Merge "[dice] Move dice bindgens next to their safe wrapper library"
diff --git a/diced/Android.bp b/diced/Android.bp
index dfa81ec..b640326a 100644
--- a/diced/Android.bp
+++ b/diced/Android.bp
@@ -58,6 +58,7 @@
rustlibs: [
"android.hardware.security.dice-V1-rust",
"libanyhow",
+ "libdiced_open_dice",
"libdiced_open_dice_cbor",
"libdiced_utils",
],
@@ -72,6 +73,7 @@
rustlibs: [
"android.hardware.security.dice-V1-rust",
"libanyhow",
+ "libdiced_open_dice",
"libdiced_open_dice_cbor",
"libdiced_utils",
],
@@ -85,6 +87,7 @@
vendor_available: true,
rustlibs: [
"android.hardware.security.dice-V1-rust",
+ "libdiced_open_dice",
"libdiced_open_dice_cbor",
"libanyhow",
"libbinder_rs",
@@ -108,6 +111,7 @@
rustlibs: [
"android.hardware.security.dice-V1-rust",
"libanyhow",
+ "libdiced_open_dice",
"libdiced_open_dice_cbor",
"libdiced_sample_inputs",
"libdiced_utils",
@@ -138,6 +142,7 @@
"android.security.dice-rust",
"libanyhow",
"libbinder_rs",
+ "libdiced_open_dice",
"libdiced_open_dice_cbor",
"libdiced_sample_inputs",
"libdiced_utils",
diff --git a/diced/open_dice/src/bcc.rs b/diced/open_dice/src/bcc.rs
index f343bc5..1575113 100644
--- a/diced/open_dice/src/bcc.rs
+++ b/diced/open_dice/src/bcc.rs
@@ -14,7 +14,7 @@
//! This module mirrors the content in open-dice/include/dice/android/bcc.h
-use crate::dice::{Cdi, CdiValues, InputValues, CDI_SIZE};
+use crate::dice::{Cdi, CdiValues, DiceArtifacts, InputValues, CDI_SIZE};
use crate::error::{check_result, DiceError, Result};
use open_dice_bcc_bindgen::{
BccConfigValues, BccFormatConfigDescriptor, BccHandoverMainFlow, BccHandoverParse, BccMainFlow,
@@ -127,11 +127,25 @@
#[derive(Debug)]
pub struct BccHandover<'a> {
/// Attestation CDI.
- pub cdi_attest: &'a Cdi,
+ cdi_attest: &'a [u8; CDI_SIZE],
/// Sealing CDI.
- pub cdi_seal: &'a Cdi,
+ cdi_seal: &'a [u8; CDI_SIZE],
/// Boot Certificate Chain.
- pub bcc: Option<&'a [u8]>,
+ bcc: Option<&'a [u8]>,
+}
+
+impl<'a> DiceArtifacts for BccHandover<'a> {
+ fn cdi_attest(&self) -> &[u8; CDI_SIZE] {
+ self.cdi_attest
+ }
+
+ fn cdi_seal(&self) -> &[u8; CDI_SIZE] {
+ self.cdi_seal
+ }
+
+ fn bcc(&self) -> Option<&[u8]> {
+ self.bcc
+ }
}
/// A BCC handover combines the BCC and CDIs in a single CBOR object.
diff --git a/diced/open_dice/src/dice.rs b/diced/open_dice/src/dice.rs
index 350237d..f5e7f71 100644
--- a/diced/open_dice/src/dice.rs
+++ b/diced/open_dice/src/dice.rs
@@ -62,13 +62,31 @@
/// Array type of DICE ID.
pub type DiceId = [u8; ID_SIZE];
+/// A trait for types that represent Dice artifacts, which include:
+///
+/// - Attestation CDI
+/// - Sealing CDI
+/// - Boot Certificate Chain
+///
+/// Types that implement this trait provide an access these artifacts.
+pub trait DiceArtifacts {
+ /// Returns a reference to the attestation CDI.
+ fn cdi_attest(&self) -> &[u8; CDI_SIZE];
+
+ /// Returns a reference to the sealing CDI.
