Merge "Use VSR to tell libhwtrust_cxx how to validate" am: c71a8d0ef1 am: 4110edd04f am: f737da6e6e
Original change: https://android-review.googlesource.com/c/platform/hardware/interfaces/+/2513919
Change-Id: Ia84791a71605b76ba9a3771d03c811f3398efced
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
diff --git a/security/keymint/support/remote_prov_utils.cpp b/security/keymint/support/remote_prov_utils.cpp
index 23e2192..ffcaa95 100644
--- a/security/keymint/support/remote_prov_utils.cpp
+++ b/security/keymint/support/remote_prov_utils.cpp
@@ -619,7 +619,7 @@
}
// BCC is [ pubkey, + BccEntry]
- auto bccContents = validateBcc(bcc->asArray(), hwtrust::DiceChain::Kind::kProtectedData);
+ auto bccContents = validateBcc(bcc->asArray(), hwtrust::DiceChain::Kind::kVsr13);
if (!bccContents) {
return bccContents.message() + "\n" + prettyPrint(bcc.get());
}
@@ -910,7 +910,7 @@
}
// DICE chain is [ pubkey, + DiceChainEntry ].
- auto diceContents = validateBcc(diceCertChain, hwtrust::DiceChain::Kind::kAuthenticatedMessage);
+ auto diceContents = validateBcc(diceCertChain, hwtrust::DiceChain::Kind::kVsr14);
if (!diceContents) {
return diceContents.message() + "\n" + prettyPrint(diceCertChain);
}