[pvmfw] Use AEAD wrapper from libbssl_avf
This cl replaces the AEAD bssl wrappers in pvmfw with the ones in
libbssl_avf. The wrappers in libbssl_avf have undergone thorough
testing, and the context is cleaned and freed when it is dropped.
This cl decreases the size of pvmfw.bin from 532512 bytes to
511648 bytes.
Bug: 302286887
Test: atest MicrodroidHostTests
Change-Id: Iba12469410dd1069fb9c48b666010ff158cc1327
diff --git a/libs/bssl/src/aead.rs b/libs/bssl/src/aead.rs
index e0c9fbb..1ac2c22 100644
--- a/libs/bssl/src/aead.rs
+++ b/libs/bssl/src/aead.rs
@@ -18,8 +18,8 @@
use bssl_avf_error::{ApiName, Result};
use bssl_ffi::{
EVP_AEAD_CTX_free, EVP_AEAD_CTX_new, EVP_AEAD_CTX_open, EVP_AEAD_CTX_seal,
- EVP_AEAD_max_overhead, EVP_AEAD_nonce_length, EVP_aead_aes_256_gcm, EVP_AEAD, EVP_AEAD_CTX,
- EVP_AEAD_DEFAULT_TAG_LENGTH,
+ EVP_AEAD_max_overhead, EVP_AEAD_nonce_length, EVP_aead_aes_256_gcm,
+ EVP_aead_aes_256_gcm_randnonce, EVP_AEAD, EVP_AEAD_CTX, EVP_AEAD_DEFAULT_TAG_LENGTH,
};
use core::ptr::NonNull;
@@ -51,6 +51,17 @@
Self(unsafe { &*p })
}
+ /// AES-256 in Galois Counter Mode with internal nonce generation.
+ /// The 12-byte nonce is appended to the tag and is generated internally.
+ pub fn aes_256_gcm_randnonce() -> Self {
+ // SAFETY: This function does not access any Rust variables and simply returns
+ // a pointer to the static variable in BoringSSL.
+ let p = unsafe { EVP_aead_aes_256_gcm_randnonce() };
+ // SAFETY: The returned pointer should always be valid and points to a static
+ // `EVP_AEAD`.
+ Self(unsafe { &*p })
+ }
+
/// Returns the maximum number of additional bytes added by the act of sealing data.
pub fn max_overhead(&self) -> usize {
// SAFETY: This function only reads from self.