[dice][microdroid] Refactor DiceDriver with the trait DiceArtifacts
This cl uses DiceArtifacts to unify the access to DICE values like
CDIs or BCC in DiceDriver.
There is no behavior change in this cl.
Test: atest MicrodroidTests
Bug: 267575445
Change-Id: I5214db2637ad51f9777ecabc9b631933890248ab
diff --git a/microdroid_manager/src/dice.rs b/microdroid_manager/src/dice.rs
index fd22198..c3136e8 100644
--- a/microdroid_manager/src/dice.rs
+++ b/microdroid_manager/src/dice.rs
@@ -17,8 +17,8 @@
use anyhow::{anyhow, bail, Context, Error, Result};
use byteorder::{NativeEndian, ReadBytesExt};
use diced_open_dice::{
- bcc_handover_parse, retry_bcc_main_flow, BccHandover, Cdi, Config, DiceMode, Hash, Hidden,
- InputValues, OwnedDiceArtifacts,
+ bcc_handover_parse, retry_bcc_main_flow, BccHandover, Config, DiceArtifacts, DiceMode, Hash,
+ Hidden, InputValues, OwnedDiceArtifacts,
};
use keystore2_crypto::ZVec;
use libc::{c_void, mmap, munmap, MAP_FAILED, MAP_PRIVATE, PROT_READ};
@@ -32,14 +32,12 @@
/// Derives a sealing key from the DICE sealing CDI.
pub fn derive_sealing_key(
- cdi_seal: &Cdi,
+ dice_artifacts: &dyn DiceArtifacts,
salt: &[u8],
info: &[u8],
- keysize: usize,
-) -> Result<ZVec> {
- let mut key = ZVec::new(keysize)?;
- hkdf(&mut key, Md::sha256(), cdi_seal, salt, info)?;
- Ok(key)
+ key: &mut [u8],
+) -> Result<()> {
+ Ok(hkdf(key, Md::sha256(), dice_artifacts.cdi_seal(), salt, info)?)
}
/// Artifacts that are mapped into the process address space from the driver.
@@ -54,6 +52,13 @@
}
impl DiceDriver<'_> {
+ fn dice_artifacts(&self) -> &dyn DiceArtifacts {
+ match self {
+ Self::Real { bcc_handover, .. } => bcc_handover,
+ Self::Fake(owned_dice_artifacts) => owned_dice_artifacts,
+ }
+ }
+
pub fn new(driver_path: &Path) -> Result<Self> {
if driver_path.exists() {
log::info!("Using DICE values from driver");
@@ -95,16 +100,15 @@
})
}
- pub fn get_sealing_key(&self, identifier: &[u8]) -> Result<ZVec> {
+ /// Derives a sealing key of `key_length` bytes from the DICE sealing CDI.
+ pub fn get_sealing_key(&self, identifier: &[u8], key_length: usize) -> Result<ZVec> {
// Deterministically derive a key to use for sealing data, rather than using the CDI
// directly, so we have the chance to rotate the key if needed. A salt isn't needed as the
// input key material is already cryptographically strong.
- let cdi_seal = match self {
- Self::Real { bcc_handover, .. } => bcc_handover.cdi_seal,
- Self::Fake(fake) => &fake.cdi_values.cdi_seal,
- };
+ let mut key = ZVec::new(key_length)?;
let salt = &[];
- derive_sealing_key(cdi_seal, salt, identifier, 32)
+ derive_sealing_key(self.dice_artifacts(), salt, identifier, &mut key)?;
+ Ok(key)
}
pub fn derive(
@@ -122,25 +126,21 @@
if debug { DiceMode::kDiceModeDebug } else { DiceMode::kDiceModeNormal },
hidden,
);
- let (cdi_attest, cdi_seal, bcc) = match &self {
- Self::Real { bcc_handover, .. } => (
- bcc_handover.cdi_attest,
- bcc_handover.cdi_seal,
- bcc_handover.bcc.ok_or_else(|| anyhow!("bcc is none"))?,
- ),
- Self::Fake(fake) => {
- (&fake.cdi_values.cdi_attest, &fake.cdi_values.cdi_seal, fake.bcc.as_slice())
- }
- };
- let dice_artifacts = retry_bcc_main_flow(cdi_attest, cdi_seal, bcc, &input_values)
- .context("DICE derive from driver")?;
+ let current_dice_artifacts = self.dice_artifacts();
+ let next_dice_artifacts = retry_bcc_main_flow(
+ current_dice_artifacts.cdi_attest(),
+ current_dice_artifacts.cdi_seal(),
+ current_dice_artifacts.bcc().ok_or_else(|| anyhow!("bcc is none"))?,
+ &input_values,
+ )
+ .context("DICE derive from driver")?;
if let Self::Real { driver_path, .. } = &self {
// Writing to the device wipes the artifacts. The string is ignored by the driver but
// included for documentation.
fs::write(driver_path, "wipe")
.map_err(|err| Error::new(err).context("Wiping driver"))?;
}
- Ok(dice_artifacts)
+ Ok(next_dice_artifacts)
}
}