Merge changes from topic "b/269460851"
* changes:
keystore2: Fix timeout handling
keystore2_test: Join all test threads
diff --git a/diced/Android.bp b/diced/Android.bp
index d4d29d5..dfa81ec 100644
--- a/diced/Android.bp
+++ b/diced/Android.bp
@@ -30,7 +30,7 @@
rustlibs: [
"android.hardware.security.dice-V1-rust",
"libanyhow",
- "libdiced_open_dice_cbor",
+ "libdiced_open_dice",
"libkeystore2_crypto_rust",
],
}
@@ -44,7 +44,7 @@
rustlibs: [
"android.hardware.security.dice-V1-rust",
"libanyhow",
- "libdiced_open_dice_cbor",
+ "libdiced_open_dice",
"libkeystore2_crypto_rust",
],
}
diff --git a/diced/open_dice/src/bcc.rs b/diced/open_dice/src/bcc.rs
index e3a96fe..f343bc5 100644
--- a/diced/open_dice/src/bcc.rs
+++ b/diced/open_dice/src/bcc.rs
@@ -14,11 +14,11 @@
//! This module mirrors the content in open-dice/include/dice/android/bcc.h
-use crate::dice::{Cdi, CdiValues, InputValues};
-use crate::error::{check_result, Result};
+use crate::dice::{Cdi, CdiValues, InputValues, CDI_SIZE};
+use crate::error::{check_result, DiceError, Result};
use open_dice_bcc_bindgen::{
- BccConfigValues, BccFormatConfigDescriptor, BccMainFlow, BCC_INPUT_COMPONENT_NAME,
- BCC_INPUT_COMPONENT_VERSION, BCC_INPUT_RESETTABLE,
+ BccConfigValues, BccFormatConfigDescriptor, BccHandoverMainFlow, BccHandoverParse, BccMainFlow,
+ BCC_INPUT_COMPONENT_NAME, BCC_INPUT_COMPONENT_VERSION, BCC_INPUT_RESETTABLE,
};
use std::{ffi::CStr, ptr};
@@ -90,3 +90,89 @@
})?;
Ok(next_bcc_size)
}
+
+/// Executes the main BCC handover flow.
+///
+/// A BCC handover combines the BCC and CDIs in a single CBOR object.
+/// This function takes the current boot stage's BCC handover bundle and produces a
+/// bundle for the next stage.
+pub fn bcc_handover_main_flow(
+ current_bcc_handover: &[u8],
+ input_values: &InputValues,
+ next_bcc_handover: &mut [u8],
+) -> Result<usize> {
+ let mut next_bcc_handover_size = 0;
+ // SAFETY - The function only reads `current_bcc_handover` and writes to `next_bcc_handover`
+ // within its bounds,
+ // It also reads `input_values` as a constant input and doesn't store any pointer.
+ // The first argument can be null and is not used in the current implementation.
+ check_result(unsafe {
+ BccHandoverMainFlow(
+ ptr::null_mut(), // context
+ current_bcc_handover.as_ptr(),
+ current_bcc_handover.len(),
+ input_values.as_ptr(),
+ next_bcc_handover.len(),
+ next_bcc_handover.as_mut_ptr(),
+ &mut next_bcc_handover_size,
+ )
+ })?;
+
+ Ok(next_bcc_handover_size)
+}
+
+/// A BCC handover combines the BCC and CDIs in a single CBOR object.
+/// This struct is used as return of the function `bcc_handover_parse`, its lifetime is tied
+/// to the lifetime of the raw BCC handover slice.
+#[derive(Debug)]
+pub struct BccHandover<'a> {
+ /// Attestation CDI.
+ pub cdi_attest: &'a Cdi,
+ /// Sealing CDI.
+ pub cdi_seal: &'a Cdi,
+ /// Boot Certificate Chain.
+ pub bcc: Option<&'a [u8]>,
+}
+
+/// A BCC handover combines the BCC and CDIs in a single CBOR object.
+/// This function parses the `bcc_handover` to extracts the BCC and CDIs.
+/// The lifetime of the returned `BccHandover` is tied to the given `bcc_handover` slice.
