[dice] Move DiceSign/Verify nostd/std versions to diced_open_dice
As a step of merging the existing diced_open_dice_cbor library into
the new open-dice wrapper diced_open_dice.
Bug: 267575445
Test: atest diced_utils_test diced_sample_inputs_test \
diced_vendor_test diced_open_dice_cbor_test \
libdiced_open_dice_nostd.integration_test \
libdiced_open_dice.integration_test diced_open_dice_cbor_test
Change-Id: I1f8baecd92a516bc724741ffbe322b913f89db5b
diff --git a/diced/Android.bp b/diced/Android.bp
index d4d29d5..dfa81ec 100644
--- a/diced/Android.bp
+++ b/diced/Android.bp
@@ -30,7 +30,7 @@
rustlibs: [
"android.hardware.security.dice-V1-rust",
"libanyhow",
- "libdiced_open_dice_cbor",
+ "libdiced_open_dice",
"libkeystore2_crypto_rust",
],
}
@@ -44,7 +44,7 @@
rustlibs: [
"android.hardware.security.dice-V1-rust",
"libanyhow",
- "libdiced_open_dice_cbor",
+ "libdiced_open_dice",
"libkeystore2_crypto_rust",
],
}
diff --git a/diced/open_dice/src/dice.rs b/diced/open_dice/src/dice.rs
index ed7d843..c87bbfd 100644
--- a/diced/open_dice/src/dice.rs
+++ b/diced/open_dice/src/dice.rs
@@ -20,7 +20,8 @@
use open_dice_cbor_bindgen::{
DiceConfigType, DiceDeriveCdiCertificateId, DiceDeriveCdiPrivateKeySeed, DiceInputValues,
DiceMainFlow, DICE_CDI_SIZE, DICE_HASH_SIZE, DICE_HIDDEN_SIZE, DICE_ID_SIZE,
- DICE_INLINE_CONFIG_SIZE, DICE_PRIVATE_KEY_SEED_SIZE,
+ DICE_INLINE_CONFIG_SIZE, DICE_PRIVATE_KEY_SEED_SIZE, DICE_PRIVATE_KEY_SIZE,
+ DICE_PUBLIC_KEY_SIZE, DICE_SIGNATURE_SIZE,
};
use std::ptr;
use zeroize::{Zeroize, ZeroizeOnDrop};
@@ -35,6 +36,12 @@
pub const CDI_SIZE: usize = DICE_CDI_SIZE as usize;
/// The size of a private key seed.
pub const PRIVATE_KEY_SEED_SIZE: usize = DICE_PRIVATE_KEY_SEED_SIZE as usize;
+/// The size of a private key.
+pub const PRIVATE_KEY_SIZE: usize = DICE_PRIVATE_KEY_SIZE as usize;
+/// The size of a public key.
+pub const PUBLIC_KEY_SIZE: usize = DICE_PUBLIC_KEY_SIZE as usize;
+/// The size of a signature.
+pub const SIGNATURE_SIZE: usize = DICE_SIGNATURE_SIZE as usize;
/// The size of an ID.
pub const ID_SIZE: usize = DICE_ID_SIZE as usize;
@@ -48,6 +55,10 @@
pub type Cdi = [u8; CDI_SIZE];
/// Array type of private key seeds.
pub type PrivateKeySeed = [u8; PRIVATE_KEY_SEED_SIZE];
+/// Array type of the public key.
+pub type PublicKey = [u8; PUBLIC_KEY_SIZE];
+/// Array type of the signature.
+pub type Signature = [u8; SIGNATURE_SIZE];
/// Array type of DICE ID.
pub type DiceId = [u8; ID_SIZE];
diff --git a/diced/open_dice/src/lib.rs b/diced/open_dice/src/lib.rs
index 7e8c59a..7e08956 100644
--- a/diced/open_dice/src/lib.rs
+++ b/diced/open_dice/src/lib.rs
@@ -34,7 +34,7 @@
HIDDEN_SIZE, ID_SIZE, PRIVATE_KEY_SEED_SIZE,
};
pub use error::{check_result, DiceError, Result};
-pub use ops::{generate_certificate, hash, kdf};
+pub use ops::{generate_certificate, hash, kdf, sign, verify};
#[cfg(feature = "std")]
pub use retry::{
retry_bcc_format_config_descriptor, retry_bcc_main_flow, retry_dice_main_flow,
diff --git a/diced/open_dice/src/ops.rs b/diced/open_dice/src/ops.rs
index 3c0ef23..21b7d9e 100644
--- a/diced/open_dice/src/ops.rs
+++ b/diced/open_dice/src/ops.rs
@@ -16,9 +16,12 @@
//! It contains the set of functions that implement various operations that the
//! main DICE functions depend on.
