Rewrite key management & signing

Extend compos_helper to support signing, use it from CompOS.

Expose the public key from the VM. Rename compos_verify_key to
compos_verify and get it to verify the signature against the current
instance's public key.

Also move DICE access to compos_key_main. There's no use having it in
the library - neither the tests nor compos_verify can use it - and it
complicates the build rules.

There's a lot more that can be deleted, but I'll do that in a
follow-up; this is big enough already.

Bug: 218494522
Test: atest CompOsSigningHostTest CompOsDenialHostTest
Change-Id: I2d71f68a595d5ddadb2e7b16937fa6855f5db0ab
diff --git a/compos/verify/Android.bp b/compos/verify/Android.bp
new file mode 100644
index 0000000..d6875d1
--- /dev/null
+++ b/compos/verify/Android.bp
@@ -0,0 +1,23 @@
+package {
+    default_applicable_licenses: ["Android-Apache-2.0"],
+}
+
+rust_binary {
+    name: "compos_verify",
+    srcs: ["verify.rs"],
+    edition: "2018",
+    rustlibs: [
+        "compos_aidl_interface-rust",
+        "libandroid_logger",
+        "libanyhow",
+        "libbinder_rs",
+        "libclap",
+        "libcompos_common",
+        "libcompos_verify_native_rust",
+        "liblog_rust",
+    ],
+    prefer_rlib: true,
+    apex_available: [
+        "com.android.compos",
+    ],
+}
diff --git a/compos/verify/native/Android.bp b/compos/verify/native/Android.bp
new file mode 100644
index 0000000..969c9f4
--- /dev/null
+++ b/compos/verify/native/Android.bp
@@ -0,0 +1,51 @@
+package {
+    default_applicable_licenses: ["Android-Apache-2.0"],
+}
+
+rust_library {
+    name: "libcompos_verify_native_rust",
+    crate_name: "compos_verify_native",
+    srcs: ["lib.rs"],
+    rustlibs: [
+        "libanyhow",
+        "libcxx",
+        "liblibc",
+    ],
+    static_libs: [
+        "libcompos_verify_native_cpp",
+        "libcompos_key",
+    ],
+    shared_libs: [
+        "libcrypto",
+    ],
+    apex_available: ["com.android.compos"],
+}
+
+cc_library_static {
+    name: "libcompos_verify_native_cpp",
+    srcs: ["verify_native.cpp"],
+    static_libs: ["libcompos_key"],
+    shared_libs: [
+        "libbase",
+        "libcrypto",
+    ],
+    generated_headers: ["compos_verify_native_header"],
+    generated_sources: ["compos_verify_native_code"],
+    apex_available: ["com.android.compos"],
+}
+
+genrule {
+    name: "compos_verify_native_code",
+    tools: ["cxxbridge"],
+    cmd: "$(location cxxbridge) $(in) >> $(out)",
+    srcs: ["lib.rs"],
+    out: ["verify_native_cxx_generated.cc"],
+}
+
+genrule {
+    name: "compos_verify_native_header",
+    tools: ["cxxbridge"],
+    cmd: "$(location cxxbridge) $(in) --header >> $(out)",
+    srcs: ["lib.rs"],
+    out: ["lib.rs.h"],
+}
diff --git a/compos/verify/native/lib.rs b/compos/verify/native/lib.rs
new file mode 100644
index 0000000..51050da
--- /dev/null
+++ b/compos/verify/native/lib.rs
@@ -0,0 +1,31 @@
+// Copyright 2022, The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+//! Native helper for compos_verify to call boringssl.
+
+pub use native::*;
+
+#[cxx::bridge]
+mod native {
+    unsafe extern "C++" {
+        include!("verify_native.h");
+
+        // SAFETY: The C++ implementation manages its own memory, and does not retain or abuse
+        // the references passed to it.
+
+        /// Verify a PureEd25519 signature with the specified public key on the given data,
+        /// returning whether the signature is valid or not.
+        fn verify(public_key: &[u8], signature: &[u8], data: &[u8]) -> bool;
+    }
+}
diff --git a/compos/verify/native/verify_native.cpp b/compos/verify/native/verify_native.cpp
new file mode 100644
index 0000000..2c43d95
--- /dev/null
+++ b/compos/verify/native/verify_native.cpp
@@ -0,0 +1,37 @@
+/*
+ * Copyright 2022 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "verify_native.h"
+
+#include <compos_key.h>
+
+using rust::Slice;
+
+bool verify(Slice<const uint8_t> public_key, Slice<const uint8_t> signature,
+            Slice<const uint8_t> data) {
+    compos_key::PublicKey public_key_array;
+    compos_key::Signature signature_array;
+
+    if (public_key.size() != public_key_array.size() ||
+        signature.size() != signature_array.size()) {
+        return false;
+    }
+
+    std::copy(public_key.begin(), public_key.end(), public_key_array.begin());
+    std::copy(signature.begin(), signature.end(), signature_array.begin());
+
+    return compos_key::verify(public_key_array, signature_array, data.data(), data.size());
