From acc1a5bd383e3374397e0af8f20cf8da3109cc24 Mon Sep 17 00:00:00 2001
From: Alice Wang <aliceywang@google.com>
Date: Mon, 20 Feb 2023 09:00:50 +0000
Subject: [PATCH] [dice] Remove unused service android.hardware.security.dice

This cl removes the unused service android.hardware.security.dice
together with all its usages (all of them are tests), because the
service is incomplete and not used anywhere for now and in the
near future.

The cl also removes dice from the compat matrix.

This helps us reduce some maintainance burden for the Rust dice
wrapper libraries such as libdiced_open_dice[_nostd],
libdiced_sample_inputs, libdiced_utils and their tests.

Test: atest diced_utils_test diced_sample_inputs_test \
diced_open_dice_cbor_test \
libdiced_open_dice_nostd.integration_test \
libdiced_open_dice.integration_test diced_open_dice_cbor_test
Test: m pvmfw_img microdroid_manager
Bug: 267575445
Bug: 270511529

Change-Id: I3d2497d2e8d3f88c49cae9ae80a6b4f7b652cc4a
---
 .../compatibility_matrix.7.xml                |   8 --
 .../compatibility_matrix.8.xml                |   8 --
 security/dice/aidl/Android.bp                 |  59 ----------
 .../android.hardware.security.dice/1/.hash    |   1 -
 .../1/android/hardware/security/dice/Bcc.aidl |  39 -------
 .../hardware/security/dice/BccHandover.aidl   |  41 -------
 .../hardware/security/dice/Config.aidl        |  39 -------
 .../hardware/security/dice/IDiceDevice.aidl   |  42 -------
 .../hardware/security/dice/InputValues.aidl   |  44 -------
 .../android/hardware/security/dice/Mode.aidl  |  42 -------
 .../hardware/security/dice/ResponseCode.aidl  |  41 -------
 .../hardware/security/dice/Signature.aidl     |  39 -------
 .../android/hardware/security/dice/Bcc.aidl   |  39 -------
 .../hardware/security/dice/BccHandover.aidl   |  41 -------
 .../hardware/security/dice/Config.aidl        |  39 -------
 .../hardware/security/dice/IDiceDevice.aidl   |  42 -------
 .../hardware/security/dice/InputValues.aidl   |  44 -------
 .../android/hardware/security/dice/Mode.aidl  |  42 -------
 .../hardware/security/dice/ResponseCode.aidl  |  41 -------
 .../hardware/security/dice/Signature.aidl     |  39 -------
 .../android/hardware/security/dice/Bcc.aidl   |  36 ------
 .../hardware/security/dice/BccHandover.aidl   |  46 --------
 .../hardware/security/dice/Config.aidl        |  38 ------
 .../hardware/security/dice/IDiceDevice.aidl   | 100 ----------------
 .../hardware/security/dice/InputValues.aidl   |  58 ----------
 .../android/hardware/security/dice/Mode.aidl  |  38 ------
 .../hardware/security/dice/ResponseCode.aidl  |  43 -------
 .../hardware/security/dice/Signature.aidl     |  32 ------
 security/dice/aidl/default/Android.bp         |  29 -----
 ...curity.dice-service.non-secure-software.rc |   9 --
 ...urity.dice-service.non-secure-software.xml |   6 -
 security/dice/aidl/default/service.rs         | 108 ------------------
 security/dice/aidl/vts/functional/Android.bp  |  54 ---------
 .../VtsAidlDiceDemoteTargetTest.xml           |  33 ------
 .../aidl/vts/functional/dice_demote_test.rs   |  59 ----------
 .../dice/aidl/vts/functional/dice_test.rs     |  73 ------------
 security/dice/aidl/vts/functional/utils.rs    |  53 ---------
 37 files changed, 1545 deletions(-)
 delete mode 100644 security/dice/aidl/Android.bp
 delete mode 100644 security/dice/aidl/aidl_api/android.hardware.security.dice/1/.hash
 delete mode 100644 security/dice/aidl/aidl_api/android.hardware.security.dice/1/android/hardware/security/dice/Bcc.aidl
 delete mode 100644 security/dice/aidl/aidl_api/android.hardware.security.dice/1/android/hardware/security/dice/BccHandover.aidl
 delete mode 100644 security/dice/aidl/aidl_api/android.hardware.security.dice/1/android/hardware/security/dice/Config.aidl
 delete mode 100644 security/dice/aidl/aidl_api/android.hardware.security.dice/1/android/hardware/security/dice/IDiceDevice.aidl
 delete mode 100644 security/dice/aidl/aidl_api/android.hardware.security.dice/1/android/hardware/security/dice/InputValues.aidl
 delete mode 100644 security/dice/aidl/aidl_api/android.hardware.security.dice/1/android/hardware/security/dice/Mode.aidl
 delete mode 100644 security/dice/aidl/aidl_api/android.hardware.security.dice/1/android/hardware/security/dice/ResponseCode.aidl
 delete mode 100644 security/dice/aidl/aidl_api/android.hardware.security.dice/1/android/hardware/security/dice/Signature.aidl
 delete mode 100644 security/dice/aidl/aidl_api/android.hardware.security.dice/current/android/hardware/security/dice/Bcc.aidl
 delete mode 100644 security/dice/aidl/aidl_api/android.hardware.security.dice/current/android/hardware/security/dice/BccHandover.aidl
 delete mode 100644 security/dice/aidl/aidl_api/android.hardware.security.dice/current/android/hardware/security/dice/Config.aidl
 delete mode 100644 security/dice/aidl/aidl_api/android.hardware.security.dice/current/android/hardware/security/dice/IDiceDevice.aidl
 delete mode 100644 security/dice/aidl/aidl_api/android.hardware.security.dice/current/android/hardware/security/dice/InputValues.aidl
 delete mode 100644 security/dice/aidl/aidl_api/android.hardware.security.dice/current/android/hardware/security/dice/Mode.aidl
 delete mode 100644 security/dice/aidl/aidl_api/android.hardware.security.dice/current/android/hardware/security/dice/ResponseCode.aidl
 delete mode 100644 security/dice/aidl/aidl_api/android.hardware.security.dice/current/android/hardware/security/dice/Signature.aidl
 delete mode 100644 security/dice/aidl/android/hardware/security/dice/Bcc.aidl
 delete mode 100644 security/dice/aidl/android/hardware/security/dice/BccHandover.aidl