+pub fn bcc_handover_parse(bcc_handover: &[u8]) -> Result<BccHandover> {
+ let mut cdi_attest: *const u8 = ptr::null();
+ let mut cdi_seal: *const u8 = ptr::null();
+ let mut bcc: *const u8 = ptr::null();
+ let mut bcc_size = 0;
+ // SAFETY: The `bcc_handover` is only read and never stored and the returned pointers should all
+ // point within the address range of the `bcc_handover` or be NULL.
+ check_result(unsafe {
+ BccHandoverParse(
+ bcc_handover.as_ptr(),
+ bcc_handover.len(),
+ &mut cdi_attest,
+ &mut cdi_seal,
+ &mut bcc,
+ &mut bcc_size,
+ )
+ })?;
+ let cdi_attest = sub_slice(bcc_handover, cdi_attest, CDI_SIZE)?;
+ let cdi_seal = sub_slice(bcc_handover, cdi_seal, CDI_SIZE)?;
+ let bcc = sub_slice(bcc_handover, bcc, bcc_size).ok();
+ Ok(BccHandover {
+ cdi_attest: cdi_attest.try_into().map_err(|_| DiceError::PlatformError)?,
+ cdi_seal: cdi_seal.try_into().map_err(|_| DiceError::PlatformError)?,
+ bcc,
+ })
+}
+
+/// Gets a slice the `addr` points to and of length `len`.
+/// The slice should be contained in the buffer.
+fn sub_slice(buffer: &[u8], addr: *const u8, len: usize) -> Result<&[u8]> {
+ if addr.is_null() || !buffer.as_ptr_range().contains(&addr) {
+ return Err(DiceError::PlatformError);
+ }
+ // SAFETY: This is safe because addr is not null and is within the range of the buffer.
+ let start: usize = unsafe {
+ addr.offset_from(buffer.as_ptr()).try_into().map_err(|_| DiceError::PlatformError)?
+ };
+ start.checked_add(len).and_then(|end| buffer.get(start..end)).ok_or(DiceError::PlatformError)
+}
diff --git a/diced/open_dice/src/dice.rs b/diced/open_dice/src/dice.rs
index ed7d843..350237d 100644
--- a/diced/open_dice/src/dice.rs
+++ b/diced/open_dice/src/dice.rs
@@ -20,7 +20,8 @@
use open_dice_cbor_bindgen::{
DiceConfigType, DiceDeriveCdiCertificateId, DiceDeriveCdiPrivateKeySeed, DiceInputValues,
DiceMainFlow, DICE_CDI_SIZE, DICE_HASH_SIZE, DICE_HIDDEN_SIZE, DICE_ID_SIZE,
- DICE_INLINE_CONFIG_SIZE, DICE_PRIVATE_KEY_SEED_SIZE,
+ DICE_INLINE_CONFIG_SIZE, DICE_PRIVATE_KEY_SEED_SIZE, DICE_PRIVATE_KEY_SIZE,
+ DICE_PUBLIC_KEY_SIZE, DICE_SIGNATURE_SIZE,
};
use std::ptr;
use zeroize::{Zeroize, ZeroizeOnDrop};
@@ -35,6 +36,12 @@
pub const CDI_SIZE: usize = DICE_CDI_SIZE as usize;
/// The size of a private key seed.
pub const PRIVATE_KEY_SEED_SIZE: usize = DICE_PRIVATE_KEY_SEED_SIZE as usize;
+/// The size of a private key.
+pub const PRIVATE_KEY_SIZE: usize = DICE_PRIVATE_KEY_SIZE as usize;
+/// The size of a public key.
+pub const PUBLIC_KEY_SIZE: usize = DICE_PUBLIC_KEY_SIZE as usize;
+/// The size of a signature.
+pub const SIGNATURE_SIZE: usize = DICE_SIGNATURE_SIZE as usize;
/// The size of an ID.
pub const ID_SIZE: usize = DICE_ID_SIZE as usize;
@@ -48,11 +55,15 @@
pub type Cdi = [u8; CDI_SIZE];
/// Array type of private key seeds.
pub type PrivateKeySeed = [u8; PRIVATE_KEY_SEED_SIZE];
+/// Array type of the public key.