+ fn cdi_seal(&self) -> &[u8; CDI_SIZE];
+
+ /// Returns a reference to the Boot Certificate Chain, if present.
+ fn bcc(&self) -> Option<&[u8]>;
+}
+
/// CDI Values.
#[derive(Debug, Zeroize, ZeroizeOnDrop, Default)]
pub struct CdiValues {
/// Attestation CDI.
- pub cdi_attest: Cdi,
+ pub cdi_attest: [u8; CDI_SIZE],
/// Sealing CDI.
- pub cdi_seal: Cdi,
+ pub cdi_seal: [u8; CDI_SIZE],
}
/// Configuration descriptor for DICE input values.
diff --git a/diced/open_dice/src/lib.rs b/diced/open_dice/src/lib.rs
index c10626b..925b5e8 100644
--- a/diced/open_dice/src/lib.rs
+++ b/diced/open_dice/src/lib.rs
@@ -33,8 +33,8 @@
};
pub use dice::{
derive_cdi_certificate_id, derive_cdi_private_key_seed, dice_main_flow, Cdi, CdiValues, Config,
- DiceMode, Hash, Hidden, InlineConfig, InputValues, PrivateKeySeed, CDI_SIZE, HASH_SIZE,
- HIDDEN_SIZE, ID_SIZE, PRIVATE_KEY_SEED_SIZE,
+ DiceArtifacts, DiceMode, Hash, Hidden, InlineConfig, InputValues, PrivateKeySeed, CDI_SIZE,
+ HASH_SIZE, HIDDEN_SIZE, ID_SIZE, PRIVATE_KEY_SEED_SIZE,
};
pub use error::{check_result, DiceError, Result};
pub use ops::{generate_certificate, hash, kdf, sign, verify};
diff --git a/diced/open_dice/src/retry.rs b/diced/open_dice/src/retry.rs
index b7c1a71..76a214c 100644
--- a/diced/open_dice/src/retry.rs
+++ b/diced/open_dice/src/retry.rs
@@ -18,7 +18,9 @@
//! std environment.
use crate::bcc::{bcc_format_config_descriptor, bcc_main_flow};
-use crate::dice::{dice_main_flow, Cdi, CdiValues, InputValues, PRIVATE_KEY_SEED_SIZE};
+use crate::dice::{
+ dice_main_flow, Cdi, CdiValues, DiceArtifacts, InputValues, CDI_SIZE, PRIVATE_KEY_SEED_SIZE,
+};
use crate::error::{DiceError, Result};
use crate::ops::generate_certificate;
use std::ffi::CStr;
@@ -30,9 +32,23 @@
#[derive(Debug)]
pub struct OwnedDiceArtifacts {
/// CDI Values.
- pub cdi_values: CdiValues,
+ cdi_values: CdiValues,
/// Boot Certificate Chain.
- pub bcc: Vec<u8>,
+ bcc: Vec<u8>,
+}
+
+impl DiceArtifacts for OwnedDiceArtifacts {
+ fn cdi_attest(&self) -> &[u8; CDI_SIZE] {
+ &self.cdi_values.cdi_attest
+ }
+
+ fn cdi_seal(&self) -> &[u8; CDI_SIZE] {
+ &self.cdi_values.cdi_seal
+ }
+
+ fn bcc(&self) -> Option<&[u8]> {
+ Some(&self.bcc)
+ }
}
/// Retries the given function with bigger output buffer size.