 delete mode 100644 security/dice/aidl/android/hardware/security/dice/Config.aidl
 delete mode 100644 security/dice/aidl/android/hardware/security/dice/IDiceDevice.aidl
 delete mode 100644 security/dice/aidl/android/hardware/security/dice/InputValues.aidl
 delete mode 100644 security/dice/aidl/android/hardware/security/dice/Mode.aidl
 delete mode 100644 security/dice/aidl/android/hardware/security/dice/ResponseCode.aidl
 delete mode 100644 security/dice/aidl/android/hardware/security/dice/Signature.aidl
 delete mode 100644 security/dice/aidl/default/Android.bp
 delete mode 100644 security/dice/aidl/default/android.hardware.security.dice-service.non-secure-software.rc
 delete mode 100644 security/dice/aidl/default/android.hardware.security.dice-service.non-secure-software.xml
 delete mode 100644 security/dice/aidl/default/service.rs
 delete mode 100644 security/dice/aidl/vts/functional/Android.bp
 delete mode 100644 security/dice/aidl/vts/functional/VtsAidlDiceDemoteTargetTest.xml
 delete mode 100644 security/dice/aidl/vts/functional/dice_demote_test.rs
 delete mode 100644 security/dice/aidl/vts/functional/dice_test.rs
 delete mode 100644 security/dice/aidl/vts/functional/utils.rs

diff --git a/compatibility_matrices/compatibility_matrix.7.xml b/compatibility_matrices/compatibility_matrix.7.xml
index 56949455bd..67dd7170a2 100644
--- a/compatibility_matrices/compatibility_matrix.7.xml
+++ b/compatibility_matrices/compatibility_matrix.7.xml
@@ -399,14 +399,6 @@
             <instance>strongbox</instance>
         </interface>
     </hal>
-    <hal format="aidl" optional="true">
-        <name>android.hardware.security.dice</name>
-        <version>1</version>
-        <interface>
-            <name>IDiceDevice</name>
-            <instance>default</instance>
-        </interface>
-    </hal>
     <hal format="aidl" optional="true">
         <name>android.hardware.security.keymint</name>
         <version>1-2</version>
diff --git a/compatibility_matrices/compatibility_matrix.8.xml b/compatibility_matrices/compatibility_matrix.8.xml
index c7b05e8028..f5a1b2031b 100644
--- a/compatibility_matrices/compatibility_matrix.8.xml
+++ b/compatibility_matrices/compatibility_matrix.8.xml
@@ -402,14 +402,6 @@
             <instance>default</instance>
         </interface>
     </hal>
-    <hal format="aidl" optional="true">
-        <name>android.hardware.security.dice</name>
-        <version>1</version>
-        <interface>
-            <name>IDiceDevice</name>
-            <instance>default</instance>
-        </interface>
-    </hal>
     <hal format="aidl" optional="true">
         <name>android.hardware.security.keymint</name>
         <version>1-3</version>
diff --git a/security/dice/aidl/Android.bp b/security/dice/aidl/Android.bp
deleted file mode 100644
index 5625d70269..0000000000
--- a/security/dice/aidl/Android.bp
+++ /dev/null
@@ -1,59 +0,0 @@
-// Copyright 2021, The Android Open Source Project
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package {
-    // See: http://go/android-license-faq
-    // A large-scale-change added 'default_applicable_licenses' to import
-    // all of the 'license_kinds' from "hardware_interfaces_license"
-    // to get the below license kinds:
-    //   SPDX-license-identifier-Apache-2.0
-    default_applicable_licenses: ["hardware_interfaces_license"],
-}
-
-aidl_interface {
-    name: "android.hardware.security.dice",
-    vendor_available: true,
-    srcs: [
-        "android/hardware/security/dice/*.aidl",
-    ],
-    stability: "vintf",
-    backend: {
-        java: {
-            enabled: false,
-            platform_apis: false,
-        },
-        ndk: {
-            apps_enabled: false,
-            apex_available: [
-                "//apex_available:platform",
-                "com.android.compos",
-            ],
-        },
-        rust: {
-            enabled: true,
-            apex_available: [
-                "//apex_available:platform",
-                "com.android.compos",
-            ],
-        },
-    },
-    versions_with_info: [
-        {
-            version: "1",
-            imports: [],
-        },
-    ],
-
-    //     versions: ["1"],
-}
diff --git a/security/dice/aidl/aidl_api/android.hardware.security.dice/1/.hash b/security/dice/aidl/aidl_api/android.hardware.security.dice/1/.hash
deleted file mode 100644
index 3f08fd85f5..0000000000
--- a/security/dice/aidl/aidl_api/android.hardware.security.dice/1/.hash
+++ /dev/null
@@ -1 +0,0 @@
-02994f275fd7b1b40610c10eaeb0573f4312e358
diff --git a/security/dice/aidl/aidl_api/android.hardware.security.dice/1/android/hardware/security/dice/Bcc.aidl b/security/dice/aidl/aidl_api/android.hardware.security.dice/1/android/hardware/security/dice/Bcc.aidl
deleted file mode 100644
index 5af73583aa..0000000000
--- a/security/dice/aidl/aidl_api/android.hardware.security.dice/1/android/hardware/security/dice/Bcc.aidl
+++ /dev/null
@@ -1,39 +0,0 @@
-/*
- * Copyright 2021, The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-///////////////////////////////////////////////////////////////////////////////
-// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE.                          //
-///////////////////////////////////////////////////////////////////////////////
-
-// This file is a snapshot of an AIDL file. Do not edit it manually. There are
-// two cases:
-// 1). this is a frozen version file - do not edit this in any case.
-// 2). this is a 'current' file. If you make a backwards compatible change to
-//     the interface (from the latest frozen version), the build system will
-//     prompt you to update this file with `m <name>-update-api`.