+pub type PublicKey = [u8; PUBLIC_KEY_SIZE];
+/// Array type of the signature.
+pub type Signature = [u8; SIGNATURE_SIZE];
/// Array type of DICE ID.
pub type DiceId = [u8; ID_SIZE];
/// CDI Values.
-#[derive(Zeroize, ZeroizeOnDrop, Default)]
+#[derive(Debug, Zeroize, ZeroizeOnDrop, Default)]
pub struct CdiValues {
/// Attestation CDI.
pub cdi_attest: Cdi,
diff --git a/diced/open_dice/src/lib.rs b/diced/open_dice/src/lib.rs
index f76494e..c10626b 100644
--- a/diced/open_dice/src/lib.rs
+++ b/diced/open_dice/src/lib.rs
@@ -27,16 +27,19 @@
#[cfg(feature = "std")]
mod retry;
-pub use bcc::{bcc_format_config_descriptor, bcc_main_flow};
+pub use bcc::{
+ bcc_format_config_descriptor, bcc_handover_main_flow, bcc_handover_parse, bcc_main_flow,
+ BccHandover,
+};
pub use dice::{
derive_cdi_certificate_id, derive_cdi_private_key_seed, dice_main_flow, Cdi, CdiValues, Config,
DiceMode, Hash, Hidden, InlineConfig, InputValues, PrivateKeySeed, CDI_SIZE, HASH_SIZE,
HIDDEN_SIZE, ID_SIZE, PRIVATE_KEY_SEED_SIZE,
};
pub use error::{check_result, DiceError, Result};
-pub use ops::{hash, kdf};
+pub use ops::{generate_certificate, hash, kdf, sign, verify};
#[cfg(feature = "std")]
pub use retry::{
retry_bcc_format_config_descriptor, retry_bcc_main_flow, retry_dice_main_flow,
- OwnedDiceArtifacts,
+ retry_generate_certificate, OwnedDiceArtifacts,
};
diff --git a/diced/open_dice/src/ops.rs b/diced/open_dice/src/ops.rs
index 0eab116..21b7d9e 100644
--- a/diced/open_dice/src/ops.rs
+++ b/diced/open_dice/src/ops.rs
@@ -16,9 +16,12 @@
//! It contains the set of functions that implement various operations that the
//! main DICE functions depend on.
-use crate::dice::{Hash, HASH_SIZE};
+use crate::dice::{
+ Hash, InputValues, PublicKey, Signature, HASH_SIZE, PRIVATE_KEY_SEED_SIZE, PRIVATE_KEY_SIZE,
+ SIGNATURE_SIZE,
+};
use crate::error::{check_result, Result};
-use open_dice_cbor_bindgen::{DiceHash, DiceKdf};
+use open_dice_cbor_bindgen::{DiceGenerateCertificate, DiceHash, DiceKdf, DiceSign, DiceVerify};
use std::ptr;
/// Hashes the provided input using DICE's hash function `DiceHash`.
@@ -56,3 +59,63 @@
)
})
}
+
+/// Signs the `message` with the give `private_key` using `DiceSign`.
+pub fn sign(message: &[u8], private_key: &[u8; PRIVATE_KEY_SIZE]) -> Result<Signature> {
+ let mut signature = [0u8; SIGNATURE_SIZE];
+ // SAFETY: The function writes to the `signature` within the given bounds, and only reads the
+ // message and the private key. The first argument context is not used in this function.
+ check_result(unsafe {
+ DiceSign(
+ ptr::null_mut(), // context
+ message.as_ptr(),
+ message.len(),
+ private_key.as_ptr(),
+ signature.as_mut_ptr(),
+ )
+ })?;
+ Ok(signature)
+}
+
+/// Verifies the `signature` of the `message` with the given `public_key` using `DiceVerify`.
+pub fn verify(message: &[u8], signature: &Signature, public_key: &PublicKey) -> Result<()> {
+ // SAFETY: only reads the messages, signature and public key as constant values.
