Key blob protection using AEAD Add BlobEncryptor, which can be used to write a secret (like our private key) to an encrypted & authenticated blob and later retrieve it. Added the skeleton of code to make use of this, using the sealing CDI as the input to the key derivation. Bug: 214233409 Test: atest compsvc_device_tests Change-Id: Iea7e82405072a31ae5f7ad64a9e894a970913219

commit: c33d2921c3e6e8afc008b9970696687c74c42041 [log] [tgz]
author: Alan Stokes <alanstokes@google.com> Tue Jan 18 14:17:00 2022 +0000
committer: Alan Stokes <alanstokes@google.com> Mon Jan 24 10:58:15 2022 +0000
tree: 45162b42b8244ce349ecb04eb3d187945f0f7ec7
parent: 2eb528fddc626664649b555757de77323f68de8c [diff] [blame]
diff --git a/compos/Android.bp b/compos/Android.bp
index 401f1c7..8d0ba3b 100644
--- a/compos/Android.bp
+++ b/compos/Android.bp

@@ -2,8 +2,8 @@
     default_applicable_licenses: ["Android-Apache-2.0"],
 }
 
-rust_binary {
-    name: "compsvc",
+rust_defaults {
+    name: "compsvc_defaults",
     srcs: ["src/compsvc_main.rs"],
     rustlibs: [
         "android.hardware.security.dice-V1-rust",
@@ -36,7 +36,18 @@
     shared_libs: [
         "libbinder_rpc_unstable",
     ],
+}
+
+rust_binary {
+    name: "compsvc",
+    defaults: ["compsvc_defaults"],
     apex_available: [
         "com.android.compos",
     ],
 }
+
+rust_test {
+    name: "compsvc_device_tests",
+    defaults: ["compsvc_defaults"],
+    test_suites: ["device-tests"],
+}
commit	c33d2921c3e6e8afc008b9970696687c74c42041	[log] [tgz]
author	Alan Stokes <alanstokes@google.com>	Tue Jan 18 14:17:00 2022 +0000
committer	Alan Stokes <alanstokes@google.com>	Mon Jan 24 10:58:15 2022 +0000
tree	45162b42b8244ce349ecb04eb3d187945f0f7ec7
parent	2eb528fddc626664649b555757de77323f68de8c [diff] [blame]