Push config hash requirement to Android 16
Partner has been approved to omit the config hash in their Android 15
SoC DICE implementations so push this requirement back to Android 16.
Add an option to exercise the provisional Android 16 logic with a
warning that the specification is WIP and is likely to change.
Test: atest --host hwtrust_cli_tests hwtrust_tests libhwtrust_tests
Change-Id: I4a5444fa39a68b07b6274a276e494caeaac9876b
diff --git a/remote_provisioning/hwtrust/src/main.rs b/remote_provisioning/hwtrust/src/main.rs
index 9085053..5b9c2c5 100644
--- a/remote_provisioning/hwtrust/src/main.rs
+++ b/remote_provisioning/hwtrust/src/main.rs
@@ -50,6 +50,8 @@
Vsr14,
/// VSR 15 / Android V / 2024
Vsr15,
+ /// VSR 16 / Android W / 2025
+ Vsr16,
}
fn main() -> Result<()> {
@@ -60,6 +62,18 @@
Some(VsrVersion::Vsr13) => Options::vsr13(),
Some(VsrVersion::Vsr14) => Options::vsr14(),
Some(VsrVersion::Vsr15) => Options::vsr15(),
+ Some(VsrVersion::Vsr16) => {
+ println!();
+ println!();
+ println!(" ********************************************************************");
+ println!(" ! The selected VSR is not finalized and is subject to change. !");
+ println!(" ! Please contact your TAM if you intend to depend on the !");
+ println!(" ! validation rules use for the selected VSR. !");
+ println!(" ********************************************************************");
+ println!();
+ println!();
+ Options::vsr16()
+ }
None => Options::default(),
},
};
diff --git a/remote_provisioning/hwtrust/src/session.rs b/remote_provisioning/hwtrust/src/session.rs
index 180860d..93a7d3f 100644
--- a/remote_provisioning/hwtrust/src/session.rs
+++ b/remote_provisioning/hwtrust/src/session.rs
@@ -110,6 +110,11 @@
/// The options use by VSR 15.
pub fn vsr15() -> Self {
+ Self { dice_chain_config_hash_unverified: true, ..Options::default() }
+ }
+
+ /// The options use by VSR 16.
+ pub fn vsr16() -> Self {
Options::default()
}
}