+ // The first argument context is not used in this function.
+ check_result(unsafe {
+ DiceVerify(
+ ptr::null_mut(), // context
+ message.as_ptr(),
+ message.len(),
+ signature.as_ptr(),
+ public_key.as_ptr(),
+ )
+ })
+}
+
+/// Generates an X.509 certificate from the given `subject_private_key_seed` and
+/// `input_values`, and signed by `authority_private_key_seed`.
+/// The subject private key seed is supplied here so the implementation can choose
+/// between asymmetric mechanisms, for example ECDSA vs Ed25519.
+/// Returns the actual size of the generated certificate.
+pub fn generate_certificate(
+ subject_private_key_seed: &[u8; PRIVATE_KEY_SEED_SIZE],
+ authority_private_key_seed: &[u8; PRIVATE_KEY_SEED_SIZE],
+ input_values: &InputValues,
+ certificate: &mut [u8],
+) -> Result<usize> {
+ let mut certificate_actual_size = 0;
+ // SAFETY: The function writes to the `certificate` within the given bounds, and only reads the
+ // input values and the key seeds. The first argument context is not used in this function.
+ check_result(unsafe {
+ DiceGenerateCertificate(
+ ptr::null_mut(), // context
+ subject_private_key_seed.as_ptr(),
+ authority_private_key_seed.as_ptr(),
+ input_values.as_ptr(),
+ certificate.len(),
+ certificate.as_mut_ptr(),
+ &mut certificate_actual_size,
+ )
+ })?;
+ Ok(certificate_actual_size)
+}
diff --git a/diced/open_dice/src/retry.rs b/diced/open_dice/src/retry.rs
index 58648b8..b7c1a71 100644
--- a/diced/open_dice/src/retry.rs
+++ b/diced/open_dice/src/retry.rs
@@ -18,14 +18,16 @@
//! std environment.
use crate::bcc::{bcc_format_config_descriptor, bcc_main_flow};
-use crate::dice::{dice_main_flow, Cdi, CdiValues, InputValues};
+use crate::dice::{dice_main_flow, Cdi, CdiValues, InputValues, PRIVATE_KEY_SEED_SIZE};
use crate::error::{DiceError, Result};
+use crate::ops::generate_certificate;
use std::ffi::CStr;
/// Artifacts stores a set of dice artifacts comprising CDI_ATTEST, CDI_SEAL,
/// and the BCC formatted attestation certificate chain.
/// As we align with the DICE standards today, this is the certificate chain
/// is also called DICE certificate chain.
+#[derive(Debug)]
pub struct OwnedDiceArtifacts {
/// CDI Values.
pub cdi_values: CdiValues,
@@ -120,3 +122,23 @@
})?;
Ok((next_cdi_values, next_cdi_certificate))
}
+
+/// Generates an X.509 certificate from the given `subject_private_key_seed` and
+/// `input_values`, and signed by `authority_private_key_seed`.
+/// The subject private key seed is supplied here so the implementation can choose
+/// between asymmetric mechanisms, for example ECDSA vs Ed25519.
+/// Returns the generated certificate.