-//
-// You must not make a backward incompatible change to any AIDL file built
-// with the aidl_interface module type with versions property set. The module
-// type is used to build AIDL files in a way that they can be used across
-// independently updatable components of the system. If a device is shipped
-// with such a backward incompatible change, it has a high risk of breaking
-// later when a module using the interface is updated, e.g., Mainline modules.
-
-package android.hardware.security.dice;
-/* @hide */
-@RustDerive(Clone=true, Eq=true, Hash=true, Ord=true, PartialEq=true, PartialOrd=true) @VintfStability
-parcelable Bcc {
-  byte[] data;
-}
diff --git a/security/dice/aidl/aidl_api/android.hardware.security.dice/1/android/hardware/security/dice/BccHandover.aidl b/security/dice/aidl/aidl_api/android.hardware.security.dice/1/android/hardware/security/dice/BccHandover.aidl
deleted file mode 100644
index 8baca94ce8..0000000000
--- a/security/dice/aidl/aidl_api/android.hardware.security.dice/1/android/hardware/security/dice/BccHandover.aidl
+++ /dev/null
@@ -1,41 +0,0 @@
-/*
- * Copyright 2021, The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-///////////////////////////////////////////////////////////////////////////////
-// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE.                          //
-///////////////////////////////////////////////////////////////////////////////
-
-// This file is a snapshot of an AIDL file. Do not edit it manually. There are
-// two cases:
-// 1). this is a frozen version file - do not edit this in any case.
-// 2). this is a 'current' file. If you make a backwards compatible change to
-//     the interface (from the latest frozen version), the build system will
-//     prompt you to update this file with `m <name>-update-api`.
-//
-// You must not make a backward incompatible change to any AIDL file built
-// with the aidl_interface module type with versions property set. The module
-// type is used to build AIDL files in a way that they can be used across
-// independently updatable components of the system. If a device is shipped
-// with such a backward incompatible change, it has a high risk of breaking
-// later when a module using the interface is updated, e.g., Mainline modules.
-
-package android.hardware.security.dice;
-/* @hide */
-@RustDerive(Clone=true, Eq=true, Hash=true, Ord=true, PartialEq=true, PartialOrd=true) @VintfStability
-parcelable BccHandover {
-  byte[32] cdiAttest;
-  byte[32] cdiSeal;
-  android.hardware.security.dice.Bcc bcc;
-}
diff --git a/security/dice/aidl/aidl_api/android.hardware.security.dice/1/android/hardware/security/dice/Config.aidl b/security/dice/aidl/aidl_api/android.hardware.security.dice/1/android/hardware/security/dice/Config.aidl
deleted file mode 100644
index 78dd2f886c..0000000000
--- a/security/dice/aidl/aidl_api/android.hardware.security.dice/1/android/hardware/security/dice/Config.aidl
+++ /dev/null
@@ -1,39 +0,0 @@
-/*
- * Copyright 2021, The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-///////////////////////////////////////////////////////////////////////////////
-// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE.                          //
-///////////////////////////////////////////////////////////////////////////////
-
-// This file is a snapshot of an AIDL file. Do not edit it manually. There are
-// two cases:
-// 1). this is a frozen version file - do not edit this in any case.
-// 2). this is a 'current' file. If you make a backwards compatible change to
-//     the interface (from the latest frozen version), the build system will
-//     prompt you to update this file with `m <name>-update-api`.
-//
-// You must not make a backward incompatible change to any AIDL file built
-// with the aidl_interface module type with versions property set. The module
-// type is used to build AIDL files in a way that they can be used across
-// independently updatable components of the system. If a device is shipped
-// with such a backward incompatible change, it has a high risk of breaking
-// later when a module using the interface is updated, e.g., Mainline modules.
-
-package android.hardware.security.dice;
-/* @hide */
-@RustDerive(Clone=true, Eq=true, Hash=true, Ord=true, PartialEq=true, PartialOrd=true) @VintfStability
-parcelable Config {
-  byte[] desc;
-}
diff --git a/security/dice/aidl/aidl_api/android.hardware.security.dice/1/android/hardware/security/dice/IDiceDevice.aidl b/security/dice/aidl/aidl_api/android.hardware.security.dice/1/android/hardware/security/dice/IDiceDevice.aidl
deleted file mode 100644
index 383f4d1f26..0000000000
--- a/security/dice/aidl/aidl_api/android.hardware.security.dice/1/android/hardware/security/dice/IDiceDevice.aidl
+++ /dev/null
@@ -1,42 +0,0 @@
-/*
- * Copyright (C) 2021 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-///////////////////////////////////////////////////////////////////////////////
-// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE.                          //
-///////////////////////////////////////////////////////////////////////////////
-
-// This file is a snapshot of an AIDL file. Do not edit it manually. There are
-// two cases:
-// 1). this is a frozen version file - do not edit this in any case.
-// 2). this is a 'current' file. If you make a backwards compatible change to
-//     the interface (from the latest frozen version), the build system will
-//     prompt you to update this file with `m <name>-update-api`.
-//
-// You must not make a backward incompatible change to any AIDL file built
-// with the aidl_interface module type with versions property set. The module
-// type is used to build AIDL files in a way that they can be used across
-// independently updatable components of the system. If a device is shipped
-// with such a backward incompatible change, it has a high risk of breaking
-// later when a module using the interface is updated, e.g., Mainline modules.
-
-package android.hardware.security.dice;
-/* @hide */
-@SensitiveData @VintfStability
-interface IDiceDevice {
-  android.hardware.security.dice.Signature sign(in android.hardware.security.dice.InputValues[] id, in byte[] payload);
-  android.hardware.security.dice.Bcc getAttestationChain(in android.hardware.security.dice.InputValues[] inputValues);
-  android.hardware.security.dice.BccHandover derive(in android.hardware.security.dice.InputValues[] inputValues);
-  void demote(in android.hardware.security.dice.InputValues[] inputValues);
-}
diff --git a/security/dice/aidl/aidl_api/android.hardware.security.dice/1/android/hardware/security/dice/InputValues.aidl b/security/dice/aidl/aidl_api/android.hardware.security.dice/1/android/hardware/security/dice/InputValues.aidl
deleted file mode 100644
index e43c4292e4..0000000000
--- a/security/dice/aidl/aidl_api/android.hardware.security.dice/1/android/hardware/security/dice/InputValues.aidl
+++ /dev/null
@@ -1,44 +0,0 @@
-/*
- * Copyright 2021, The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-///////////////////////////////////////////////////////////////////////////////
-// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE.                          //
-///////////////////////////////////////////////////////////////////////////////
-
-// This file is a snapshot of an AIDL file. Do not edit it manually. There are
-// two cases:
-// 1). this is a frozen version file - do not edit this in any case.
