Skip to content
  • David Drysdale's avatar
    Use hash of vbkey in externally visible places · 8339014f
    David Drysdale authored
    Add a new crypto trait for performing SHA-256, and add a BoringSSL based
    implementation of that trait.
    
    Add a helper method that applies this trait to the verified boot key in
    the boot info, but only if it is bigger than 32 bytes.  This allows for
    systems where the bootloader already reports a hashed boot key.
    
    Use this helper in two places that expose the verified boot public key:
    - generation of attestation extension
    - transfer of root-of-trust.
    
    Bug: 305103215
    Test: VtsAidlKeyMintTargetTest
    Change-Id: I3b4fee005f08ca2e7703a3d40fa5997c01145a31
    8339014f