DPE: Add sealing CDI to the exported CDI blob
Change-Id: I0b2d62e8255bd1e1cac043f40c6585194c655d6a
Signed-off-by: Tamas Ban <tamas.ban@arm.com>
diff --git a/partitions/dice_protection_environment/dpe_certificate.c b/partitions/dice_protection_environment/dpe_certificate.c
index d3230e0..5e332c1 100644
--- a/partitions/dice_protection_environment/dpe_certificate.c
+++ b/partitions/dice_protection_environment/dpe_certificate.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2023, Arm Limited. All rights reserved.
+ * Copyright (c) 2023-2024, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*
@@ -589,8 +589,8 @@
cert_chain_actual_size);
}
-dpe_error_t encode_cdi(const uint8_t *cdi,
- size_t cdi_size,
+dpe_error_t encode_cdi(const uint8_t cdi_attest_buf[DICE_CDI_SIZE],
+ const uint8_t cdi_seal_buf[DICE_CDI_SIZE],
uint8_t *encoded_cdi_buf,
size_t encoded_cdi_buf_size,
size_t *encoded_cdi_actual_size)
@@ -605,7 +605,11 @@
/* Encode CDI value as byte string */
QCBOREncode_AddBytesToMapN(&encode_ctx,
DPE_LABEL_CDI_ATTEST,
- (UsefulBufC){ cdi, cdi_size });
+ (UsefulBufC){ cdi_attest_buf, DICE_CDI_SIZE });
+
+ QCBOREncode_AddBytesToMapN(&encode_ctx,
+ DPE_LABEL_CDI_SEAL,
+ (UsefulBufC){ cdi_seal_buf, DICE_CDI_SIZE });
QCBOREncode_CloseMap(&encode_ctx);
encode_err = QCBOREncode_Finish(&encode_ctx, &out);