-// 2). this is a 'current' file. If you make a backwards compatible change to
-//     the interface (from the latest frozen version), the build system will
-//     prompt you to update this file with `m <name>-update-api`.
-//
-// You must not make a backward incompatible change to any AIDL file built
-// with the aidl_interface module type with versions property set. The module
-// type is used to build AIDL files in a way that they can be used across
-// independently updatable components of the system. If a device is shipped
-// with such a backward incompatible change, it has a high risk of breaking
-// later when a module using the interface is updated, e.g., Mainline modules.
-
-package android.hardware.security.dice;
-/* @hide */
-@RustDerive(Clone=true, Eq=true, Hash=true, Ord=true, PartialEq=true, PartialOrd=true) @VintfStability
-parcelable InputValues {
-  byte[64] codeHash;
-  android.hardware.security.dice.Config config;
-  byte[64] authorityHash;
-  @nullable byte[] authorityDescriptor;
-  android.hardware.security.dice.Mode mode = android.hardware.security.dice.Mode.NOT_INITIALIZED;
-  byte[64] hidden;
-}
diff --git a/security/dice/aidl/aidl_api/android.hardware.security.dice/1/android/hardware/security/dice/Mode.aidl b/security/dice/aidl/aidl_api/android.hardware.security.dice/1/android/hardware/security/dice/Mode.aidl
deleted file mode 100644
index 295c32ec0c..0000000000
--- a/security/dice/aidl/aidl_api/android.hardware.security.dice/1/android/hardware/security/dice/Mode.aidl
+++ /dev/null
@@ -1,42 +0,0 @@
-/*
- * Copyright 2021, The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-///////////////////////////////////////////////////////////////////////////////
-// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE.                          //
-///////////////////////////////////////////////////////////////////////////////
-
-// This file is a snapshot of an AIDL file. Do not edit it manually. There are
-// two cases:
-// 1). this is a frozen version file - do not edit this in any case.
-// 2). this is a 'current' file. If you make a backwards compatible change to
-//     the interface (from the latest frozen version), the build system will
-//     prompt you to update this file with `m <name>-update-api`.
-//
-// You must not make a backward incompatible change to any AIDL file built
-// with the aidl_interface module type with versions property set. The module
-// type is used to build AIDL files in a way that they can be used across
-// independently updatable components of the system. If a device is shipped
-// with such a backward incompatible change, it has a high risk of breaking
-// later when a module using the interface is updated, e.g., Mainline modules.
-
-package android.hardware.security.dice;
-/* @hide */
-@Backing(type="int") @VintfStability
-enum Mode {
-  NOT_INITIALIZED = 0,
-  NORMAL = 1,
-  DEBUG = 2,
-  RECOVERY = 3,
-}
diff --git a/security/dice/aidl/aidl_api/android.hardware.security.dice/1/android/hardware/security/dice/ResponseCode.aidl b/security/dice/aidl/aidl_api/android.hardware.security.dice/1/android/hardware/security/dice/ResponseCode.aidl
deleted file mode 100644
index c13afa6d95..0000000000
--- a/security/dice/aidl/aidl_api/android.hardware.security.dice/1/android/hardware/security/dice/ResponseCode.aidl
+++ /dev/null
@@ -1,41 +0,0 @@
-/*
- * Copyright 2020, The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-///////////////////////////////////////////////////////////////////////////////
-// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE.                          //
-///////////////////////////////////////////////////////////////////////////////
-
-// This file is a snapshot of an AIDL file. Do not edit it manually. There are
-// two cases:
-// 1). this is a frozen version file - do not edit this in any case.
-// 2). this is a 'current' file. If you make a backwards compatible change to
-//     the interface (from the latest frozen version), the build system will
-//     prompt you to update this file with `m <name>-update-api`.
-//
-// You must not make a backward incompatible change to any AIDL file built
-// with the aidl_interface module type with versions property set. The module
-// type is used to build AIDL files in a way that they can be used across
-// independently updatable components of the system. If a device is shipped
-// with such a backward incompatible change, it has a high risk of breaking
-// later when a module using the interface is updated, e.g., Mainline modules.
-
-package android.hardware.security.dice;
-@Backing(type="int") @VintfStability
-enum ResponseCode {
-  PERMISSION_DENIED = 1,
-  SYSTEM_ERROR = 2,
-  NOT_IMPLEMENTED = 3,
-  DEMOTION_FAILED = 4,
-}
diff --git a/security/dice/aidl/aidl_api/android.hardware.security.dice/1/android/hardware/security/dice/Signature.aidl b/security/dice/aidl/aidl_api/android.hardware.security.dice/1/android/hardware/security/dice/Signature.aidl
deleted file mode 100644
index 294170d11f..0000000000
--- a/security/dice/aidl/aidl_api/android.hardware.security.dice/1/android/hardware/security/dice/Signature.aidl
+++ /dev/null
@@ -1,39 +0,0 @@
-/*
- * Copyright 2021, The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-///////////////////////////////////////////////////////////////////////////////
-// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE.                          //
-///////////////////////////////////////////////////////////////////////////////
-
-// This file is a snapshot of an AIDL file. Do not edit it manually. There are
-// two cases:
-// 1). this is a frozen version file - do not edit this in any case.
-// 2). this is a 'current' file. If you make a backwards compatible change to
-//     the interface (from the latest frozen version), the build system will
-//     prompt you to update this file with `m <name>-update-api`.
