Revert "Revert "Add an option to allow/disallow degenerate DICE ..."
Revert submission 3260534-revert-3254876-disallow_degenerate_chains-RZRFZAKDEJ
Reason for revert: Breakage fixed
Reverted changes: /q/submissionid:3260534-revert-3254876-disallow_degenerate_chains-RZRFZAKDEJ
Change-Id: Ie148bce4247c58e0961eff7360789f9b2a9cce03
diff --git a/provisioner/rkp_factory_extraction_lib.cpp b/provisioner/rkp_factory_extraction_lib.cpp
index ec70d08..2c2614d 100644
--- a/provisioner/rkp_factory_extraction_lib.cpp
+++ b/provisioner/rkp_factory_extraction_lib.cpp
@@ -224,7 +224,8 @@
}
CborResult<cppbor::Array> getCsrV3(std::string_view componentName,
- IRemotelyProvisionedComponent* irpc, bool selfTest) {
+ IRemotelyProvisionedComponent* irpc, bool selfTest,
+ bool allowDegenerate) {
std::vector<uint8_t> csr;
std::vector<MacedPublicKey> emptyKeys;
const std::vector<uint8_t> challenge = generateChallenge();
@@ -237,7 +238,8 @@
}
if (selfTest) {
- auto result = verifyFactoryCsr(/*keysToSign=*/cppbor::Array(), csr, irpc, challenge);
+ auto result =
+ verifyFactoryCsr(/*keysToSign=*/cppbor::Array(), csr, irpc, challenge, allowDegenerate);
if (!result) {
std::cerr << "Self test failed for IRemotelyProvisionedComponent '" << componentName
<< "'. Error message: '" << result.message() << "'." << std::endl;
@@ -249,7 +251,7 @@
}
CborResult<Array> getCsr(std::string_view componentName, IRemotelyProvisionedComponent* irpc,
- bool selfTest) {
+ bool selfTest, bool allowDegenerate) {
RpcHardwareInfo hwInfo;
auto status = irpc->getHardwareInfo(&hwInfo);
if (!status.isOk()) {
@@ -264,7 +266,7 @@
}
return getCsrV1(componentName, irpc);
} else {
- return getCsrV3(componentName, irpc, selfTest);
+ return getCsrV3(componentName, irpc, selfTest, allowDegenerate);
}
}