diff --git a/diced/open_dice_cbor/lib.rs b/diced/open_dice_cbor/lib.rs
index ef797dc..0e68e70 100644
--- a/diced/open_dice_cbor/lib.rs
+++ b/diced/open_dice_cbor/lib.rs
@@ -126,6 +126,7 @@
#[cfg(test)]
mod test {
use super::*;
+ use diced_open_dice::DiceArtifacts;
use diced_sample_inputs::make_sample_bcc_and_cdis;
use std::convert::TryInto;
@@ -319,8 +320,8 @@
#[test]
fn main_flow_and_bcc_main_flow() {
let dice_artifacts = make_sample_bcc_and_cdis().unwrap();
- assert_eq!(&dice_artifacts.cdi_values.cdi_attest, SAMPLE_CDI_ATTEST_TEST_VECTOR);
- assert_eq!(&dice_artifacts.cdi_values.cdi_seal, SAMPLE_CDI_SEAL_TEST_VECTOR);
- assert_eq!(&dice_artifacts.bcc, SAMPLE_BCC_TEST_VECTOR);
+ assert_eq!(dice_artifacts.cdi_attest(), SAMPLE_CDI_ATTEST_TEST_VECTOR);
+ assert_eq!(dice_artifacts.cdi_seal(), SAMPLE_CDI_SEAL_TEST_VECTOR);
+ assert_eq!(dice_artifacts.bcc(), Some(SAMPLE_BCC_TEST_VECTOR));
}
}
diff --git a/diced/src/diced_client_test.rs b/diced/src/diced_client_test.rs
index 054b2d1..29d7295 100644
--- a/diced/src/diced_client_test.rs
+++ b/diced/src/diced_client_test.rs
@@ -19,6 +19,7 @@
use android_security_dice::aidl::android::security::dice::IDiceMaintenance::IDiceMaintenance;
use android_security_dice::aidl::android::security::dice::IDiceNode::IDiceNode;
use binder::Strong;
+use diced_open_dice::DiceArtifacts;
use diced_open_dice_cbor as dice;
use nix::libc::uid_t;
use std::convert::TryInto;
@@ -54,11 +55,10 @@
.unwrap();
let artifacts = artifacts.execute_steps(input_values.iter()).unwrap();
- let (cdi_attest, cdi_seal, bcc) = artifacts.into_tuple();
let from_former = diced_utils::make_bcc_handover(
- cdi_attest[..].try_into().unwrap(),
- cdi_seal[..].try_into().unwrap(),
- &bcc,
+ artifacts.cdi_attest(),
+ artifacts.cdi_seal(),
+ artifacts.bcc().expect("bcc is none"),
)
.unwrap();
// TODO when we have a parser/verifier, check equivalence rather
@@ -94,11 +94,10 @@
.unwrap();
let artifacts = artifacts.execute_steps(input_values.iter()).unwrap();
- let (cdi_attest, cdi_seal, bcc) = artifacts.into_tuple();
let from_former = diced_utils::make_bcc_handover(
- cdi_attest[..].try_into().unwrap(),
- cdi_seal[..].try_into().unwrap(),
- &bcc,
+ artifacts.cdi_attest(),
+ artifacts.cdi_seal(),
+ artifacts.bcc().expect("bcc is none"),
)
.unwrap();
// TODO b/204938506 when we have a parser/verifier, check equivalence rather
@@ -156,11 +155,10 @@
let client = [client];
let artifacts = artifacts.execute_steps(input_values.iter().chain(client.iter())).unwrap();
- let (cdi_attest, cdi_seal, bcc) = artifacts.into_tuple();
let from_former = diced_utils::make_bcc_handover(
- cdi_attest[..].try_into().unwrap(),
- cdi_seal[..].try_into().unwrap(),
- &bcc,
+ artifacts.cdi_attest(),
+ artifacts.cdi_seal(),
+ artifacts.bcc().expect("bcc is none"),
)
.unwrap();
// TODO b/204938506 when we have a parser/verifier, check equivalence rather
diff --git a/diced/src/hal_node.rs b/diced/src/hal_node.rs
index 7a397ec..04602bd 100644
--- a/diced/src/hal_node.rs
+++ b/diced/src/hal_node.rs
@@ -35,6 +35,7 @@
use anyhow::{Context, Result};
use binder::{BinderFeatures, Result as BinderResult, Strong};
use dice::{ContextImpl, OpenDiceCborContext};
+pub use diced_open_dice::DiceArtifacts;
use diced_open_dice_cbor as dice;
use diced_utils as utils;
use nix::sys::wait::{waitpid, WaitStatus};
@@ -47,7 +48,7 @@
use std::os::unix::io::RawFd;
use std::sync::{Arc, RwLock};
use utils::ResidentArtifacts;
-pub use utils::{DiceArtifacts, UpdatableDiceArtifacts};
+pub use utils::UpdatableDiceArtifacts;
/// PipeReader is a simple wrapper around raw pipe file descriptors.
