Dice Policy: Add dice chain matching functionality
This method compares the dice policy against an input dice chain,
returning successfully if the dice chain matches the policy or returning
error in case of mismatch.
We also 3 unit tests to check that a policy:
1 Matches the original dice_chain that it was constructed from.
2 Matches the 'updated' chain.
3 Mismatches the 'downgraded' chain.
Note: The input chain in unit test is highly simplified & hypothetical.
The 'update' means one of the Integer (contrained by 'GreaterOrEqual')
increases in the updated chain & downgraded means the opposite & is for
the purpose of unit testing the constraints only.
Test: atest libdice_policy.test
Bug: 291238565
Change-Id: I575eb96e2356661e5f16e7a9dd3c860a287ad08b
diff --git a/secretkeeper/dice_policy/Android.bp b/secretkeeper/dice_policy/Android.bp
index a7ac5b9..4f1e8b6 100644
--- a/secretkeeper/dice_policy/Android.bp
+++ b/secretkeeper/dice_policy/Android.bp
@@ -13,7 +13,9 @@
"libanyhow",
"libciborium",
"libcoset",
+ "libnum_traits",
],
+ proc_macros: ["libnum_derive"],
}
rust_library {