| commit | 392be49ba6882ef9bf1db493769b24eadd00edc0 | [log] [tgz] |
|---|---|---|
| author | Gil Cukierman <cukie@google.com> | Wed Jan 15 17:02:08 2025 -0500 |
| committer | Gil Cukierman <cukie@google.com> | Tue Jan 21 11:40:45 2025 -0500 |
| tree | 0279a4241038682671f6dacf18af9c37dba22d5b | |
| parent | 3b081601d905b912749ac0da93ee5302d89b49cf [diff] |
dice: add sign and encode with CoseSign1
Adds APIs to produce CoseSign1 encoded signatures given a message,
aad, and private key. This is implemented with
`DiceCoseSignAndEncodeSign1` from open_dice, which is brought in through
bindgen build rules for soong and trusty.
The driving use case is pvmdice, which needs to implement the hwbcc
interface's sign_data function. This will enable RKP protocols as well
as the implementation of the authmgr frontend in trusty pVMs.
Bug: 390385820
Test: atest libdiced_open_dice.integration_test
Test: atest libdiced_open_dice_nostd.integration_test
Test: build.py qemu-generic-arm64-test-debug \
--test="boot-test:com.android.trusty.rust.diced_open_dice_tests.test"
Change-Id: Iac77f2f48f5f9ae90d1d08aaa6f34298b7220e40
Android Virtualization Framework (AVF) provides secure and private execution environments for executing code. AVF is ideal for security-oriented use cases that require stronger isolation assurances over those offered by Android’s app sandbox.
Visit our public doc site to learn more about what AVF is, what it is for, and how it is structured. This repository contains source code for userspace components of AVF.
If you want a quick start, see the getting started guideline and follow the steps there.
For in-depth explanations about individual topics and components, visit the following links.
AVF components:
AVF APIs:
How-Tos: