Add an option to allow/disallow degenerate DICE chains Bug: 323246910 Test: Manual testing of `rkp_factory_extraction_tool` with/without `allow_degenerate=false` on a device with a degenerate DICE chain. (cherry picked from https://android-review.googlesource.com/q/commit:fbfc9399d4e521d9ee83db1dc5db75b53320e0ef) Merged-In: I69475209174cd8870bc0e3a8e52d325b6414d7a6 Change-Id: I69475209174cd8870bc0e3a8e52d325b6414d7a6

commit: 4244d01c84bc8e4f112d27c490558336c8090ff6 [log] [tgz]
author: Karuna Wadhera <kwadhera@google.com> Wed Sep 04 14:41:07 2024 +0000
committer: Cherrypicker Worker <android-build-cherrypicker-worker@google.com> Tue Sep 10 17:02:36 2024 +0000
tree: 624937d014aec3e46f0a629ea8b2944b3f90e2d0
parent: 50ad48020025c0a3552fbb1c701a9d3b73e33beb [diff] [blame]
diff --git a/provisioner/rkp_factory_extraction_lib.h b/provisioner/rkp_factory_extraction_lib.h
index 93c498a..94bd751 100644
--- a/provisioner/rkp_factory_extraction_lib.h
+++ b/provisioner/rkp_factory_extraction_lib.h

@@ -47,7 +47,7 @@
 CborResult<cppbor::Array>
 getCsr(std::string_view componentName,
        aidl::android::hardware::security::keymint::IRemotelyProvisionedComponent* irpc,
-       bool selfTest);
+       bool selfTest, bool allowDegenerate);
 
 // Generates a test certificate chain and validates it, exiting the process on error.
 void selfTestGetCsr(
commit	4244d01c84bc8e4f112d27c490558336c8090ff6	[log] [tgz]
author	Karuna Wadhera <kwadhera@google.com>	Wed Sep 04 14:41:07 2024 +0000
committer	Cherrypicker Worker <android-build-cherrypicker-worker@google.com>	Tue Sep 10 17:02:36 2024 +0000
tree	624937d014aec3e46f0a629ea8b2944b3f90e2d0
parent	50ad48020025c0a3552fbb1c701a9d3b73e33beb [diff] [blame]