/// It takes ownership of the file descriptor and closes it on drop. It provides `read_all`, which
@@ -331,7 +332,7 @@
BccHandover::BccHandover, Config::Config as BinderConfig,
InputValues::InputValues as BinderInputValues, Mode::Mode as BinderMode,
};
- use anyhow::{Context, Result};
+ use anyhow::{anyhow, Context, Result};
use diced_open_dice_cbor as dice;
use diced_sample_inputs;
use diced_utils as utils;
@@ -346,11 +347,11 @@
impl From<dice::OwnedDiceArtifacts> for InsecureSerializableArtifacts {
fn from(dice_artifacts: dice::OwnedDiceArtifacts) -> Self {
- Self {
- cdi_attest: dice_artifacts.cdi_values.cdi_attest,
- cdi_seal: dice_artifacts.cdi_values.cdi_seal,
- bcc: dice_artifacts.bcc[..].to_vec(),
- }
+ let mut cdi_attest = [0u8; dice::CDI_SIZE];
+ cdi_attest.copy_from_slice(dice_artifacts.cdi_attest());
+ let mut cdi_seal = [0u8; dice::CDI_SIZE];
+ cdi_seal.copy_from_slice(dice_artifacts.cdi_seal());
+ Self { cdi_attest, cdi_seal, bcc: dice_artifacts.bcc().expect("bcc is none").to_vec() }
}
}
@@ -361,8 +362,8 @@
fn cdi_seal(&self) -> &[u8; dice::CDI_SIZE] {
&self.cdi_seal
}
- fn bcc(&self) -> Vec<u8> {
- self.bcc.clone()
+ fn bcc(&self) -> Option<&[u8]> {
+ Some(&self.bcc)
}
}
@@ -377,7 +378,7 @@
Ok(Self {
cdi_attest: *new_artifacts.cdi_attest(),
cdi_seal: *new_artifacts.cdi_seal(),
- bcc: new_artifacts.bcc(),
+ bcc: new_artifacts.bcc().ok_or_else(|| anyhow!("bcc is none"))?.to_vec(),
})
}
}
@@ -430,7 +431,7 @@
let result = utils::make_bcc_handover(
new_artifacts.cdi_attest(),
new_artifacts.cdi_seal(),
- &new_artifacts.bcc(),
+ new_artifacts.bcc().unwrap(),
)?;
assert_eq!(result, make_derive_test_vector());
diff --git a/diced/src/sample_inputs.rs b/diced/src/sample_inputs.rs
index 802a6d3..824ee9e 100644
--- a/diced/src/sample_inputs.rs
+++ b/diced/src/sample_inputs.rs
@@ -18,11 +18,11 @@
use android_hardware_security_dice::aidl::android::hardware::security::dice::{
Config::Config as BinderConfig, InputValues::InputValues as BinderInputValues, Mode::Mode,
};
-use anyhow::{Context, Result};
+use anyhow::{anyhow, Context, Result};
use dice::ContextImpl;
+use diced_open_dice::DiceArtifacts;
use diced_open_dice_cbor as dice;
use diced_utils::{cbor, to_dice_input_values};
-use std::convert::TryInto;
use std::ffi::CStr;
use std::io::Write;
@@ -100,9 +100,9 @@
)
.context("In make_sample_bcc_and_cdis: Trying to run first bcc main flow.")?;
dice::retry_bcc_main_flow(
- &dice_artifacts.cdi_values.cdi_attest,
- &dice_artifacts.cdi_values.cdi_seal,
- &dice_artifacts.bcc,
+ dice_artifacts.cdi_attest(),
+ dice_artifacts.cdi_seal(),
+ dice_artifacts.bcc().ok_or_else(|| anyhow!("bcc is none"))?,
&to_dice_input_values(&input_values_vector[2]),
)
.context("In make_sample_bcc_and_cdis: Trying to run second bcc main flow.")
