[rkp] Encrypt/decrypt the private key with AES-256-GCM
This cl implements the private key encryption and decryption
with AES-256-GCM.
The KEK is derived from the sealing CDI with a random salt
generated with TRNG.
The test is added to the busy town config at cl/570947834.
Bug: 279425980
Test: atest rialto_test
Test: atest libservice_vm_requests.test
Change-Id: I214ee37c64cb8508083b02376c8a398ca6049e3b
diff --git a/service_vm/requests/Android.bp b/service_vm/requests/Android.bp
index 4b9b46f..f85064a 100644
--- a/service_vm/requests/Android.bp
+++ b/service_vm/requests/Android.bp
@@ -3,7 +3,7 @@
}
rust_defaults {
- name: "libservice_vm_requests_defaults",
+ name: "libservice_vm_requests_nostd_defaults",
crate_name: "service_vm_requests",
defaults: ["avf_build_flags_rust"],
srcs: ["src/lib.rs"],
@@ -11,11 +11,6 @@
apex_available: [
"com.android.virt",
],
-}
-
-rust_library_rlib {
- name: "libservice_vm_requests_nostd",
- defaults: ["libservice_vm_requests_defaults"],
no_stdlibs: true,
stdlibs: [
"libcore.rust_sysroot",
@@ -32,3 +27,14 @@
"libzeroize_nostd",
],
}
+
+rust_library_rlib {
+ name: "libservice_vm_requests_nostd",
+ defaults: ["libservice_vm_requests_nostd_defaults"],
+}
+
+rust_test {
+ name: "libservice_vm_requests.test",
+ defaults: ["libservice_vm_requests_nostd_defaults"],
+ test_suites: ["general-tests"],
+}