[dice] Move format_condig_descriptor to diced_open_dice
Test: atest diced_utils_test diced_sample_inputs_test \
diced_test diced_vendor_test diced_open_dice_cbor_test \
diced_client_test
Test: m pvmfw_img microdroid_manager
Test: atest microdroid_manager_test vmbase_example.integration_test
Bug: 267575445
Change-Id: Iba7f775c1d1a3070c119da546edad38c2bbf67ac
diff --git a/diced/src/diced_client_test.rs b/diced/src/diced_client_test.rs
index f579a4e..054b2d1 100644
--- a/diced/src/diced_client_test.rs
+++ b/diced/src/diced_client_test.rs
@@ -22,6 +22,7 @@
use diced_open_dice_cbor as dice;
use nix::libc::uid_t;
use std::convert::TryInto;
+use std::ffi::CString;
static DICE_NODE_SERVICE_NAME: &str = "android.security.dice.IDiceNode";
static DICE_MAINTENANCE_SERVICE_NAME: &str = "android.security.dice.IDiceMaintenance";
@@ -106,10 +107,11 @@
}
fn client_input_values(uid: uid_t) -> BinderInputValues {
+ let desc = CString::new(format!("{}", uid)).unwrap();
BinderInputValues {
codeHash: [0; dice::HASH_SIZE],
config: BinderConfig {
- desc: dice::bcc::format_config_descriptor(Some(&format!("{}", uid)), None, true)
+ desc: dice::retry_bcc_format_config_descriptor(Some(desc.as_c_str()), None, true)
.unwrap(),
},
authorityHash: [0; dice::HASH_SIZE],
diff --git a/diced/src/hal_node.rs b/diced/src/hal_node.rs
index d2e8b0c..453b12e 100644
--- a/diced/src/hal_node.rs
+++ b/diced/src/hal_node.rs
@@ -333,6 +333,7 @@
use diced_open_dice_cbor as dice;
use diced_sample_inputs;
use diced_utils as utils;
+ use std::ffi::CStr;
#[derive(Debug, Serialize, Deserialize, Clone)]
struct InsecureSerializableArtifacts {
@@ -371,7 +372,7 @@
fn make_input_values(
code: &str,
- config_name: &str,
+ config_name: &CStr,
authority: &str,
) -> Result<BinderInputValues> {
let mut dice_ctx = dice::OpenDiceCborContext::new();
@@ -382,7 +383,7 @@
.as_slice()
.try_into()?,
config: BinderConfig {
- desc: dice::bcc::format_config_descriptor(Some(config_name), None, true)
+ desc: dice::retry_bcc_format_config_descriptor(Some(config_name), None, true)
.context("In make_input_values: Failed to format config descriptor.")?,
},
authorityHash: dice_ctx
@@ -405,9 +406,21 @@
ResidentArtifacts::new(cdi_attest[..].try_into()?, cdi_seal[..].try_into()?, &bcc)?;
let input_values = &[
- make_input_values("component 1 code", "component 1", "component 1 authority")?,
- make_input_values("component 2 code", "component 2", "component 2 authority")?,
- make_input_values("component 3 code", "component 3", "component 3 authority")?,
+ make_input_values(
+ "component 1 code",
+ CStr::from_bytes_with_nul(b"component 1\0").unwrap(),
+ "component 1 authority",
+ )?,
+ make_input_values(
+ "component 2 code",
+ CStr::from_bytes_with_nul(b"component 2\0").unwrap(),
+ "component 2 authority",
+ )?,
+ make_input_values(
+ "component 3 code",
+ CStr::from_bytes_with_nul(b"component 3\0").unwrap(),
+ "component 3 authority",
+ )?,
];
let new_artifacts = artifacts.execute_steps(input_values)?;
@@ -441,9 +454,21 @@
let bcc_handover = hal_impl
.derive(&[
- make_input_values("component 1 code", "component 1", "component 1 authority")?,
- make_input_values("component 2 code", "component 2", "component 2 authority")?,
- make_input_values("component 3 code", "component 3", "component 3 authority")?,
+ make_input_values(
+ "component 1 code",
+ CStr::from_bytes_with_nul(b"component 1\0").unwrap(),
+ "component 1 authority",
+ )?,
+ make_input_values(
+ "component 2 code",
+ CStr::from_bytes_with_nul(b"component 2\0").unwrap(),
+ "component 2 authority",
+ )?,
+ make_input_values(
+ "component 3 code",
+ CStr::from_bytes_with_nul(b"component 3\0").unwrap(),
+ "component 3 authority",
+ )?,
])
.expect("Failed to derive artifacts.");
@@ -470,15 +495,23 @@
hal_impl
.demote(&[
- make_input_values("component 1 code", "component 1", "component 1 authority")?,
- make_input_values("component 2 code", "component 2", "component 2 authority")?,
+ make_input_values(
+ "component 1 code",
+ CStr::from_bytes_with_nul(b"component 1\0").unwrap(),
+ "component 1 authority",
+ )?,
+ make_input_values(
+ "component 2 code",
+ CStr::from_bytes_with_nul(b"component 2\0").unwrap(),
+ "component 2 authority",
+ )?,
])
.expect("Failed to demote implementation.");
let bcc_handover = hal_impl
.derive(&[make_input_values(
"component 3 code",
- "component 3",
+ CStr::from_bytes_with_nul(b"component 3\0").unwrap(),
"component 3 authority",
)?])
