Gitiles
Code Review Sign In
gerrit.omnirom.org / android_packages_modules_Virtualization / 3397b360b2614bfbe6340b55365a7aa4764e95c6^! / . / libs / bssl / src / curve25519.rs
commit3397b360b2614bfbe6340b55365a7aa4764e95c6[log] [tgz]
authorAlice Wang <aliceywang@google.com>Fri Dec 01 13:57:10 2023 +0000
committerAlice Wang <aliceywang@google.com>Wed Dec 13 08:46:59 2023 +0000
tree1c101c6a17343eb731c02445ab27d2a0426927a3
parentd870b20f46c81d4251a497b7699616f6719175eb [diff] [blame]
[attestation] Validate DICE chain signatures and CSR signature

With subject public keys in the DICE certificates.

A wrapper has been added around ED25519_verify to support
ED25519 signature verification. The existing EVP_PKEY is not
used because the verification with EVP_PKEY requires converting
the ED25519 public key to EVP_PKEY. This conversion with
EVP_PKEY_new_raw_public_key increases the rialto image size
by an extra 90KB.

Bug: 314266221
Bug: 310931749
Test: atest rialto_test
Change-Id: I82cc58441b4f4730e46e9de7a0efa03959d8d137

diff --git a/libs/bssl/src/curve25519.rs b/libs/bssl/src/curve25519.rs
new file mode 100644
index 0000000..499a3d0
--- /dev/null
+++ b/libs/bssl/src/curve25519.rs

@@ -0,0 +1,39 @@
+// Copyright 2023, The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+//! Wrappers of the Curve25519 related functions in BoringSSL curve25519.h.
+
+use crate::util::check_int_result;
+use bssl_avf_error::{ApiName, Result};
+
+const ED25519_PUBLIC_KEY_LEN: usize = bssl_ffi::ED25519_PUBLIC_KEY_LEN as usize;
+const ED25519_SIGNATURE_LEN: usize = bssl_ffi::ED25519_SIGNATURE_LEN as usize;
+
+/// Verifies the signature of a message with the given ED25519 public key.
+pub fn ed25519_verify(
+    message: &[u8],
+    signature: &[u8; ED25519_SIGNATURE_LEN],
+    public_key: &[u8; ED25519_PUBLIC_KEY_LEN],
+) -> Result<()> {
+    // SAFETY: The function only reads the parameters within their bounds.
+    let ret = unsafe {
+        bssl_ffi::ED25519_verify(
+            message.as_ptr(),
+            message.len(),
+            signature.as_ptr(),
+            public_key.as_ptr(),
+        )
+    };
+    check_int_result(ret, ApiName::ED25519_verify)
+}