-//
-// You must not make a backward incompatible change to any AIDL file built
-// with the aidl_interface module type with versions property set. The module
-// type is used to build AIDL files in a way that they can be used across
-// independently updatable components of the system. If a device is shipped
-// with such a backward incompatible change, it has a high risk of breaking
-// later when a module using the interface is updated, e.g., Mainline modules.
-
-package android.hardware.security.dice;
-/* @hide */
-@RustDerive(Clone=true, Eq=true, Hash=true, Ord=true, PartialEq=true, PartialOrd=true) @VintfStability
-parcelable Signature {
-  byte[] data;
-}
diff --git a/security/dice/aidl/aidl_api/android.hardware.security.dice/current/android/hardware/security/dice/Bcc.aidl b/security/dice/aidl/aidl_api/android.hardware.security.dice/current/android/hardware/security/dice/Bcc.aidl
deleted file mode 100644
index 5af73583aa..0000000000
--- a/security/dice/aidl/aidl_api/android.hardware.security.dice/current/android/hardware/security/dice/Bcc.aidl
+++ /dev/null
@@ -1,39 +0,0 @@
-/*
- * Copyright 2021, The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-///////////////////////////////////////////////////////////////////////////////
-// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE.                          //
-///////////////////////////////////////////////////////////////////////////////
-
-// This file is a snapshot of an AIDL file. Do not edit it manually. There are
-// two cases:
-// 1). this is a frozen version file - do not edit this in any case.
-// 2). this is a 'current' file. If you make a backwards compatible change to
-//     the interface (from the latest frozen version), the build system will
-//     prompt you to update this file with `m <name>-update-api`.
-//
-// You must not make a backward incompatible change to any AIDL file built
-// with the aidl_interface module type with versions property set. The module
-// type is used to build AIDL files in a way that they can be used across
-// independently updatable components of the system. If a device is shipped
-// with such a backward incompatible change, it has a high risk of breaking
-// later when a module using the interface is updated, e.g., Mainline modules.
-
-package android.hardware.security.dice;
-/* @hide */
-@RustDerive(Clone=true, Eq=true, Hash=true, Ord=true, PartialEq=true, PartialOrd=true) @VintfStability
-parcelable Bcc {
-  byte[] data;
-}
diff --git a/security/dice/aidl/aidl_api/android.hardware.security.dice/current/android/hardware/security/dice/BccHandover.aidl b/security/dice/aidl/aidl_api/android.hardware.security.dice/current/android/hardware/security/dice/BccHandover.aidl
deleted file mode 100644
index 8baca94ce8..0000000000
--- a/security/dice/aidl/aidl_api/android.hardware.security.dice/current/android/hardware/security/dice/BccHandover.aidl
+++ /dev/null
@@ -1,41 +0,0 @@
-/*
- * Copyright 2021, The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-///////////////////////////////////////////////////////////////////////////////
-// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE.                          //
-///////////////////////////////////////////////////////////////////////////////
-
-// This file is a snapshot of an AIDL file. Do not edit it manually. There are
-// two cases:
-// 1). this is a frozen version file - do not edit this in any case.
-// 2). this is a 'current' file. If you make a backwards compatible change to
-//     the interface (from the latest frozen version), the build system will
-//     prompt you to update this file with `m <name>-update-api`.
-//
-// You must not make a backward incompatible change to any AIDL file built
-// with the aidl_interface module type with versions property set. The module
-// type is used to build AIDL files in a way that they can be used across
-// independently updatable components of the system. If a device is shipped
-// with such a backward incompatible change, it has a high risk of breaking
-// later when a module using the interface is updated, e.g., Mainline modules.
-
-package android.hardware.security.dice;
-/* @hide */
-@RustDerive(Clone=true, Eq=true, Hash=true, Ord=true, PartialEq=true, PartialOrd=true) @VintfStability
-parcelable BccHandover {
-  byte[32] cdiAttest;
-  byte[32] cdiSeal;
-  android.hardware.security.dice.Bcc bcc;
-}
diff --git a/security/dice/aidl/aidl_api/android.hardware.security.dice/current/android/hardware/security/dice/Config.aidl b/security/dice/aidl/aidl_api/android.hardware.security.dice/current/android/hardware/security/dice/Config.aidl
deleted file mode 100644
index 78dd2f886c..0000000000
--- a/security/dice/aidl/aidl_api/android.hardware.security.dice/current/android/hardware/security/dice/Config.aidl
+++ /dev/null
@@ -1,39 +0,0 @@
-/*
- * Copyright 2021, The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-///////////////////////////////////////////////////////////////////////////////
-// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE.                          //
-///////////////////////////////////////////////////////////////////////////////
-
-// This file is a snapshot of an AIDL file. Do not edit it manually. There are
-// two cases:
-// 1). this is a frozen version file - do not edit this in any case.
-// 2). this is a 'current' file. If you make a backwards compatible change to
-//     the interface (from the latest frozen version), the build system will
-//     prompt you to update this file with `m <name>-update-api`.
-//
-// You must not make a backward incompatible change to any AIDL file built
-// with the aidl_interface module type with versions property set. The module
-// type is used to build AIDL files in a way that they can be used across
-// independently updatable components of the system. If a device is shipped
-// with such a backward incompatible change, it has a high risk of breaking
-// later when a module using the interface is updated, e.g., Mainline modules.
-
-package android.hardware.security.dice;
-/* @hide */
-@RustDerive(Clone=true, Eq=true, Hash=true, Ord=true, PartialEq=true, PartialOrd=true) @VintfStability
-parcelable Config {
-  byte[] desc;
-}
diff --git a/security/dice/aidl/aidl_api/android.hardware.security.dice/current/android/hardware/security/dice/IDiceDevice.aidl b/security/dice/aidl/aidl_api/android.hardware.security.dice/current/android/hardware/security/dice/IDiceDevice.aidl
deleted file mode 100644
index 383f4d1f26..0000000000
--- a/security/dice/aidl/aidl_api/android.hardware.security.dice/current/android/hardware/security/dice/IDiceDevice.aidl
+++ /dev/null
@@ -1,42 +0,0 @@
-/*
- * Copyright (C) 2021 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-///////////////////////////////////////////////////////////////////////////////
-// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE.                          //
-///////////////////////////////////////////////////////////////////////////////
-
-// This file is a snapshot of an AIDL file. Do not edit it manually. There are
-// two cases:
-// 1). this is a frozen version file - do not edit this in any case.
-// 2). this is a 'current' file. If you make a backwards compatible change to
-//     the interface (from the latest frozen version), the build system will
-//     prompt you to update this file with `m <name>-update-api`.
-//
-// You must not make a backward incompatible change to any AIDL file built
-// with the aidl_interface module type with versions property set. The module
-// type is used to build AIDL files in a way that they can be used across
-// independently updatable components of the system. If a device is shipped
-// with such a backward incompatible change, it has a high risk of breaking
-// later when a module using the interface is updated, e.g., Mainline modules.
-
-package android.hardware.security.dice;
-/* @hide */
-@SensitiveData @VintfStability
-interface IDiceDevice {
-  android.hardware.security.dice.Signature sign(in android.hardware.security.dice.InputValues[] id, in byte[] payload);
-  android.hardware.security.dice.Bcc getAttestationChain(in android.hardware.security.dice.InputValues[] inputValues);
-  android.hardware.security.dice.BccHandover derive(in android.hardware.security.dice.InputValues[] inputValues);
-  void demote(in android.hardware.security.dice.InputValues[] inputValues);
-}
diff --git a/security/dice/aidl/aidl_api/android.hardware.security.dice/current/android/hardware/security/dice/InputValues.aidl b/security/dice/aidl/aidl_api/android.hardware.security.dice/current/android/hardware/security/dice/InputValues.aidl
deleted file mode 100644
index e43c4292e4..0000000000
--- a/security/dice/aidl/aidl_api/android.hardware.security.dice/current/android/hardware/security/dice/InputValues.aidl
+++ /dev/null
@@ -1,44 +0,0 @@
-/*
- * Copyright 2021, The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-///////////////////////////////////////////////////////////////////////////////
-// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE.                          //
-///////////////////////////////////////////////////////////////////////////////
-
-// This file is a snapshot of an AIDL file. Do not edit it manually. There are
-// two cases:
-// 1). this is a frozen version file - do not edit this in any case.
-// 2). this is a 'current' file. If you make a backwards compatible change to
-//     the interface (from the latest frozen version), the build system will
-//     prompt you to update this file with `m <name>-update-api`.
-//
-// You must not make a backward incompatible change to any AIDL file built
-// with the aidl_interface module type with versions property set. The module
-// type is used to build AIDL files in a way that they can be used across
-// independently updatable components of the system. If a device is shipped
-// with such a backward incompatible change, it has a high risk of breaking
-// later when a module using the interface is updated, e.g., Mainline modules.
-
-package android.hardware.security.dice;
-/* @hide */
-@RustDerive(Clone=true, Eq=true, Hash=true, Ord=true, PartialEq=true, PartialOrd=true) @VintfStability
-parcelable InputValues {
-  byte[64] codeHash;
-  android.hardware.security.dice.Config config;
-  byte[64] authorityHash;
-  @nullable byte[] authorityDescriptor;
-  android.hardware.security.dice.Mode mode = android.hardware.security.dice.Mode.NOT_INITIALIZED;
-  byte[64] hidden;
-}
diff --git a/security/dice/aidl/aidl_api/android.hardware.security.dice/current/android/hardware/security/dice/Mode.aidl b/security/dice/aidl/aidl_api/android.hardware.security.dice/current/android/hardware/security/dice/Mode.aidl
deleted file mode 100644
index 295c32ec0c..0000000000
--- a/security/dice/aidl/aidl_api/android.hardware.security.dice/current/android/hardware/security/dice/Mode.aidl
+++ /dev/null
@@ -1,42 +0,0 @@
-/*
- * Copyright 2021, The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-///////////////////////////////////////////////////////////////////////////////
-// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE.                          //
-///////////////////////////////////////////////////////////////////////////////
-
-// This file is a snapshot of an AIDL file. Do not edit it manually. There are
-// two cases:
-// 1). this is a frozen version file - do not edit this in any case.
-// 2). this is a 'current' file. If you make a backwards compatible change to
-//     the interface (from the latest frozen version), the build system will
-//     prompt you to update this file with `m <name>-update-api`.
-//
-// You must not make a backward incompatible change to any AIDL file built
-// with the aidl_interface module type with versions property set. The module
-// type is used to build AIDL files in a way that they can be used across
-// independently updatable components of the system. If a device is shipped
-// with such a backward incompatible change, it has a high risk of breaking
-// later when a module using the interface is updated, e.g., Mainline modules.
-
-package android.hardware.security.dice;
-/* @hide */
-@Backing(type="int") @VintfStability
-enum Mode {
-  NOT_INITIALIZED = 0,
-  NORMAL = 1,
-  DEBUG = 2,
-  RECOVERY = 3,
-}
diff --git a/security/dice/aidl/aidl_api/android.hardware.security.dice/current/android/hardware/security/dice/ResponseCode.aidl b/security/dice/aidl/aidl_api/android.hardware.security.dice/current/android/hardware/security/dice/ResponseCode.aidl
deleted file mode 100644
index c13afa6d95..0000000000
--- a/security/dice/aidl/aidl_api/android.hardware.security.dice/current/android/hardware/security/dice/ResponseCode.aidl
+++ /dev/null
@@ -1,41 +0,0 @@
-/*
- * Copyright 2020, The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-///////////////////////////////////////////////////////////////////////////////
-// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE.                          //
-///////////////////////////////////////////////////////////////////////////////
-
-// This file is a snapshot of an AIDL file. Do not edit it manually. There are
-// two cases:
-// 1). this is a frozen version file - do not edit this in any case.
-// 2). this is a 'current' file. If you make a backwards compatible change to
-//     the interface (from the latest frozen version), the build system will
-//     prompt you to update this file with `m <name>-update-api`.
-//
-// You must not make a backward incompatible change to any AIDL file built
-// with the aidl_interface module type with versions property set. The module
-// type is used to build AIDL files in a way that they can be used across
-// independently updatable components of the system. If a device is shipped
-// with such a backward incompatible change, it has a high risk of breaking
-// later when a module using the interface is updated, e.g., Mainline modules.
