commit 82b1239accf04a0fc21b4f20c8f1638fa3c61df6
author Alan Stokes <alanstokes@google.com> Tue Aug 22 14:39:29 2023 +0100
committer Alan Stokes <alanstokes@google.com> Tue Aug 22 15:16:04 2023 +0100
tree 5b784b4babdca6680f8f6a1eab25b29d5ee7a454
parent 81fcb6170d49e05b77e08652428e7eadac4aa1e3

Better API for creating a DICE config descriptor

Instead of listing all the possible parameters, put them in a struct
(as the C API does).

This means callers only have to list the ones they use, and a new
parameter doesn't require all clients to change.

Bug: 291241882
Test: atest -p in diced
Change-Id: I7c4925385e30ba9fcec0dc188747a23d7df614d7

diced/sample_inputs/src/sample_inputs.rs

diff --git a/diced/sample_inputs/src/sample_inputs.rs b/diced/sample_inputs/src/sample_inputs.rs
index c665eb3..6ad15cd 100644
--- a/diced/sample_inputs/src/sample_inputs.rs
+++ b/diced/sample_inputs/src/sample_inputs.rs
@@ -20,8 +20,8 @@
 use coset::{iana, Algorithm, AsCborValue, CoseKey, KeyOperation, KeyType, Label};
 use diced_open_dice::{
     derive_cdi_private_key_seed, keypair_from_seed, retry_bcc_format_config_descriptor,
-    retry_bcc_main_flow, retry_dice_main_flow, Config, DiceArtifacts, DiceMode, InputValues,
-    OwnedDiceArtifacts, CDI_SIZE, HASH_SIZE, HIDDEN_SIZE,
+    retry_bcc_main_flow, retry_dice_main_flow, Config, DiceArtifacts, DiceConfigValues, DiceMode,
+    InputValues, OwnedDiceArtifacts, CDI_SIZE, HASH_SIZE, HIDDEN_SIZE,
 };
 use std::ffi::CStr;
 
@@ -106,11 +106,13 @@
     let ed25519_public_key_value = ed25519_public_key_to_cbor_value(&public_key)?;
 
     // Gets the ABL certificate to as the root certificate of DICE chain.
-    let config_descriptor = retry_bcc_format_config_descriptor(
-        Some(CStr::from_bytes_with_nul(b"ABL\0").unwrap()),
-        Some(1), // version
-        true,
-    )?;
+    let config_values = DiceConfigValues {
+        component_name: Some(CStr::from_bytes_with_nul(b"ABL\0").unwrap()),
+        component_version: Some(1),
+        resettable: true,
+        ..Default::default()
+    };
+    let config_descriptor = retry_bcc_format_config_descriptor(&config_values)?;
     let input_values = InputValues::new(
         CODE_HASH_ABL,
         Config::Descriptor(config_descriptor.as_slice()),
@@ -128,11 +130,13 @@
     ser::into_writer(&bcc_value, &mut bcc)?;
 
     // Appends AVB certificate to DICE chain.
-    let config_descriptor = retry_bcc_format_config_descriptor(
-        Some(CStr::from_bytes_with_nul(b"AVB\0").unwrap()),
-        Some(1), // version
-        true,
-    )?;
+    let config_values = DiceConfigValues {
+        component_name: Some(CStr::from_bytes_with_nul(b"AVB\0").unwrap()),
+        component_version: Some(1),
+        resettable: true,
+        ..Default::default()
+    };
+    let config_descriptor = retry_bcc_format_config_descriptor(&config_values)?;
     let input_values = InputValues::new(
         CODE_HASH_AVB,
         Config::Descriptor(config_descriptor.as_slice()),
@@ -145,11 +149,13 @@
             .context("In make_sample_bcc_and_cdis: Trying to run first bcc main flow.")?;
 
     // Appends Android certificate to DICE chain.
-    let config_descriptor = retry_bcc_format_config_descriptor(
-        Some(CStr::from_bytes_with_nul(b"Android\0").unwrap()),
-        Some(12), // version
-        true,
-    )?;
+    let config_values = DiceConfigValues {
+        component_name: Some(CStr::from_bytes_with_nul(b"Android\0").unwrap()),
+        component_version: Some(12),
+        resettable: true,
+        ..Default::default()
+    };
+    let config_descriptor = retry_bcc_format_config_descriptor(&config_values)?;
     let input_values = InputValues::new(
         [0u8; HASH_SIZE], // code_hash
         Config::Descriptor(config_descriptor.as_slice()),