Gitiles
Code Review Sign In
gerrit.omnirom.org / android_packages_modules_Virtualization / dcffd05f05a4312cc549c8b9da95af89ccd7a53d^1..dcffd05f05a4312cc549c8b9da95af89ccd7a53d / .
commitdcffd05f05a4312cc549c8b9da95af89ccd7a53d[log] [tgz]
authorAlice Wang <aliceywang@google.com>Fri Oct 13 14:34:18 2023 +0000
committerGerrit Code Review <noreply-gerritcodereview@google.com>Fri Oct 13 14:34:18 2023 +0000
tree4e4d35ddecf307806229d7112dd3a92754d83395
parentef47789b15936205c901611b68d7008cdcfb8336 [diff]
parent637b19739e4cd87c4f1bda260e1a1334fb991252 [diff]
Merge "[rkp] Derive CDI_Leaf_Priv with open-dice API" into main
diff --git a/service_vm/requests/src/rkp.rs b/service_vm/requests/src/rkp.rs
index 2d80f13..933737c 100644
--- a/service_vm/requests/src/rkp.rs
+++ b/service_vm/requests/src/rkp.rs

@@ -25,7 +25,7 @@
 use ciborium::{cbor, value::Value};
 use core::result;
 use coset::{iana, AsCborValue, CoseSign1, CoseSign1Builder, HeaderBuilder};
-use diced_open_dice::{kdf, keypair_from_seed, sign, DiceArtifacts, PrivateKey};
+use diced_open_dice::{derive_cdi_leaf_priv, kdf, sign, DiceArtifacts, PrivateKey};
 use log::error;
 use service_vm_comm::{EcdsaP256KeyPair, GenerateCertificateRequestParams, RequestProcessingError};
 use zeroize::Zeroizing;
@@ -128,11 +128,6 @@
     Ok(signed_data)
 }
 
-fn derive_cdi_leaf_priv(dice_artifacts: &dyn DiceArtifacts) -> diced_open_dice::Result<PrivateKey> {
-    let (_, private_key) = keypair_from_seed(dice_artifacts.cdi_attest())?;
-    Ok(private_key)
-}
-
 fn sign_message(message: &[u8], private_key: &PrivateKey) -> Result<Vec<u8>> {
     Ok(sign(message, private_key.as_array())
         .map_err(|e| {