Add an option to allow/disallow degenerate DICE chains Bug: 323246910 Test: Manual testing of `rkp_factory_extraction_tool` with/without `allow_degenerate=false` on a device with a degenerate DICE chain. Change-Id: I69475209174cd8870bc0e3a8e52d325b6414d7a6

commit: fbfc9399d4e521d9ee83db1dc5db75b53320e0ef [log] [tgz]
author: Karuna Wadhera <kwadhera@google.com> Wed Sep 04 14:41:07 2024 +0000
committer: Karuna Wadhera <kwadhera@google.com> Wed Sep 04 17:32:43 2024 +0000
tree: 49a2a0d07692921764efb2dd4ff43c9ef37a420a
parent: a32e5318843a8e8e4ddfd8643d8606add8e83da3 [diff] [blame]
diff --git a/provisioner/rkp_factory_extraction_lib.h b/provisioner/rkp_factory_extraction_lib.h
index 93c498a..94bd751 100644
--- a/provisioner/rkp_factory_extraction_lib.h
+++ b/provisioner/rkp_factory_extraction_lib.h

@@ -47,7 +47,7 @@
 CborResult<cppbor::Array>
 getCsr(std::string_view componentName,
        aidl::android::hardware::security::keymint::IRemotelyProvisionedComponent* irpc,
-       bool selfTest);
+       bool selfTest, bool allowDegenerate);
 
 // Generates a test certificate chain and validates it, exiting the process on error.
 void selfTestGetCsr(
commit	fbfc9399d4e521d9ee83db1dc5db75b53320e0ef	[log] [tgz]
author	Karuna Wadhera <kwadhera@google.com>	Wed Sep 04 14:41:07 2024 +0000
committer	Karuna Wadhera <kwadhera@google.com>	Wed Sep 04 17:32:43 2024 +0000
tree	49a2a0d07692921764efb2dd4ff43c9ef37a420a
parent	a32e5318843a8e8e4ddfd8643d8606add8e83da3 [diff] [blame]