diff --git a/diced/src/utils.rs b/diced/src/utils.rs
index 2b47dac..2789a60 100644
--- a/diced/src/utils.rs
+++ b/diced/src/utils.rs
@@ -18,8 +18,9 @@
Bcc::Bcc, BccHandover::BccHandover, InputValues::InputValues as BinderInputValues,
Mode::Mode as BinderMode,
};
-use anyhow::{Context, Result};
+use anyhow::{anyhow, Context, Result};
use diced_open_dice as dice;
+use diced_open_dice::DiceArtifacts;
use keystore2_crypto::ZVec;
use std::convert::TryInto;
@@ -61,6 +62,7 @@
/// and the BCC formatted attestation certificate chain. The sensitive secrets are
/// stored in zeroing vectors, and it implements functionality to perform DICE
/// derivation steps using libopen-dice-cbor.
+/// TODO(b/268322533): Remove this struct with the unused HAL service dice
pub struct ResidentArtifacts {
cdi_attest: ZVec,
cdi_seal: ZVec,
@@ -72,9 +74,9 @@
fn try_from(dice_artifacts: dice::OwnedDiceArtifacts) -> Result<Self, Self::Error> {
Ok(ResidentArtifacts {
- cdi_attest: dice_artifacts.cdi_values.cdi_attest[..].try_into()?,
- cdi_seal: dice_artifacts.cdi_values.cdi_seal[..].try_into()?,
- bcc: dice_artifacts.bcc[..].to_vec(),
+ cdi_attest: dice_artifacts.cdi_attest().to_vec().try_into()?,
+ cdi_seal: dice_artifacts.cdi_seal().to_vec().try_into()?,
+ bcc: dice_artifacts.bcc().ok_or_else(|| anyhow!("bcc is none"))?.to_vec(),
})
}
}
@@ -104,9 +106,9 @@
/// because DiceArtifacts returns array references of appropriate size.
pub fn new_from<T: DiceArtifacts + ?Sized>(artifacts: &T) -> Result<Self> {
Ok(ResidentArtifacts {
- cdi_attest: artifacts.cdi_attest()[..].try_into()?,
- cdi_seal: artifacts.cdi_seal()[..].try_into()?,
- bcc: artifacts.bcc(),
+ cdi_attest: artifacts.cdi_attest().to_vec().try_into()?,
+ cdi_seal: artifacts.cdi_seal().to_vec().try_into()?,
+ bcc: artifacts.bcc().ok_or_else(|| anyhow!("bcc is none"))?.to_vec(),
})
}
@@ -163,20 +165,6 @@
}
}
-/// An object that implements this trait provides the typical DICE artifacts.
-/// CDI_ATTEST, CDI_SEAL, and a certificate chain up to the public key that
-/// can be derived from CDI_ATTEST. Implementations should check the length of
-/// the stored CDI_* secrets on creation so that any valid instance returns the
-/// correct secrets in an infallible way.
-pub trait DiceArtifacts {
- /// Returns CDI_ATTEST.
- fn cdi_attest(&self) -> &[u8; dice::CDI_SIZE];
- /// Returns CDI_SEAL.
- fn cdi_seal(&self) -> &[u8; dice::CDI_SIZE];
- /// Returns the attestation certificate chain in BCC format.
- fn bcc(&self) -> Vec<u8>;
-}
-
/// Implement this trait to provide read and write access to a secure artifact
/// storage that can be used by the ResidentHal implementation.
pub trait UpdatableDiceArtifacts {
@@ -199,8 +187,8 @@
fn cdi_seal(&self) -> &[u8; dice::CDI_SIZE] {
self.cdi_seal[..].try_into().unwrap()
}
- fn bcc(&self) -> Vec<u8> {
- self.bcc.clone()
+ fn bcc(&self) -> Option<&[u8]> {
+ Some(&self.bcc)
}
}