Refactor DICE chain parsing in pvmfw to collect BccPayload
instead of BccEntry. This cl enables us to read the leaf public
key algorithm directly from BccPayload, eliminating the need for
additional parsing.
Bug: 357008987
Test: atest MicrodroidHostTests
Change-Id: I2126e9eacbb99a90979d99490bc47ccaeee3e2ba
diff --git a/guest/pvmfw/src/bcc.rs b/guest/pvmfw/src/bcc.rs
index 7a13da7..5317ce9 100644
--- a/guest/pvmfw/src/bcc.rs
+++ b/guest/pvmfw/src/bcc.rs
@@ -109,10 +109,14 @@
Value::Array(v) if v.len() >= 2 => v,
_ => return Err(BccError::MalformedBcc("Invalid top level value")),
};
- // Decode all the entries to make sure they are well-formed.
- let entries: Vec<_> = bcc.into_iter().skip(1).map(BccEntry::new).collect();
+ // Decode all the DICE payloads to make sure they are well-formed.
+ let payloads = bcc
+ .into_iter()
+ .skip(1)
+ .map(|v| BccEntry::new(v).payload())
+ .collect::<Result<Vec<_>>>()?;
- let is_debug_mode = is_any_entry_debug_mode(entries.as_slice())?;
+ let is_debug_mode = is_any_payload_debug_mode(&payloads)?;
Ok(Self { is_debug_mode })
}
@@ -121,13 +125,13 @@
}
}
-fn is_any_entry_debug_mode(entries: &[BccEntry]) -> Result<bool> {
- // Check if any entry in the chain is marked as Debug mode, which means the device is not
+fn is_any_payload_debug_mode(payloads: &[BccPayload]) -> Result<bool> {
+ // Check if any payload in the chain is marked as Debug mode, which means the device is not
// secure. (Normal means it is a secure boot, for that stage at least; we ignore recovery
// & not configured /invalid values, since it's not clear what they would mean in this
// context.)
- for entry in entries {
- if entry.payload()?.is_debug_mode()? {
+ for payload in payloads {
+ if payload.is_debug_mode()? {
return Ok(true);
}
}