[rkp] Encrypt/decrypt the private key with AES-256-GCM This cl implements the private key encryption and decryption with AES-256-GCM. The KEK is derived from the sealing CDI with a random salt generated with TRNG. The test is added to the busy town config at cl/570947834. Bug: 279425980 Test: atest rialto_test Test: atest libservice_vm_requests.test Change-Id: I214ee37c64cb8508083b02376c8a398ca6049e3b

commit: 8b8e6e642eb5d4e277ae9911f91dd5f842479cd7 [log] [tgz]
author: Alice Wang <aliceywang@google.com> Mon Oct 02 09:10:13 2023 +0000
committer: Alice Wang <aliceywang@google.com> Fri Oct 06 11:48:36 2023 +0000
tree: 12fa0f92ced4e61ab679ade32cefce8017519a70
parent: facc2b82cfd8935532a591a5bf09218e6f2a754f [diff] [blame]
diff --git a/libs/bssl/src/aead.rs b/libs/bssl/src/aead.rs
index a7d03b9..74bde84 100644
--- a/libs/bssl/src/aead.rs
+++ b/libs/bssl/src/aead.rs

@@ -23,6 +23,11 @@
 };
 use core::ptr::NonNull;
 
+/// BoringSSL spec recommends to use 12-byte nonces.
+///
+/// https://commondatastorage.googleapis.com/chromium-boringssl-docs/aead.h.html#EVP_aead_aes_256_gcm
+pub const AES_GCM_NONCE_LENGTH: usize = 12;
+
 /// Magic value indicating that the default tag length for an AEAD should be used to
 /// initialize `AeadCtx`.
 const AEAD_DEFAULT_TAG_LENGTH: usize = EVP_AEAD_DEFAULT_TAG_LENGTH as usize;
commit	8b8e6e642eb5d4e277ae9911f91dd5f842479cd7	[log] [tgz]
author	Alice Wang <aliceywang@google.com>	Mon Oct 02 09:10:13 2023 +0000
committer	Alice Wang <aliceywang@google.com>	Fri Oct 06 11:48:36 2023 +0000
tree	12fa0f92ced4e61ab679ade32cefce8017519a70
parent	facc2b82cfd8935532a591a5bf09218e6f2a754f [diff] [blame]