+}
diff --git a/compos/verify/native/verify_native.h b/compos/verify/native/verify_native.h
new file mode 100644
index 0000000..5f000b6
--- /dev/null
+++ b/compos/verify/native/verify_native.h
@@ -0,0 +1,22 @@
+/*
+ * Copyright 2022 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#pragma once
+
+#include "lib.rs.h"
+
+bool verify(rust::Slice<const uint8_t> public_key, rust::Slice<const uint8_t> signature,
+            rust::Slice<const uint8_t> data);
diff --git a/compos/verify/verify.rs b/compos/verify/verify.rs
new file mode 100644
index 0000000..228225d
--- /dev/null
+++ b/compos/verify/verify.rs
@@ -0,0 +1,126 @@
+/*
+ * Copyright (C) 2021 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+//! A tool to verify a CompOS signature. It starts a CompOS VM as part of this to retrieve the
+//!  public key. The tool is intended to be run by odsign during boot.
+
+use anyhow::{bail, Context, Result};
+use compos_aidl_interface::binder::ProcessState;
+use compos_common::compos_client::{VmInstance, VmParameters};
+use compos_common::odrefresh::{
+    CURRENT_ARTIFACTS_SUBDIR, ODREFRESH_OUTPUT_ROOT_DIR, PENDING_ARTIFACTS_SUBDIR,
+    TEST_ARTIFACTS_SUBDIR,
+};
+use compos_common::{
+    COMPOS_DATA_ROOT, IDSIG_FILE, IDSIG_MANIFEST_APK_FILE, INSTANCE_IMAGE_FILE,
+    PENDING_INSTANCE_DIR, TEST_INSTANCE_DIR,
+};
+use log::error;
+use std::fs::File;
+use std::io::Read;
+use std::panic;
+use std::path::Path;
+
+const MAX_FILE_SIZE_BYTES: u64 = 100 * 1024;
+
+fn main() {
+    android_logger::init_once(
+        android_logger::Config::default()
+            .with_tag("compos_verify")
+            .with_min_level(log::Level::Info),
+    );
+
+    // Redirect panic messages to logcat.
+    panic::set_hook(Box::new(|panic_info| {
+        error!("{}", panic_info);
+    }));
+
+    if let Err(e) = try_main() {
+        error!("{:?}", e);
+        std::process::exit(1)
+    }
+}
+
+fn try_main() -> Result<()> {
+    let matches = clap::App::new("compos_verify")
+        .arg(
+            clap::Arg::with_name("instance")
+                .long("instance")
+                .takes_value(true)
+                .required(true)
+                .possible_values(&["pending", "current", "test"]),
+        )
+        .arg(clap::Arg::with_name("debug").long("debug"))
+        .get_matches();
+
+    let debug_mode = matches.is_present("debug");
+    let (instance_dir, artifacts_dir) = match matches.value_of("instance").unwrap() {
+        "pending" => (PENDING_INSTANCE_DIR, PENDING_ARTIFACTS_SUBDIR),
+        "current" => (PENDING_INSTANCE_DIR, CURRENT_ARTIFACTS_SUBDIR),
+        "test" => (TEST_INSTANCE_DIR, TEST_ARTIFACTS_SUBDIR),
+        _ => unreachable!("Unexpected instance name"),
+    };
+
+    let instance_dir = Path::new(COMPOS_DATA_ROOT).join(instance_dir);
+    let artifacts_dir = Path::new(ODREFRESH_OUTPUT_ROOT_DIR).join(artifacts_dir);
+
+    if !instance_dir.is_dir() {
+        bail!("{:?} is not a directory", instance_dir);
+    }
+
+    let instance_image = instance_dir.join(INSTANCE_IMAGE_FILE);
+    let idsig = instance_dir.join(IDSIG_FILE);
+    let idsig_manifest_apk = instance_dir.join(IDSIG_MANIFEST_APK_FILE);
+
+    let instance_image = File::open(instance_image).context("Failed to open instance image")?;
+
+    let info = artifacts_dir.join("compos.info");
+    let signature = artifacts_dir.join("compos.info.signature");
+
+    let info = read_small_file(&info)?;
+    let signature = read_small_file(&signature)?;
+
+    // We need to start the thread pool to be able to receive Binder callbacks
+    ProcessState::start_thread_pool();
+
+    let virtualization_service = VmInstance::connect_to_virtualization_service()?;
+    let vm_instance = VmInstance::start(
+        &*virtualization_service,
+        instance_image,
+        &idsig,
+        &idsig_manifest_apk,
+        &VmParameters { debug_mode, ..Default::default() },
+    )?;
+    let service = vm_instance.get_service()?;
+
+    let public_key = service.getPublicKey().context("Getting public key")?;
+
+    if !compos_verify_native::verify(&public_key, &signature, &info) {
+        bail!("Signature verification failed");
+    }
+
+    Ok(())
+}
+
+fn read_small_file(file: &Path) -> Result<Vec<u8>> {
+    let mut file = File::open(file)?;
+    if file.metadata()?.len() > MAX_FILE_SIZE_BYTES {
+        bail!("File is too big");
+    }
+    let mut data = Vec::new();
+    file.read_to_end(&mut data)?;
+    Ok(data)
+}