Rewrite key management & signing Extend compos_helper to support signing, use it from CompOS. Expose the public key from the VM. Rename compos_verify_key to compos_verify and get it to verify the signature against the current instance's public key. Also move DICE access to compos_key_main. There's no use having it in the library - neither the tests nor compos_verify can use it - and it complicates the build rules. There's a lot more that can be deleted, but I'll do that in a follow-up; this is big enough already. Bug: 218494522 Test: atest CompOsSigningHostTest CompOsDenialHostTest Change-Id: I2d71f68a595d5ddadb2e7b16937fa6855f5db0ab

commit: 16fb8555e8a8e39a7339f7a29f2e3c4aea918d7d [log] [tgz]
author: Alan Stokes <alanstokes@google.com> Thu Feb 10 15:07:27 2022 +0000
committer: Alan Stokes <alanstokes@google.com> Thu Feb 17 16:58:32 2022 +0000
tree: bb85000ec0f7df1fe64b933a211c77952ae82240
parent: dcff1e7e2330ec7f83ad5e620aaa8c41d0663499 [diff] [blame]
diff --git a/compos/verify/Android.bp b/compos/verify/Android.bp
new file mode 100644
index 0000000..d6875d1
--- /dev/null
+++ b/compos/verify/Android.bp

@@ -0,0 +1,23 @@
+package {
+    default_applicable_licenses: ["Android-Apache-2.0"],
+}
+
+rust_binary {
+    name: "compos_verify",
+    srcs: ["verify.rs"],
+    edition: "2018",
+    rustlibs: [
+        "compos_aidl_interface-rust",
+        "libandroid_logger",
+        "libanyhow",
+        "libbinder_rs",
+        "libclap",
+        "libcompos_common",
+        "libcompos_verify_native_rust",
+        "liblog_rust",
+    ],
+    prefer_rlib: true,
+    apex_available: [
+        "com.android.compos",
+    ],
+}
commit	16fb8555e8a8e39a7339f7a29f2e3c4aea918d7d	[log] [tgz]
author	Alan Stokes <alanstokes@google.com>	Thu Feb 10 15:07:27 2022 +0000
committer	Alan Stokes <alanstokes@google.com>	Thu Feb 17 16:58:32 2022 +0000
tree	bb85000ec0f7df1fe64b933a211c77952ae82240
parent	dcff1e7e2330ec7f83ad5e620aaa8c41d0663499 [diff] [blame]