Gitiles
Code Review Sign In
gerrit.omnirom.org / android_packages_modules_Virtualization / 14ca76a971169bc6182f764a6522d5e624f070e5^! / .
commit14ca76a971169bc6182f764a6522d5e624f070e5[log] [tgz]
authorAlice Wang <aliceywang@google.com>Tue Nov 05 12:41:57 2024 +0000
committerAlice Wang <aliceywang@google.com>Thu Nov 14 16:21:28 2024 +0000
treeaf19ecebf9debfb0ce0420a0b59c9041f6230d26
parent40648a418fc3f100977cf1d3aba57924b670071e [diff]
Make open-dice rust wrapper compatible with upstream code

Bug: 357008987
Test: atest MicrodroidHostTests
Change-Id: Icc554f4a4d1fde77188d411dcf82a535c7b8ff6f

diff --git a/libs/dice/open_dice/Android.bp b/libs/dice/open_dice/Android.bp
index c60260e..3c5b6ea 100644
--- a/libs/dice/open_dice/Android.bp
+++ b/libs/dice/open_dice/Android.bp

@@ -132,6 +132,7 @@
         "--rustified-enum DiceConfigType",
         "--rustified-enum DiceMode",
         "--rustified-enum DiceResult",
+        "--rustified-enum DicePrincipal",
 
         // By generating only essential functions, we can make bindings concise and
         // optimize compilation time.

diff --git a/libs/dice/open_dice/src/ops.rs b/libs/dice/open_dice/src/ops.rs
index 137736f..7bc0ee5 100644
--- a/libs/dice/open_dice/src/ops.rs
+++ b/libs/dice/open_dice/src/ops.rs

@@ -23,7 +23,8 @@
 use crate::error::{check_result, DiceError, Result};
 use alloc::{vec, vec::Vec};
 use open_dice_cbor_bindgen::{
-    DiceGenerateCertificate, DiceHash, DiceKdf, DiceKeypairFromSeed, DiceSign, DiceVerify,
+    DiceGenerateCertificate, DiceHash, DiceKdf, DiceKeypairFromSeed, DicePrincipal, DiceSign,
+    DiceVerify,
 };
 use std::ptr;
 
@@ -75,6 +76,11 @@
 pub fn keypair_from_seed(seed: &[u8; PRIVATE_KEY_SEED_SIZE]) -> Result<(Vec<u8>, PrivateKey)> {
     let mut public_key = vec![0u8; VM_KEY_ALGORITHM.public_key_size()];
     let mut private_key = PrivateKey::default();
+    // This function is used with an open-dice config that uses the same algorithms for the
+    // subject and authority. Therefore, the principal is irrelevant in this context as this
+    // function only derives the key pair cryptographically without caring about which
+    // principal it is for. Hence, we arbitrarily set it to `DicePrincipal::kDicePrincipalSubject`.
+    let principal = DicePrincipal::kDicePrincipalSubject;
     check_result(
         // SAFETY: The function writes to the `public_key` and `private_key` within the given
         // bounds, and only reads the `seed`. The first argument context is not used in this
@@ -82,6 +88,7 @@
         unsafe {
             DiceKeypairFromSeed(
                 ptr::null_mut(), // context
+                principal,
                 seed.as_ptr(),
                 public_key.as_mut_ptr(),
                 private_key.as_mut_ptr(),