Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_security / 7cc59563f12f225aef1ab0acedb82eb20f8f20ff^! / . / diced / src
commit7cc59563f12f225aef1ab0acedb82eb20f8f20ff[log] [tgz]
authorAlice Wang <aliceywang@google.com>Wed Feb 08 13:17:10 2023 +0000
committerAlice Wang <aliceywang@google.com>Wed Feb 08 13:17:10 2023 +0000
tree472537372f73200017f6cd7851ed2b95cde9c4c3
parent3e80ad38004030a35905ae148b5e743560554bff [diff]
[dice] Move KDF related functions to libdiced_open_dice

Bug: 267575445
Test: atest diced_utils_test diced_sample_inputs_test \
diced_test diced_vendor_test diced_open_dice_cbor_test \
libdiced_open_dice_nostd.integration_test \
libdiced_open_dice.integration_test diced_open_dice_cbor_test

Change-Id: I1e2439bd3770b5cec6166fca698b6017a263f029

diff --git a/diced/src/hal_node.rs b/diced/src/hal_node.rs
index 12be4ae..1efee8b 100644
--- a/diced/src/hal_node.rs
+++ b/diced/src/hal_node.rs

@@ -203,14 +203,15 @@
             .with_effective_artifacts(input_values, |artifacts| {
                 let (cdi_attest, _, _) = artifacts.into_tuple();
                 let mut dice = OpenDiceCborContext::new();
-                let seed = dice
-                    .derive_cdi_private_key_seed(cdi_attest[..].try_into().with_context(|| {
+                let seed = dice::derive_cdi_private_key_seed(
+                    cdi_attest[..].try_into().with_context(|| {
                         format!(
                             "In ResidentHal::sign: Failed to convert cdi_attest (length: {}).",
                             cdi_attest.len()
                         )
-                    })?)
-                    .context("In ResidentHal::sign: Failed to derive seed from cdi_attest.")?;
+                    })?,
+                )
+                .context("In ResidentHal::sign: Failed to derive seed from cdi_attest.")?;
                 let (_public_key, private_key) = dice
                     .keypair_from_seed(seed[..].try_into().with_context(|| {
                         format!(

diff --git a/diced/src/resident_node.rs b/diced/src/resident_node.rs
index 0bd5d0d..d65f30c 100644
--- a/diced/src/resident_node.rs
+++ b/diced/src/resident_node.rs

@@ -82,8 +82,8 @@
             .context("In ResidentNode::sign: Failed to get effective_artifacts.")?
             .into_tuple();
         let mut dice = OpenDiceCborContext::new();
-        let seed = dice
-            .derive_cdi_private_key_seed(cdi_attest[..].try_into().with_context(|| {
+        let seed =
+            dice::derive_cdi_private_key_seed(cdi_attest[..].try_into().with_context(|| {
                 format!(
                     "In ResidentNode::sign: Failed to convert cdi_attest (length: {}).",
                     cdi_attest.len()

diff --git a/diced/src/sample_inputs.rs b/diced/src/sample_inputs.rs
index 3f36119..5b61fed 100644
--- a/diced/src/sample_inputs.rs
+++ b/diced/src/sample_inputs.rs

@@ -68,8 +68,7 @@
 /// by `get_input_values_vector`.
 pub fn make_sample_bcc_and_cdis() -> Result<(ZVec, ZVec, Vec<u8>)> {
     let mut dice_ctx = dice::OpenDiceCborContext::new();
-    let private_key_seed = dice_ctx
-        .derive_cdi_private_key_seed(UDS)
+    let private_key_seed = dice::derive_cdi_private_key_seed(UDS)
         .context("In make_sample_bcc_and_cdis: Trying to derive private key seed.")?;
 
     let (public_key, _) =