[dice] Read the COSE key algorithm from DICE library
Instead of hard-coding it.
This allows users to use different types of keys underneath as
needed.
Bug: 342333212
Test: atest VmAttestationTest
Change-Id: I2751cbda79c1f8bd7980ac3ddcae6a9a5922b682
diff --git a/libs/cborutil/src/lib.rs b/libs/cborutil/src/lib.rs
index 4d308c1..b218c82 100644
--- a/libs/cborutil/src/lib.rs
+++ b/libs/cborutil/src/lib.rs
@@ -21,7 +21,10 @@
use alloc::string::String;
use alloc::vec::Vec;
use ciborium::value::{Integer, Value};
-use coset::{CborSerializable, CoseError, CoseKey, Label, Result};
+use coset::{
+ iana::{self, EnumI64},
+ CborSerializable, CoseError, CoseKey, Label, Result,
+};
use log::error;
use serde::{de::DeserializeOwned, Serialize};
@@ -132,3 +135,19 @@
.ok_or(CoseError::UnexpectedItem("", "Label not found in CoseKey"))?
.1)
}
+
+/// Converts the provided COSE key algorithm integer to an `iana::Algorithm` used
+/// by DICE chains.
+pub fn dice_cose_key_alg(cose_key_alg: i32) -> Result<iana::Algorithm> {
+ let key_alg = iana::Algorithm::from_i64(cose_key_alg as i64).ok_or_else(|| {
+ error!("Unsupported COSE key algorithm for DICE: {cose_key_alg}");
+ CoseError::UnexpectedItem("COSE key algorithm", "")
+ })?;
+ match key_alg {
+ iana::Algorithm::EdDSA | iana::Algorithm::ES256 | iana::Algorithm::ES384 => Ok(key_alg),
+ _ => {
+ error!("Unsupported COSE key algorithm for DICE: {key_alg:?}");
+ Err(CoseError::UnexpectedItem("-8, -7 or -35", ""))
+ }
+ }
+}