-
-package android.hardware.security.dice;
-@Backing(type="int") @VintfStability
-enum ResponseCode {
-  PERMISSION_DENIED = 1,
-  SYSTEM_ERROR = 2,
-  NOT_IMPLEMENTED = 3,
-  DEMOTION_FAILED = 4,
-}
diff --git a/security/dice/aidl/aidl_api/android.hardware.security.dice/current/android/hardware/security/dice/Signature.aidl b/security/dice/aidl/aidl_api/android.hardware.security.dice/current/android/hardware/security/dice/Signature.aidl
deleted file mode 100644
index 294170d11f..0000000000
--- a/security/dice/aidl/aidl_api/android.hardware.security.dice/current/android/hardware/security/dice/Signature.aidl
+++ /dev/null
@@ -1,39 +0,0 @@
-/*
- * Copyright 2021, The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-///////////////////////////////////////////////////////////////////////////////
-// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE.                          //
-///////////////////////////////////////////////////////////////////////////////
-
-// This file is a snapshot of an AIDL file. Do not edit it manually. There are
-// two cases:
-// 1). this is a frozen version file - do not edit this in any case.
-// 2). this is a 'current' file. If you make a backwards compatible change to
-//     the interface (from the latest frozen version), the build system will
-//     prompt you to update this file with `m <name>-update-api`.
-//
-// You must not make a backward incompatible change to any AIDL file built
-// with the aidl_interface module type with versions property set. The module
-// type is used to build AIDL files in a way that they can be used across
-// independently updatable components of the system. If a device is shipped
-// with such a backward incompatible change, it has a high risk of breaking
-// later when a module using the interface is updated, e.g., Mainline modules.
-
-package android.hardware.security.dice;
-/* @hide */
-@RustDerive(Clone=true, Eq=true, Hash=true, Ord=true, PartialEq=true, PartialOrd=true) @VintfStability
-parcelable Signature {
-  byte[] data;
-}
diff --git a/security/dice/aidl/android/hardware/security/dice/Bcc.aidl b/security/dice/aidl/android/hardware/security/dice/Bcc.aidl
deleted file mode 100644
index 983915e618..0000000000
--- a/security/dice/aidl/android/hardware/security/dice/Bcc.aidl
+++ /dev/null
@@ -1,36 +0,0 @@
-/*
- * Copyright 2021, The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package android.hardware.security.dice;
-
-/**
- * A DICE certificate chain following the Boot Certificate Chain (BCC) specification.
- * @hide
- */
-@VintfStability
-@RustDerive(Clone=true, Eq=true, PartialEq=true, Ord=true, PartialOrd=true, Hash=true)
-parcelable Bcc {
-    /**
-     * The DICE certificate chain CBOR encoded following the BCC specification. The CDDL
-     * specification for BCC can be found here [1].
-     *
-     * @see <a
-     *         href="https://cs.android.com/android/platform/superproject/+/master:hardware/interfaces/security/keymint/aidl/android/hardware/security/keymint/ProtectedData.aidl">
-     *    BCC CDDL specification
-     * </a>
-     */
-    byte[] data;
-}
diff --git a/security/dice/aidl/android/hardware/security/dice/BccHandover.aidl b/security/dice/aidl/android/hardware/security/dice/BccHandover.aidl
deleted file mode 100644
index 6ca862cdf9..0000000000
--- a/security/dice/aidl/android/hardware/security/dice/BccHandover.aidl
+++ /dev/null
@@ -1,46 +0,0 @@
-/*
- * Copyright 2021, The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package android.hardware.security.dice;
-
-import android.hardware.security.dice.Bcc;
-
-/**
- * Represents one set of DICE artifacts.
- *
- * @hide
- */
-@VintfStability
-@RustDerive(Clone=true, Eq=true, PartialEq=true, Ord=true, PartialOrd=true, Hash=true)
-parcelable BccHandover {
-    /**
-     * CDI_attest. Must be exactly 32 bytes of data.
-     */
-    byte[32] cdiAttest;
-    /**
-     * CDI_seal. Must be exactly 32 bytes of data.
-     */
-    byte[32] cdiSeal;
-    /**
-     * CBOR encoded BCC.
-     *
-     * @see <a
-     *         href="https://cs.android.com/android/platform/superproject/+/master:hardware/interfaces/security/keymint/aidl/android/hardware/security/keymint/ProtectedData.aidl">
-     *    BCC CDDL specification
-     * </a>
-     */
-    Bcc bcc;
-}
diff --git a/security/dice/aidl/android/hardware/security/dice/Config.aidl b/security/dice/aidl/android/hardware/security/dice/Config.aidl
deleted file mode 100644
index 6decfc562d..0000000000
--- a/security/dice/aidl/android/hardware/security/dice/Config.aidl
+++ /dev/null
@@ -1,38 +0,0 @@
-/*
- * Copyright 2021, The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package android.hardware.security.dice;
-
-/**
- * DICE config descriptor as described in at
- * <a
- * href="https://pigweed.googlesource.com/open-dice/+/refs/heads/main/docs/specification.md#input-values">
- *     input-values
- * </a>
- * @hide
- */
-@VintfStability
-@RustDerive(Clone=true, Eq=true, PartialEq=true, Ord=true, PartialOrd=true, Hash=true)
-parcelable Config {
-    /**
-     * A free form descriptor. This should follow the BCC Configuration Descriptor.
-     * @see <a
-     *         href="https://cs.android.com/android/platform/superproject/+/master:hardware/interfaces/security/keymint/aidl/android/hardware/security/keymint/ProtectedData.aidl">
-     *     BccPayload field -4670548
-     * </a>
-     */
-    byte[] desc;
-}
diff --git a/security/dice/aidl/android/hardware/security/dice/IDiceDevice.aidl b/security/dice/aidl/android/hardware/security/dice/IDiceDevice.aidl
deleted file mode 100644
index 709aede7ef..0000000000
--- a/security/dice/aidl/android/hardware/security/dice/IDiceDevice.aidl
+++ /dev/null
@@ -1,100 +0,0 @@
-/*
- * Copyright (C) 2021 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package android.hardware.security.dice;
-
-import android.hardware.security.dice.Bcc;
-import android.hardware.security.dice.BccHandover;
-import android.hardware.security.dice.InputValues;
-import android.hardware.security.dice.Signature;
-
-/**
- * IDiceDevice specifies an interface that allows access to the Android instance's DICE artifacts.