+pub fn retry_generate_certificate(
+ subject_private_key_seed: &[u8; PRIVATE_KEY_SEED_SIZE],
+ authority_private_key_seed: &[u8; PRIVATE_KEY_SEED_SIZE],
+ input_values: &InputValues,
+) -> Result<Vec<u8>> {
+ retry_with_bigger_buffer(|certificate| {
+ generate_certificate(
+ subject_private_key_seed,
+ authority_private_key_seed,
+ input_values,
+ certificate,
+ )
+ })
+}
diff --git a/diced/open_dice_cbor/lib.rs b/diced/open_dice_cbor/lib.rs
index 4bcb93a..ef797dc 100644
--- a/diced/open_dice_cbor/lib.rs
+++ b/diced/open_dice_cbor/lib.rs
@@ -33,77 +33,18 @@
pub use diced_open_dice::{
check_result, derive_cdi_private_key_seed, hash, retry_bcc_format_config_descriptor,
- retry_bcc_main_flow, retry_dice_main_flow, Config, DiceError, Hash, Hidden, InputValues,
+ retry_bcc_main_flow, retry_dice_main_flow, sign, Config, DiceError, Hash, Hidden, InputValues,
OwnedDiceArtifacts, Result, CDI_SIZE, HASH_SIZE, HIDDEN_SIZE, PRIVATE_KEY_SEED_SIZE,
};
use keystore2_crypto::ZVec;
pub use open_dice_cbor_bindgen::DiceMode;
-use open_dice_cbor_bindgen::{
- DiceGenerateCertificate, DiceKeypairFromSeed, DiceSign, DiceVerify, DICE_PRIVATE_KEY_SIZE,
- DICE_PUBLIC_KEY_SIZE, DICE_SIGNATURE_SIZE,
-};
+use open_dice_cbor_bindgen::{DiceKeypairFromSeed, DICE_PRIVATE_KEY_SIZE, DICE_PUBLIC_KEY_SIZE};
use std::ffi::c_void;
/// The size of a private key.
pub const PRIVATE_KEY_SIZE: usize = DICE_PRIVATE_KEY_SIZE as usize;
/// The size of a public key.
pub const PUBLIC_KEY_SIZE: usize = DICE_PUBLIC_KEY_SIZE as usize;
-/// The size of a signature.
-pub const SIGNATURE_SIZE: usize = DICE_SIGNATURE_SIZE as usize;
-
-/// Multiple of the open dice function required preallocated output buffer
-/// which may be too small, this function implements the retry logic to handle
-/// too small buffer allocations.
-/// The callback `F` must expect a mutable reference to a buffer and a size hint
-/// field. The callback is called repeatedly as long as it returns
-/// `Err(Error::BufferTooSmall)`. If the size hint remains 0, the buffer size is
-/// doubled with each iteration. If the size hint is set by the callback, the buffer
-/// will be set to accommodate at least this many bytes.
-/// If the callback returns `Ok(())`, the buffer is truncated to the size hint
-/// exactly.
-/// The function panics if the callback returns `Ok(())` and the size hint is
-/// larger than the buffer size.
-/// TODO(b/267575445): Remove this method once we migrate all its callers to
-/// `retry_with_bigger_buffer` in `diced_open_dice`.
-fn retry_while_adjusting_output_buffer<F>(mut f: F) -> Result<Vec<u8>>
-where
- F: FnMut(&mut Vec<u8>, &mut usize) -> Result<()>,
-{
- let mut buffer = vec![0; INITIAL_OUT_BUFFER_SIZE];
- let mut actual_size: usize = 0;
- loop {
- match f(&mut buffer, &mut actual_size) {
- // If Error::BufferTooSmall was returned, the allocated certificate
- // buffer was to small for the output. So the buffer is resized to the actual
- // size, and a second attempt is made with the new buffer.
- Err(DiceError::BufferTooSmall) => {
- let new_size = if actual_size == 0 {
- // Due to an off spec implementation of open dice cbor, actual size
- // does not return the required size if the buffer was too small. So
- // we have to try and approach it gradually.
- buffer.len() * 2
- } else {
- actual_size
- };
- buffer.resize(new_size, 0);
- continue;
- }
- Err(e) => return Err(e),
- Ok(()) => {
- if actual_size > buffer.len() {
- panic!(
- "actual_size larger than buffer size: open-dice function
- may have written past the end of the buffer."
- );
- }
- // Truncate the certificate buffer to the actual size because it may be
- // smaller than the original allocation.
- buffer.truncate(actual_size);
- return Ok(buffer);
- }
- }
- }
-}
/// Some libopen-dice variants use a context. Developers that want to customize these
/// bindings may want to implement their own Context factory that creates a context
@@ -151,8 +92,6 @@
/// Type alias for Vec<u8> indicating that it holds a BCC certificate chain.
pub type Bcc = Vec<u8>;
-const INITIAL_OUT_BUFFER_SIZE: usize = 1024;
-
/// ContextImpl is a mixin trait that implements the safe wrappers around the open dice
/// library calls. Implementations must implement Context::get_context(). As of
/// this writing, the only implementation is OpenDiceCborContext, which returns NULL.
