[client-vm] Build client VM CSR and sign the CSR with two keys This cl builds the CSR that a client VM sends to the RKP VM for remote attestation and adjusted the API accordingly as discussed in the doc go/pvm-remote-attestation The CSR payload is signed with both the CDI_Leaf_Priv of the client VM's DICE chain and the attestation key. RKP VM should verify the signature later with the CDI_Leaf_Pub extracted from the same DICE chain in the CSR and the attestation public key. The new unit tests are added to config at cl/577763874. Bug: 303807447 Test: run ServiceVmClientTestApp Test: atest libservice_vm_comm.test Test: atest microdroid_manager_test Change-Id: Ic2c09e7339d9981edda028e2694fa551c911a274

commit: 4e3015daaefaac4adbc7b1b2c0d02e3a1556e79c [log] [tgz]
author: Alice Wang <aliceywang@google.com> Tue Oct 10 09:35:37 2023 +0000
committer: Alice Wang <aliceywang@google.com> Wed Nov 08 08:54:39 2023 +0000
tree: 4a0859e91c9f4c361851b1cea2484cdbb3b65bea
parent: 180a7c2907687029b85144a2b34a0860a5495815 [diff] [blame]
diff --git a/microdroid_manager/aidl/Android.bp b/microdroid_manager/aidl/Android.bp
index 0aa8662..353e9cc 100644
--- a/microdroid_manager/aidl/Android.bp
+++ b/microdroid_manager/aidl/Android.bp

@@ -5,8 +5,12 @@
 aidl_interface {
     name: "android.system.virtualization.payload",
     srcs: ["android/system/virtualization/payload/*.aidl"],
+    imports: ["android.system.virtualizationcommon"],
     unstable: true,
     backend: {
+        java: {
+            enabled: false,
+        },
         rust: {
             enabled: true,
             apex_available: [
commit	4e3015daaefaac4adbc7b1b2c0d02e3a1556e79c	[log] [tgz]
author	Alice Wang <aliceywang@google.com>	Tue Oct 10 09:35:37 2023 +0000
committer	Alice Wang <aliceywang@google.com>	Wed Nov 08 08:54:39 2023 +0000
tree	4a0859e91c9f4c361851b1cea2484cdbb3b65bea
parent	180a7c2907687029b85144a2b34a0860a5495815 [diff] [blame]