android_packages_modules_Vi.../microdroid/signature/README.md

# Microdroid Signature

Microdroid Signature contains the signatures of the payloads so that the payloads are
verified inside the Guest OS.

* APEX packages that are passed to microdroid should be listed in the Microroid Signature.

## Format

Microdroid Signature is composed of header and body.

| offset | size | description                                                    |
|--------|------|----------------------------------------------------------------|
| 0      | 4    | Header. unsigned int32: body length(L) in big endian           |
| 4      | L    | Body. A protobuf message. [schema](microdroid_signature.proto) |

## How to Create

### `mk_microdroid_signature` and `mk_cdisk`

For testing purpose, use `mk_microdroid_signature` to create a Microdroid Signature.

```
$ cat signature_config.json
{
  "apexes": [
    {
      "name": "com.my.hello",
      "path": "hello.apex"
    }
  ]
}
$ adb push signature_config.json hello.apex /data/local/tmp/
$ adb shell 'cd /data/local/tmp; /apex/com.android.virt/bin/mk_microdroid_signature signature_config.json signature
```

Then, pass the signature as the first partition of the payload disk image.

```
$ cat payload_cdisk.json
{
  "partitions": [
    {
      "label": "signature",
      "path": "signature"
    },
    {
      "label": "com.my.hello",
      "path": "hello.apex"
    }
  ]
}
$ adb push payload_cdisk.json /data/local/tmp/
$ adb shell 'cd /data/local/tmp; /apex/com.android.virt/bin/mk_cdisk payload_cdisk.json payload.img
$ adb shell 'cd /data/local/tmp; /apex/com.android.virt/bin/crosvm .... --disk=payload.img'
```

### `mk_payload`

`mk_payload` combines these two steps into a single step. Additionally, `mk_payload` can search system APEXes as well.
This will generate the output composite image as well as three more component images. (See below)

```
$ cat payload_config.json
{
  "system_apexes": [
    "com.android.adbd",
  ],
  "apexes": [
    {
      "name": "com.my.hello",
      "path": "hello.apex"
    }
  ]
}
$ adb push payload_config.json hello.apex /data/local/tmp/
$ adb shell 'cd /data/local/tmp; /apex/com.android.virt/bin/mk_payload payload_config.json payload.img
$ adb shell ls /data/local/tmp/*.img
payload-footer.img
payload-header.img
payload-signature.img
payload.img
```

In the future, [VirtManager](../../virtmanager) will handle these stuffs.
Add a proto for the microdroid signature partition Microdroid will use this special partition composed of signatures to verify the payloads delivered from the host. For now it only conveys the list of APEX signatures: size, public key, root digest. The signature partition can be a part of the payload composite disk image. The format of the signature partition is, as described in README.md, composed of header and body. For now the header is simply the size of the body(protobuf message). Bug: 185069443 Test: n/a Change-Id: I47c7eac195999bab15ee80d3ad053261f04df89c 2021-04-14 06:34:24 +00:00			`# Microdroid Signature`

			`Microdroid Signature contains the signatures of the payloads so that the payloads are`
			`verified inside the Guest OS.`

			`* APEX packages that are passed to microdroid should be listed in the Microroid Signature.`

			`## Format`

			`Microdroid Signature is composed of header and body.`

			`\| offset \| size \| description \|`
			`\|--------\|------\|----------------------------------------------------------------\|`
			`\| 0 \| 4 \| Header. unsigned int32: body length(L) in big endian \|`
			`\| 4 \| L \| Body. A protobuf message. [schema](microdroid_signature.proto) \|`
Add an executable to create a microdroid signature This is for testing purpose. Creating a microdroid signature and embedding it in a payload image will be done by VirtManager in the future. Bug: 185069443 Test: create a signature following README create a payload.img with signature pass --disk=payload.img (check manually /dev/block/vdc1) Change-Id: I6504dc6b3732c8e00e3bd1ffa5059995962d14b8 2021-04-14 09:46:14 +00:00
			`## How to Create`

