[dice] Add trait DiceArtifacts to access BCC and CDI values
The added DiceArtifacts is implemented for both BccHandover and
OwnedDiceArtifacts. This allows us to access the dice artifacts in
an easy and uniform way.
[u8; CDI_SIZE] is used instead of the alias Cdi to facilitate a
future conversion from Cdi alias to Cdi type so that we can have
more controle over the memory security of CDI. More context in
b/268587826.
Bug: 267575445
Test: atest diced_utils_test diced_sample_inputs_test \
diced_vendor_test diced_open_dice_cbor_test \
libdiced_open_dice_nostd.integration_test \
libdiced_open_dice.integration_test diced_open_dice_cbor_test
Change-Id: Iabb87ad18f2f4a4d46283da045eb21a5776ad4b4
diff --git a/diced/open_dice/src/bcc.rs b/diced/open_dice/src/bcc.rs
index f343bc5..1575113 100644
--- a/diced/open_dice/src/bcc.rs
+++ b/diced/open_dice/src/bcc.rs
@@ -14,7 +14,7 @@
//! This module mirrors the content in open-dice/include/dice/android/bcc.h
-use crate::dice::{Cdi, CdiValues, InputValues, CDI_SIZE};
+use crate::dice::{Cdi, CdiValues, DiceArtifacts, InputValues, CDI_SIZE};
use crate::error::{check_result, DiceError, Result};
use open_dice_bcc_bindgen::{
BccConfigValues, BccFormatConfigDescriptor, BccHandoverMainFlow, BccHandoverParse, BccMainFlow,
@@ -127,11 +127,25 @@
#[derive(Debug)]
pub struct BccHandover<'a> {
/// Attestation CDI.
- pub cdi_attest: &'a Cdi,
+ cdi_attest: &'a [u8; CDI_SIZE],
/// Sealing CDI.
- pub cdi_seal: &'a Cdi,
+ cdi_seal: &'a [u8; CDI_SIZE],
/// Boot Certificate Chain.
- pub bcc: Option<&'a [u8]>,
+ bcc: Option<&'a [u8]>,
+}
+
+impl<'a> DiceArtifacts for BccHandover<'a> {
+ fn cdi_attest(&self) -> &[u8; CDI_SIZE] {
+ self.cdi_attest
+ }
+
+ fn cdi_seal(&self) -> &[u8; CDI_SIZE] {
+ self.cdi_seal
+ }
+
+ fn bcc(&self) -> Option<&[u8]> {
+ self.bcc
+ }
}
/// A BCC handover combines the BCC and CDIs in a single CBOR object.