[rkp] Implement main steps to generate certificate request
This cl implements the main steps required to generate a
certificate request within the RKP HAL. The DICE chain will be
included once retrieved in the service VM.
Bug: 299256925
Test: atest rialto_test
Change-Id: Ia2055e13d3f5e31617bde01851059764d814f25e
diff --git a/libs/service_vm_comm/Android.bp b/libs/service_vm_comm/Android.bp
index 9bce2f4..a7481e5 100644
--- a/libs/service_vm_comm/Android.bp
+++ b/libs/service_vm_comm/Android.bp
@@ -21,6 +21,7 @@
"libcore.rust_sysroot",
],
rustlibs: [
+ "libciborium_nostd",
"libcoset_nostd",
"liblog_rust_nostd",
"libserde_nostd",
@@ -31,6 +32,7 @@
name: "libservice_vm_comm",
defaults: ["libservice_vm_comm_defaults"],
rustlibs: [
+ "libciborium",
"libcoset",
"liblog_rust",
"libserde",
diff --git a/libs/service_vm_comm/src/message.rs b/libs/service_vm_comm/src/message.rs
index a4ec46f..570cf38 100644
--- a/libs/service_vm_comm/src/message.rs
+++ b/libs/service_vm_comm/src/message.rs
@@ -101,6 +101,12 @@
/// Any key to sign lacks a valid MAC. Maps to `STATUS_INVALID_MAC`.
InvalidMac,
+
+ /// No payload found in a key to sign.
+ KeyToSignHasEmptyPayload,
+
+ /// An error happened when serializing to/from a `Value`.
+ CborValueError,
}
impl fmt::Display for RequestProcessingError {
@@ -111,6 +117,10 @@
}
Self::CosetError => write!(f, "Encountered an error with coset"),
Self::InvalidMac => write!(f, "A key to sign lacks a valid MAC."),
+ Self::KeyToSignHasEmptyPayload => write!(f, "No payload found in a key to sign."),
+ Self::CborValueError => {
+ write!(f, "An error happened when serializing to/from a CBOR Value.")
+ }
}
}
}
@@ -122,6 +132,13 @@
}
}
+impl From<ciborium::value::Error> for RequestProcessingError {
+ fn from(e: ciborium::value::Error) -> Self {
+ error!("CborValueError: {e}");
+ Self::CborValueError
+ }
+}
+
/// Represents the params passed to GenerateCertificateRequest
#[derive(Clone, Debug, Serialize, Deserialize)]
pub struct GenerateCertificateRequestParams {