[dice] Read the COSE key algorithm from DICE library
Instead of hard-coding it.
This allows users to use different types of keys underneath as
needed.
Bug: 342333212
Test: atest VmAttestationTest
Change-Id: I2751cbda79c1f8bd7980ac3ddcae6a9a5922b682
diff --git a/libs/dice/open_dice/Android.bp b/libs/dice/open_dice/Android.bp
index ab3220e..4904672 100644
--- a/libs/dice/open_dice/Android.bp
+++ b/libs/dice/open_dice/Android.bp
@@ -161,6 +161,7 @@
"--allowlist-var=DICE_PUBLIC_KEY_SIZE",
"--allowlist-var=DICE_PRIVATE_KEY_SIZE",
"--allowlist-var=DICE_SIGNATURE_SIZE",
+ "--allowlist-var=DICE_COSE_KEY_ALG_VALUE",
],
}
diff --git a/libs/dice/open_dice/src/lib.rs b/libs/dice/open_dice/src/lib.rs
index d0004b1..085a2cd 100644
--- a/libs/dice/open_dice/src/lib.rs
+++ b/libs/dice/open_dice/src/lib.rs
@@ -40,6 +40,10 @@
PublicKey, Signature, CDI_SIZE, HASH_SIZE, HIDDEN_SIZE, ID_SIZE, PRIVATE_KEY_SEED_SIZE,
};
pub use error::{DiceError, Result};
+// Currently, open-dice library only supports a single signing and verification algorithm.
+// The value of DICE_COSE_KEY_ALG_VALUE depends on the algorithm chosen by the underlying C
+// library at build time. Refer to b/342333212 for more information.
+pub use open_dice_cbor_bindgen::DICE_COSE_KEY_ALG_VALUE;
pub use ops::{
derive_cdi_leaf_priv, generate_certificate, hash, kdf, keypair_from_seed, sign, verify,
};