[test][dice] Check open-dice multi-alg switch in pvmfw
Bug: 378813154
Bug: 384786134
Test: atest libpvmfw.dice.test
Change-Id: Iffe54dde48be20b4ec2ca76212722bb7b9c64349
diff --git a/guest/pvmfw/Android.bp b/guest/pvmfw/Android.bp
index da056d6..4ef57a6 100644
--- a/guest/pvmfw/Android.bp
+++ b/guest/pvmfw/Android.bp
@@ -113,6 +113,7 @@
"libcbor_util",
"libciborium",
"libdiced_open_dice_nostd",
+ "libhwtrust",
"libpvmfw_avb_nostd",
"libdiced_sample_inputs_nostd",
"libzerocopy_nostd",
diff --git a/guest/pvmfw/src/dice.rs b/guest/pvmfw/src/dice.rs
index a72c1fc..78bd6b8 100644
--- a/guest/pvmfw/src/dice.rs
+++ b/guest/pvmfw/src/dice.rs
@@ -185,6 +185,7 @@
use diced_open_dice::KeyAlgorithm;
use diced_open_dice::HIDDEN_SIZE;
use diced_sample_inputs::make_sample_bcc_and_cdis;
+ use hwtrust::{dice, session::Session};
use pvmfw_avb::Capability;
use pvmfw_avb::DebugLevel;
use pvmfw_avb::Digest;
@@ -426,14 +427,11 @@
},
)
.expect("Failed to derive EcdsaP384 -> Ed25519 BCC");
- let _bcc_handover3 = diced_open_dice::bcc_handover_parse(&buffer).unwrap();
+ let bcc_handover3 = diced_open_dice::bcc_handover_parse(&buffer).unwrap();
- // TODO(b/378813154): Check the DICE chain with `hwtrust` once the profile version
- // is updated.
- // The check cannot be done now because parsing the chain causes the following error:
- // Invalid payload at index 3. Caused by:
- // 0: opendice.example.p256
- // 1: unknown profile version
+ let mut session = Session::default();
+ session.set_allow_any_mode(true);
+ let _chain = dice::Chain::from_cbor(&session, bcc_handover3.bcc().unwrap()).unwrap();
}
fn to_bcc_handover(dice_artifacts: &dyn DiceArtifacts) -> Vec<u8> {