-use crate::dice::{Hash, InputValues, HASH_SIZE, PRIVATE_KEY_SEED_SIZE};
+use crate::dice::{
+ Hash, InputValues, PublicKey, Signature, HASH_SIZE, PRIVATE_KEY_SEED_SIZE, PRIVATE_KEY_SIZE,
+ SIGNATURE_SIZE,
+};
use crate::error::{check_result, Result};
-use open_dice_cbor_bindgen::{DiceGenerateCertificate, DiceHash, DiceKdf};
+use open_dice_cbor_bindgen::{DiceGenerateCertificate, DiceHash, DiceKdf, DiceSign, DiceVerify};
use std::ptr;
/// Hashes the provided input using DICE's hash function `DiceHash`.
@@ -57,6 +60,38 @@
})
}
+/// Signs the `message` with the give `private_key` using `DiceSign`.
+pub fn sign(message: &[u8], private_key: &[u8; PRIVATE_KEY_SIZE]) -> Result<Signature> {
+ let mut signature = [0u8; SIGNATURE_SIZE];
+ // SAFETY: The function writes to the `signature` within the given bounds, and only reads the
+ // message and the private key. The first argument context is not used in this function.
+ check_result(unsafe {
+ DiceSign(
+ ptr::null_mut(), // context
+ message.as_ptr(),
+ message.len(),
+ private_key.as_ptr(),
+ signature.as_mut_ptr(),
+ )
+ })?;
+ Ok(signature)
+}
+
+/// Verifies the `signature` of the `message` with the given `public_key` using `DiceVerify`.
+pub fn verify(message: &[u8], signature: &Signature, public_key: &PublicKey) -> Result<()> {
+ // SAFETY: only reads the messages, signature and public key as constant values.
+ // The first argument context is not used in this function.
+ check_result(unsafe {
+ DiceVerify(
+ ptr::null_mut(), // context
+ message.as_ptr(),
+ message.len(),
+ signature.as_ptr(),
+ public_key.as_ptr(),
+ )
+ })
+}
+
/// Generates an X.509 certificate from the given `subject_private_key_seed` and
/// `input_values`, and signed by `authority_private_key_seed`.
/// The subject private key seed is supplied here so the implementation can choose
diff --git a/diced/open_dice_cbor/lib.rs b/diced/open_dice_cbor/lib.rs
index 8af903f..ef797dc 100644
--- a/diced/open_dice_cbor/lib.rs
+++ b/diced/open_dice_cbor/lib.rs
@@ -33,23 +33,18 @@
pub use diced_open_dice::{
check_result, derive_cdi_private_key_seed, hash, retry_bcc_format_config_descriptor,
- retry_bcc_main_flow, retry_dice_main_flow, Config, DiceError, Hash, Hidden, InputValues,
+ retry_bcc_main_flow, retry_dice_main_flow, sign, Config, DiceError, Hash, Hidden, InputValues,
OwnedDiceArtifacts, Result, CDI_SIZE, HASH_SIZE, HIDDEN_SIZE, PRIVATE_KEY_SEED_SIZE,
};
use keystore2_crypto::ZVec;
pub use open_dice_cbor_bindgen::DiceMode;
-use open_dice_cbor_bindgen::{
- DiceKeypairFromSeed, DiceSign, DiceVerify, DICE_PRIVATE_KEY_SIZE, DICE_PUBLIC_KEY_SIZE,
- DICE_SIGNATURE_SIZE,
-};
+use open_dice_cbor_bindgen::{DiceKeypairFromSeed, DICE_PRIVATE_KEY_SIZE, DICE_PUBLIC_KEY_SIZE};
use std::ffi::c_void;
/// The size of a private key.
pub const PRIVATE_KEY_SIZE: usize = DICE_PRIVATE_KEY_SIZE as usize;
/// The size of a public key.
pub const PUBLIC_KEY_SIZE: usize = DICE_PUBLIC_KEY_SIZE as usize;
-/// The size of a signature.
-pub const SIGNATURE_SIZE: usize = DICE_SIGNATURE_SIZE as usize;
/// Some libopen-dice variants use a context. Developers that want to customize these
/// bindings may want to implement their own Context factory that creates a context
@@ -126,62 +121,6 @@
})?;
Ok((public_key, private_key))
}
-
- /// Safe wrapper around open-dice DiceSign, see open dice
- /// documentation for details.
- fn sign(&mut self, message: &[u8], private_key: &[u8; PRIVATE_KEY_SIZE]) -> Result<Vec<u8>> {
- let mut signature = vec![0u8; SIGNATURE_SIZE];
-
- // SAFETY:
- // * The first context argument may be NULL and is unused by the wrapped
- // implementation.