.expect("Failed to derive artifacts.");
diff --git a/diced/src/lib.rs b/diced/src/lib.rs
index 50e0e96..9e70ace 100644
--- a/diced/src/lib.rs
+++ b/diced/src/lib.rs
@@ -36,6 +36,7 @@
use keystore2_selinux as selinux;
use libc::uid_t;
use permission::Permission;
+use std::ffi::CString;
use std::sync::Arc;
/// A DiceNode backend implementation.
@@ -97,11 +98,12 @@
}
fn client_input_values(uid: uid_t) -> Result<BinderInputValues> {
+ let desc = CString::new(format!("{}", uid)).unwrap();
Ok(BinderInputValues {
codeHash: [0; dice::HASH_SIZE],
config: BinderConfig {
- desc: dice::bcc::format_config_descriptor(Some(&format!("{}", uid)), None, false)
- .context("In client_input_values: failed to format config descriptor")?,
+ desc: dice::retry_bcc_format_config_descriptor(Some(desc.as_c_str()), None, true)
+ .unwrap(),
},
authorityHash: [0; dice::HASH_SIZE],
authorityDescriptor: None,
diff --git a/diced/src/sample_inputs.rs b/diced/src/sample_inputs.rs
index 0553327..3f36119 100644
--- a/diced/src/sample_inputs.rs
+++ b/diced/src/sample_inputs.rs
@@ -24,6 +24,7 @@
use diced_utils::{cbor, to_dice_input_values};
use keystore2_crypto::ZVec;
use std::convert::TryInto;
+use std::ffi::CStr;
use std::io::Write;
/// Sample UDS used to perform the root dice flow by `make_sample_bcc_and_cdis`.
@@ -122,7 +123,7 @@
fn make_input_values(
code_hash: dice::Hash,
authority_hash: dice::Hash,
- config_name: &str,
+ config_name: &CStr,
config_version: u64,
config_resettable: bool,
mode: Mode,
@@ -131,7 +132,7 @@
Ok(BinderInputValues {
codeHash: code_hash,
config: BinderConfig {
- desc: dice::bcc::format_config_descriptor(
+ desc: dice::retry_bcc_format_config_descriptor(
Some(config_name),
Some(config_version),
config_resettable,
@@ -201,9 +202,9 @@
make_input_values(
CODE_HASH1,
AUTHORITY_HASH1,
- "ABL", // config name
- 1, // config version
- true, // resettable
+ CStr::from_bytes_with_nul(b"ABL\0").unwrap(), // config name
+ 1, // config version
+ true, // resettable
Mode::NORMAL,
HIDDEN1,
)
@@ -211,9 +212,9 @@
make_input_values(
CODE_HASH2,
AUTHORITY_HASH2,
- "AVB", // config name
- 1, // config version
- true, // resettable
+ CStr::from_bytes_with_nul(b"AVB\0").unwrap(), // config name
+ 1, // config version
+ true, // resettable
Mode::NORMAL,
HIDDEN2,
)
@@ -221,9 +222,9 @@
make_input_values(
[0; dice::HASH_SIZE], // code hash
AUTHORITY_HASH3,
- "Android", // config name
- 12, // config version
- true, // resettable
+ CStr::from_bytes_with_nul(b"Android\0").unwrap(), // config name
+ 12, // config version
+ true, // resettable
Mode::NORMAL,
[0; dice::HIDDEN_SIZE], // hidden,
)