@@ -182,99 +121,6 @@
})?;
Ok((public_key, private_key))
}
-
- /// Safe wrapper around open-dice DiceSign, see open dice
- /// documentation for details.
- fn sign(&mut self, message: &[u8], private_key: &[u8; PRIVATE_KEY_SIZE]) -> Result<Vec<u8>> {
- let mut signature = vec![0u8; SIGNATURE_SIZE];
-
- // SAFETY:
- // * The first context argument may be NULL and is unused by the wrapped
- // implementation.
- // * The second argument and the third argument are the pointer to and length of the given
- // message buffer.
- // * The fourth argument is a const buffer of size `PRIVATE_KEY_SIZE`. This is fulfilled
- // by the definition of `private key`.
- // * The fifth argument is mutable buffer of size `SIGNATURE_SIZE`. This is fulfilled
- // by the allocation above.
- // * All pointers must be valid for the duration of the function call but not beyond.
- check_result(unsafe {
- DiceSign(
- self.get_context(),
- message.as_ptr(),
- message.len(),
- private_key.as_ptr(),
- signature.as_mut_ptr(),
- )
- })?;
- Ok(signature)
- }
-
- /// Safe wrapper around open-dice DiceVerify, see open dice
- /// documentation for details.
- fn verify(
- &mut self,
- message: &[u8],
- signature: &[u8; SIGNATURE_SIZE],
- public_key: &[u8; PUBLIC_KEY_SIZE],
- ) -> Result<()> {
- // SAFETY:
- // * The first context argument may be NULL and is unused by the wrapped
- // implementation.
- // * The second argument and the third argument are the pointer to and length of the given
- // message buffer.
- // * The fourth argument is a const buffer of size `SIGNATURE_SIZE`. This is fulfilled
- // by the definition of `signature`.
- // * The fifth argument is a const buffer of size `PUBLIC_KEY_SIZE`. This is fulfilled
- // by the definition of `public_key`.
- // * All pointers must be valid for the duration of the function call but not beyond.
- check_result(unsafe {
- DiceVerify(
- self.get_context(),
- message.as_ptr(),
- message.len(),
- signature.as_ptr(),
- public_key.as_ptr(),
- )
- })
- }
-
- /// Safe wrapper around open-dice DiceGenerateCertificate, see open dice
- /// documentation for details.
- fn generate_certificate(
- &mut self,
- subject_private_key_seed: &[u8; PRIVATE_KEY_SEED_SIZE],
- authority_private_key_seed: &[u8; PRIVATE_KEY_SEED_SIZE],
- input_values: &InputValues,
- ) -> Result<Vec<u8>> {
- // SAFETY (DiceGenerateCertificate):
- // * The first context argument may be NULL and is unused by the wrapped
- // implementation.
- // * The second argument and the third argument are const arrays of size
- // `PRIVATE_KEY_SEED_SIZE`. This is fulfilled as per the definition of the arguments.
- // * The fourth argument is a pointer to `DiceInputValues` it, and its indirect
- // references must be valid for the duration of the function call.
- // * The fifth argument and the sixth argument are the length of and the pointer to the
- // allocated certificate buffer respectively. They are used to return
- // the generated certificate.
- // * The seventh argument is a pointer to a mutable usize object. It is
- // used to return the actual size of the output certificate.
- // * All pointers must be valid for the duration of the function call but not beyond.
