::Value};
use core::result;
use coset::{iana, AsCborValue, CoseSign1, CoseSign1Builder, HeaderBuilder};
diff --git a/service_vm/comm/Android.bp b/service_vm/comm/Android.bp
index a7481e5..3a18052 100644
--- a/service_vm/comm/Android.bp
+++ b/service_vm/comm/Android.bp
@@ -21,6 +21,7 @@
"libcore.rust_sysroot",
],
rustlibs: [
+ "libbssl_avf_error_nostd",
"libciborium_nostd",
"libcoset_nostd",
"liblog_rust_nostd",
@@ -32,6 +33,7 @@
name: "libservice_vm_comm",
defaults: ["libservice_vm_comm_defaults"],
rustlibs: [
+ "libbssl_avf_error",
"libciborium",
"libcoset",
"liblog_rust",
diff --git a/service_vm/comm/src/lib.rs b/service_vm/comm/src/lib.rs
index 7bcb9cd..d8f7bd7 100644
--- a/service_vm/comm/src/lib.rs
+++ b/service_vm/comm/src/lib.rs
@@ -23,7 +23,7 @@
mod vsock;
pub use message::{
- BoringSSLApiName, EcdsaP256KeyPair, GenerateCertificateRequestParams, Request,
- RequestProcessingError, Response, ServiceVmRequest,
+ EcdsaP256KeyPair, GenerateCertificateRequestParams, Request, RequestProcessingError, Response,
+ ServiceVmRequest,
};
pub use vsock::VmType;
diff --git a/service_vm/comm/src/message.rs b/service_vm/comm/src/message.rs
index d3ef669..f8d7420 100644
--- a/service_vm/comm/src/message.rs
+++ b/service_vm/comm/src/message.rs
@@ -70,31 +70,11 @@
Err(RequestProcessingError),
}
-/// BoringSSL API names.
-#[allow(missing_docs)]
-#[allow(non_camel_case_types)]
-#[derive(Clone, Copy, Debug, PartialEq, Eq, Serialize, Deserialize)]
-pub enum BoringSSLApiName {
- BN_new,
- BN_bn2bin_padded,
- CBB_flush,
- CBB_len,
- EC_KEY_check_key,
- EC_KEY_generate_key,
- EC_KEY_get0_group,
- EC_KEY_get0_public_key,
- EC_KEY_marshal_private_key,
- EC_KEY_new_by_curve_name,
- EC_POINT_get_affine_coordinates,
- EVP_sha256,
- HMAC,
-}
-
/// Errors related to request processing.
#[derive(Clone, Debug, PartialEq, Eq, Serialize, Deserialize)]
pub enum RequestProcessingError {
- /// Failed to invoke a BoringSSL API.
- BoringSSLCallFailed(BoringSSLApiName),
+ /// An error happened during the interaction with BoringSSL.
+ BoringSslError(bssl_avf_error::Error),
/// An error happened during the interaction with coset.
CosetError,
@@ -118,8 +98,8 @@
impl fmt::Display for RequestProcessingError {
fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
match self {
- Self::BoringSSLCallFailed(api_name) => {
- write!(f, "Failed to invoke a BoringSSL API: {api_name:?}")
+ Self::BoringSslError(e) => {
+ write!(f, "An error happened during the interaction with BoringSSL: {e}")
}
Self::CosetError => write!(f, "Encountered an error with coset"),
Self::InternalError => write!(f, "An unexpected internal error occurred"),
@@ -133,6 +113,12 @@
}
}
+impl From<bssl_avf_error::Error> for RequestProcessingError {
+ fn from(e: bssl_avf_error::Error) -> Self {
+ Self::BoringSslError(e)
+ }
+}
+
impl From<coset::CoseError> for RequestProcessingError {
fn from(e: coset::CoseError) -> Self {
error!("Coset error: {e}");