From 9eab79b8c9d714496de74533ca9408929b238250 Mon Sep 17 00:00:00 2001 From: Shikha Panwar Date: Fri, 19 Jan 2024 11:05:11 +0000 Subject: [PATCH] Sk VTS: Use libdice_policy_builder With libdice_policy being refactored, get VTS to use the builder library. Test: Built the test-suite Bug: 291238565 Change-Id: I149ec1ba9ee66fd19cbf0d0a6f3baa12ea2474ed --- security/secretkeeper/aidl/vts/Android.bp | 4 ++-- security/secretkeeper/aidl/vts/secretkeeper_cli.rs | 5 +++-- security/secretkeeper/aidl/vts/secretkeeper_test_client.rs | 4 ++-- 3 files changed, 7 insertions(+), 6 deletions(-) diff --git a/security/secretkeeper/aidl/vts/Android.bp b/security/secretkeeper/aidl/vts/Android.bp index 9d1701a303..0061e88363 100644 --- a/security/secretkeeper/aidl/vts/Android.bp +++ b/security/secretkeeper/aidl/vts/Android.bp @@ -50,7 +50,7 @@ rust_test { "libbinder_rs", "libciborium", "libcoset", - "libdice_policy", + "libdice_policy_builder", "liblog_rust", "libsecretkeeper_client", "libsecretkeeper_comm_nostd", @@ -72,7 +72,7 @@ rust_binary { "libbinder_rs", "libclap", "libcoset", - "libdice_policy", + "libdice_policy_builder", "libhex", "liblog_rust", "libsecretkeeper_client", diff --git a/security/secretkeeper/aidl/vts/secretkeeper_cli.rs b/security/secretkeeper/aidl/vts/secretkeeper_cli.rs index 5f0848252b..0c138112fd 100644 --- a/security/secretkeeper/aidl/vts/secretkeeper_cli.rs +++ b/security/secretkeeper/aidl/vts/secretkeeper_cli.rs @@ -24,7 +24,8 @@ use authgraph_boringssl::BoringSha256; use authgraph_core::traits::Sha256; use clap::{Args, Parser, Subcommand}; use coset::CborSerializable; -use dice_policy::{ConstraintSpec, ConstraintType, DicePolicy, MissingAction}; +use dice_policy_builder::{ConstraintSpec, ConstraintType, MissingAction, policy_for_dice_chain}; + use secretkeeper_client::{dice::OwnedDiceArtifactsWithExplicitKey, SkSession}; use secretkeeper_comm::data_types::{ error::SecretkeeperError, @@ -146,7 +147,7 @@ impl SkClient { MissingAction::Ignore, ), ]; - DicePolicy::from_dice_chain(dice, &constraint_spec) + policy_for_dice_chain(dice, &constraint_spec) .unwrap() .to_vec() .context("serialize DICE policy") diff --git a/security/secretkeeper/aidl/vts/secretkeeper_test_client.rs b/security/secretkeeper/aidl/vts/secretkeeper_test_client.rs index 8c33f0412d..483aed6263 100644 --- a/security/secretkeeper/aidl/vts/secretkeeper_test_client.rs +++ b/security/secretkeeper/aidl/vts/secretkeeper_test_client.rs @@ -20,7 +20,7 @@ use authgraph_vts_test as ag_vts; use authgraph_boringssl as boring; use authgraph_core::key; use coset::{CborSerializable, CoseEncrypt0}; -use dice_policy::{ConstraintSpec, ConstraintType, DicePolicy, MissingAction}; +use dice_policy_builder::{ConstraintSpec, ConstraintType, MissingAction, policy_for_dice_chain}; use rdroidtest::{ignore_if, rdroidtest}; use secretkeeper_client::dice::OwnedDiceArtifactsWithExplicitKey; use secretkeeper_client::SkSession; @@ -258,7 +258,7 @@ fn sealing_policy(dice: &[u8]) -> Vec { ), ]; - DicePolicy::from_dice_chain(dice, &constraint_spec).unwrap().to_vec().unwrap() + policy_for_dice_chain(dice, &constraint_spec).unwrap().to_vec().unwrap() } /// Perform AuthGraph key exchange, returning the session keys and session ID.