- let cert = retry_while_adjusting_output_buffer(|cert, actual_size| {
- check_result(unsafe {
- DiceGenerateCertificate(
- self.get_context(),
- subject_private_key_seed.as_ptr(),
- authority_private_key_seed.as_ptr(),
- input_values.as_ptr(),
- cert.len(),
- cert.as_mut_ptr(),
- actual_size as *mut _,
- )
- })
- })?;
- Ok(cert)
- }
}
#[cfg(test)]
@@ -338,29 +184,18 @@
assert_eq!(&pub_key, PUB_KEY_TEST_VECTOR);
assert_eq!(&priv_key[..], PRIV_KEY_TEST_VECTOR);
let mut signature =
- ctx.sign("MyMessage".as_bytes(), priv_key[..].try_into().unwrap()).unwrap();
+ diced_open_dice::sign(b"MyMessage", priv_key[..].try_into().unwrap()).unwrap();
assert_eq!(&signature, SIGNATURE_TEST_VECTOR);
- assert!(ctx
- .verify(
- "MyMessage".as_bytes(),
- signature[..].try_into().unwrap(),
- pub_key[..].try_into().unwrap()
- )
+ assert!(diced_open_dice::verify(b"MyMessage", &signature, pub_key[..].try_into().unwrap())
.is_ok());
- assert!(ctx
- .verify(
- "MyMessage_fail".as_bytes(),
- signature[..].try_into().unwrap(),
- pub_key[..].try_into().unwrap()
- )
- .is_err());
+ assert!(diced_open_dice::verify(
+ b"MyMessage_fail",
+ &signature,
+ pub_key[..].try_into().unwrap()
+ )
+ .is_err());
signature[0] += 1;
- assert!(ctx
- .verify(
- "MyMessage".as_bytes(),
- signature[..].try_into().unwrap(),
- pub_key[..].try_into().unwrap()
- )
+ assert!(diced_open_dice::verify(b"MyMessage", &signature, pub_key[..].try_into().unwrap())
.is_err());
}
diff --git a/diced/src/hal_node.rs b/diced/src/hal_node.rs
index ca470e5..7a397ec 100644
--- a/diced/src/hal_node.rs
+++ b/diced/src/hal_node.rs
@@ -220,7 +220,7 @@
)
})?)
.context("In ResidentHal::sign: Failed to derive keypair from seed.")?;
- dice.sign(
+ let signature = dice::sign(
message,
private_key[..].try_into().with_context(|| {
format!(
@@ -229,7 +229,8 @@
)
})?,
)
- .context("In ResidentHal::sign: Failed to sign.")
+ .context("In ResidentHal::sign: Failed to sign.")?;
+ Ok(signature.to_vec())
})
.context("In ResidentHal::sign:")?;
Ok(Signature { data: signature })
diff --git a/diced/src/utils.rs b/diced/src/utils.rs
index c249366..2b47dac 100644
--- a/diced/src/utils.rs
+++ b/diced/src/utils.rs
@@ -19,7 +19,7 @@
Mode::Mode as BinderMode,
};
use anyhow::{Context, Result};
-use diced_open_dice_cbor as dice;
+use diced_open_dice as dice;
use keystore2_crypto::ZVec;
use std::convert::TryInto;
diff --git a/identity/CredentialStore.cpp b/identity/CredentialStore.cpp
index fea4df9..e2b3cf4 100644
--- a/identity/CredentialStore.cpp
+++ b/identity/CredentialStore.cpp
@@ -47,7 +47,7 @@
bool useRkpd() {
return android::base::GetBoolProperty("remote_provisioning.enable_rkpd",
- /*default_value=*/false);
+ /*default_value=*/true);
}
} // namespace
diff --git a/keystore2/src/attestation_key_utils.rs b/keystore2/src/attestation_key_utils.rs
index d31fa82..8c4cdea 100644
--- a/keystore2/src/attestation_key_utils.rs
+++ b/keystore2/src/attestation_key_utils.rs
@@ -54,11 +54,9 @@
}
fn use_rkpd() -> bool {
- let mutable_property = "persist.device_config.remote_key_provisioning_native.enable_rkpd";
- let fixed_property = "remote_provisioning.enable_rkpd";
- let default_value = false;
- system_properties::read_bool(mutable_property, default_value).unwrap_or(default_value)
- || system_properties::read_bool(fixed_property, default_value).unwrap_or(default_value)
+ let property = "remote_provisioning.enable_rkpd";
+ let default_value = true;
+ system_properties::read_bool(property, default_value).unwrap_or(default_value)
}
/// This function loads and, optionally, assigns the caller's remote provisioned