Microdroid activates host APEXes Host apexes are passed to microdroid via the payload composite image. The payload composite image can be created by either mk_payload_signature/mk_cdisk or mk_payload. For now, microdroid expects two APEXes from the host: - com.android.adbd - com.android.sdkext The exact set of host apexes for microdroid is TBD. The current set is only for demonstration. Bug: 181093750 Test: MicrodroidTestCase Change-Id: I7fe33fe03ac94799a4e109b83286bfb39e44b882 2021-04-19 18:57:19 +00:00			### `mk_microdroid_signature` and `mk_cdisk`

Add an executable to create a microdroid signature This is for testing purpose. Creating a microdroid signature and embedding it in a payload image will be done by VirtManager in the future. Bug: 185069443 Test: create a signature following README create a payload.img with signature pass --disk=payload.img (check manually /dev/block/vdc1) Change-Id: I6504dc6b3732c8e00e3bd1ffa5059995962d14b8 2021-04-14 09:46:14 +00:00			For testing purpose, use `mk_microdroid_signature` to create a Microdroid Signature.

			```
			`$ cat signature_config.json`
			`{`
			`"apexes": [`
			`{`
			`"name": "com.my.hello",`
			`"path": "hello.apex"`
			`}`
			`]`
			`}`
			`$ adb push signature_config.json hello.apex /data/local/tmp/`
			`$ adb shell 'cd /data/local/tmp; /apex/com.android.virt/bin/mk_microdroid_signature signature_config.json signature`
			```

			`Then, pass the signature as the first partition of the payload disk image.`

			```
			`$ cat payload_cdisk.json`
			`{`
			`"partitions": [`
			`{`
			`"label": "signature",`
			`"path": "signature"`
			`},`
			`{`
			`"label": "com.my.hello",`
			`"path": "hello.apex"`
			`}`
			`]`
			`}`
			`$ adb push payload_cdisk.json /data/local/tmp/`
			`$ adb shell 'cd /data/local/tmp; /apex/com.android.virt/bin/mk_cdisk payload_cdisk.json payload.img`
			`$ adb shell 'cd /data/local/tmp; /apex/com.android.virt/bin/crosvm .... --disk=payload.img'`
			```

Microdroid activates host APEXes Host apexes are passed to microdroid via the payload composite image. The payload composite image can be created by either mk_payload_signature/mk_cdisk or mk_payload. For now, microdroid expects two APEXes from the host: - com.android.adbd - com.android.sdkext The exact set of host apexes for microdroid is TBD. The current set is only for demonstration. Bug: 181093750 Test: MicrodroidTestCase Change-Id: I7fe33fe03ac94799a4e109b83286bfb39e44b882 2021-04-19 18:57:19 +00:00			### `mk_payload`

			`mk_payload` combines these two steps into a single step. Additionally, `mk_payload` can search system APEXes as well.
			`This will generate the output composite image as well as three more component images. (See below)`

			```
			`$ cat payload_config.json`
			`{`
			`"system_apexes": [`
			`"com.android.adbd",`
			`],`
			`"apexes": [`
			`{`
			`"name": "com.my.hello",`
			`"path": "hello.apex"`
			`}`
			`]`
			`}`
			`$ adb push payload_config.json hello.apex /data/local/tmp/`
			`$ adb shell 'cd /data/local/tmp; /apex/com.android.virt/bin/mk_payload payload_config.json payload.img`
			`$ adb shell ls /data/local/tmp/*.img`
			`payload-footer.img`
			`payload-header.img`
			`payload-signature.img`
			`payload.img`
			```

Add an executable to create a microdroid signature This is for testing purpose. Creating a microdroid signature and embedding it in a payload image will be done by VirtManager in the future. Bug: 185069443 Test: create a signature following README create a payload.img with signature pass --disk=payload.img (check manually /dev/block/vdc1) Change-Id: I6504dc6b3732c8e00e3bd1ffa5059995962d14b8 2021-04-14 09:46:14 +00:00			`In the future, [VirtManager](../../virtmanager) will handle these stuffs.`