- // * The second argument and the third argument are the pointer to and length of the given
- // message buffer.
- // * The fourth argument is a const buffer of size `PRIVATE_KEY_SIZE`. This is fulfilled
- // by the definition of `private key`.
- // * The fifth argument is mutable buffer of size `SIGNATURE_SIZE`. This is fulfilled
- // by the allocation above.
- // * All pointers must be valid for the duration of the function call but not beyond.
- check_result(unsafe {
- DiceSign(
- self.get_context(),
- message.as_ptr(),
- message.len(),
- private_key.as_ptr(),
- signature.as_mut_ptr(),
- )
- })?;
- Ok(signature)
- }
-
- /// Safe wrapper around open-dice DiceVerify, see open dice
- /// documentation for details.
- fn verify(
- &mut self,
- message: &[u8],
- signature: &[u8; SIGNATURE_SIZE],
- public_key: &[u8; PUBLIC_KEY_SIZE],
- ) -> Result<()> {
- // SAFETY:
- // * The first context argument may be NULL and is unused by the wrapped
- // implementation.
- // * The second argument and the third argument are the pointer to and length of the given
- // message buffer.
- // * The fourth argument is a const buffer of size `SIGNATURE_SIZE`. This is fulfilled
- // by the definition of `signature`.
- // * The fifth argument is a const buffer of size `PUBLIC_KEY_SIZE`. This is fulfilled
- // by the definition of `public_key`.
- // * All pointers must be valid for the duration of the function call but not beyond.
- check_result(unsafe {
- DiceVerify(
- self.get_context(),
- message.as_ptr(),
- message.len(),
- signature.as_ptr(),
- public_key.as_ptr(),
- )
- })
- }
}
#[cfg(test)]
@@ -245,29 +184,18 @@
assert_eq!(&pub_key, PUB_KEY_TEST_VECTOR);
assert_eq!(&priv_key[..], PRIV_KEY_TEST_VECTOR);
let mut signature =
- ctx.sign("MyMessage".as_bytes(), priv_key[..].try_into().unwrap()).unwrap();
+ diced_open_dice::sign(b"MyMessage", priv_key[..].try_into().unwrap()).unwrap();
assert_eq!(&signature, SIGNATURE_TEST_VECTOR);
- assert!(ctx
- .verify(
- "MyMessage".as_bytes(),
- signature[..].try_into().unwrap(),
- pub_key[..].try_into().unwrap()
- )
+ assert!(diced_open_dice::verify(b"MyMessage", &signature, pub_key[..].try_into().unwrap())
.is_ok());
- assert!(ctx
- .verify(
- "MyMessage_fail".as_bytes(),
- signature[..].try_into().unwrap(),
- pub_key[..].try_into().unwrap()
- )
- .is_err());
+ assert!(diced_open_dice::verify(
+ b"MyMessage_fail",
+ &signature,
+ pub_key[..].try_into().unwrap()
+ )
+ .is_err());
signature[0] += 1;
- assert!(ctx
- .verify(
- "MyMessage".as_bytes(),
- signature[..].try_into().unwrap(),
- pub_key[..].try_into().unwrap()
- )
+ assert!(diced_open_dice::verify(b"MyMessage", &signature, pub_key[..].try_into().unwrap())
.is_err());
}
diff --git a/diced/src/hal_node.rs b/diced/src/hal_node.rs
index ca470e5..7a397ec 100644
--- a/diced/src/hal_node.rs
+++ b/diced/src/hal_node.rs
@@ -220,7 +220,7 @@
)
})?)
.context("In ResidentHal::sign: Failed to derive keypair from seed.")?;
- dice.sign(
+ let signature = dice::sign(
message,
private_key[..].try_into().with_context(|| {
format!(
@@ -229,7 +229,8 @@
)
})?,
)
- .context("In ResidentHal::sign: Failed to sign.")
+ .context("In ResidentHal::sign: Failed to sign.")?;
+ Ok(signature.to_vec())
})
.context("In ResidentHal::sign:")?;
Ok(Signature { data: signature })
diff --git a/diced/src/utils.rs b/diced/src/utils.rs
index c249366..2b47dac 100644
--- a/diced/src/utils.rs
+++ b/diced/src/utils.rs
@@ -19,7 +19,7 @@
Mode::Mode as BinderMode,
};
use anyhow::{Context, Result};
-use diced_open_dice_cbor as dice;
+use diced_open_dice as dice;
use keystore2_crypto::ZVec;
use std::convert::TryInto;