DPE: Use a 64-bit buffer in call to QCBOR API to retrieve cert_id

The QCBOR API retrieves the cert_id using a pointer to a 64-bit
value, hence passing directly a pointer to a 32-bit cert_id
might break the API. Convert to a 32-bit value just before the
call to the derive_context() function.

Signed-off-by: Antonio de Angelis <antonio.deangelis@arm.com>
Change-Id: I49575900beb966cc8014f9dcb47872eb17034b43
diff --git a/partitions/dice_protection_environment/dpe_cmd_decode.c b/partitions/dice_protection_environment/dpe_cmd_decode.c
index fef4588..f941be8 100644
--- a/partitions/dice_protection_environment/dpe_cmd_decode.c
+++ b/partitions/dice_protection_environment/dpe_cmd_decode.c
@@ -215,6 +215,7 @@
     uint8_t *new_certificate_buf = ALLOC_TEMP_BUF;
     uint8_t exported_cdi_buf[DICE_MAX_ENCODED_CDI_SIZE];
     uint32_t cert_id;
+    uint64_t cert_id64;
     size_t new_certificate_actual_size = 0;
     size_t exported_cdi_actual_size = 0;
     QCBORItem item;
@@ -252,7 +253,7 @@
     memcpy(&context_handle, out.ptr, out.len);
     COUNT_ARGS(num_of_valid_arguments);
 
-    QCBORDecode_GetUInt64InMapN(decode_ctx, DPE_DERIVE_CONTEXT_CERT_ID, &cert_id);
+    QCBORDecode_GetUInt64InMapN(decode_ctx, DPE_DERIVE_CONTEXT_CERT_ID, &cert_id64);
     /* Check if cert_id was encoded in the received command buffer */
     CHECK_AND_COUNT_OPTIONAL_ARGUMENT(decode_ctx);
 
@@ -313,6 +314,13 @@
         return DPE_INVALID_ARGUMENT;
     }
 
+    /* The QCBOR function uses a 64-bit pointer, but the context info is on 32 bit */
+    if (cert_id64 > UINT32_MAX) {
+        return DPE_INVALID_ARGUMENT;
+    }
+
+    cert_id = (uint32_t)cert_id64;
+
     dpe_err = derive_context_request(context_handle, cert_id, retain_parent_context,
                                      allow_new_context_to_derive, create_certificate,
                                      &dice_inputs, client_id,