- *
- * <h2>Features</h2>
- *
- * The dice device provides access to the component's CDI_SEAL and CDI_ATTEST secrets as well
- * as to its attestation certificate chain. The "component" is the Android instance running this
- * HAL service and the secrets and attestation chain must include all boot stage components,
- * the kernel, and the verified boot information (VBA).
- *
- * Implementations provide the following operations:
- * <li> sign - Signing a payload with a key derived from CDI_ATTEST.
- * <li> getAttestationChain - Retrieve the component's attestation certificate chain.
- * <li> derive - Retrieve the component's DICE artifacts.
- *
- * @see <a
- *         href="https://pigweed.googlesource.com/open-dice/+/refs/heads/main/docs/specification.md">
- *     Open-dice Specification
- * </a>
- * @see <a
- *         href="https://cs.android.com/android/platform/superproject/+/master:hardware/interfaces/security/keymint/aidl/android/hardware/security/keymint/IRemotelyProvisionedComponent.aidl">
- *     Boot Certificate Chain (BCC) CDDL specification
- * </a>
- * @hide
- */
-@SensitiveData
-@VintfStability
-interface IDiceDevice {
-    /**
-     * Uses the a key derived from the component's, or a child's given by <code>inputValues</code>,
-     * attestation secret to sign the payload using RFC 8032 Pure Ed25519 and returns the
-     * signature. The payload is limited to 1024 bytes.
-     *
-     * @see <a href="https://datatracker.ietf.org/doc/html/rfc8032">RFC 8032</a>
-     */
-    Signature sign(in InputValues[] id, in byte[] payload);
-
-    /**
-     * Returns the attestation chain of the component if <code>inputValues</code> is empty or the
-     * chain to the given child of the component identified by the <code>inputValues</code> vector.
-     *
-     * ## Error as service specific exception:
-     *     ResponseCode::PERMISSION_DENIED if the caller is not sufficiently privileged.
-     */
-    Bcc getAttestationChain(in InputValues[] inputValues);
-
-    /**
-     * This function allows a client to become a resident node. A resident node is a node that
-     * manages its own dice secrets as opposed to using them by proxy, i.e., by calling sign
-     * and getAttestationChain. Called with empty <code>inputValues</code> vectors, an
-     * implementation returns the component's DICE secrets. If the <code>inputValues</code> vector
-     * is given the appropriate derivations are performed starting from the component's level.
-     *
-     * ## Error as service specific exception:
-     *     ResponseCode::PERMISSION_DENIED if the implementation does not allow resident nodes
-     *     at the client's level.
-     */
-    BccHandover derive(in InputValues[] inputValues);
-
-    /**
-     * This demotes the implementation of this interface.
-     * When called, the implementation performs appropriate derivation steps using
-     * <code>inputValues</code>, traversing the vector in ascending order. Then it replaces its
-     * stored DICE artifacts with the newly derived ones.
-     *
-     * IMPORTANT: When the function returns, all remnants of the previous DICE artifacts must
-     * have been purged from memory.
-     *
-     * This operation is not reversible until the next reboot. Further demotion is always
-     * possible.
-     *
-     * ## Error as service specific exception:
-     *     ResponseCode::DEMOTION_FAILED if the implementation failed to demote itself
-     *     or was unable to purge previous DICE artifacts from memory.
-     */
-    void demote(in InputValues[] inputValues);
-}
diff --git a/security/dice/aidl/android/hardware/security/dice/InputValues.aidl b/security/dice/aidl/android/hardware/security/dice/InputValues.aidl
deleted file mode 100644
index 711d5232c5..0000000000
--- a/security/dice/aidl/android/hardware/security/dice/InputValues.aidl
+++ /dev/null
@@ -1,58 +0,0 @@
-/*
- * Copyright 2021, The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package android.hardware.security.dice;
-
-import android.hardware.security.dice.Config;
-import android.hardware.security.dice.Mode;
-
-/**
- * DICE input values for certificate and CDI generation.
- *
- * @see <a
- *         href="https://pigweed.googlesource.com/open-dice/+/refs/heads/main/docs/specification.md#input-values">
- *     Open-dice input-values
- * </a>
- * @hide
- */
-@RustDerive(Clone=true, Eq=true, PartialEq=true, Ord=true, PartialOrd=true, Hash=true)
-@VintfStability
-parcelable InputValues {
-    /**
-     * The target code hash. Must be exactly 64 bytes.
-     */
-    byte[64] codeHash;
-    /**
-     * The configuration data.
-     */
-    Config config;
-    /**
-     * The authority hash. Must be exactly 64 bytes. Must be all zero if unused.
-     */
-    byte[64] authorityHash;
-    /**
-     * Optional free form authorityDescriptor.
-     */
-    @nullable byte[] authorityDescriptor;
-    /**
-     * The mode of operation. Normal, Debug, Maintenance, or not initialized.
-     */
-    Mode mode = Mode.NOT_INITIALIZED;
-    /**
-     * Optional hidden values. Must be exactly 64 bytes. Must be all zero if unused.
-     */
-    byte[64] hidden;
-}
diff --git a/security/dice/aidl/android/hardware/security/dice/Mode.aidl b/security/dice/aidl/android/hardware/security/dice/Mode.aidl
deleted file mode 100644
index 3b3bfdcfd9..0000000000
--- a/security/dice/aidl/android/hardware/security/dice/Mode.aidl
+++ /dev/null
@@ -1,38 +0,0 @@
-/*
- * Copyright 2021, The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package android.hardware.security.dice;
-
-/**
- * DICE mode values as defined at
- *
- * @see <a
- *         href="https://pigweed.googlesource.com/open-dice/+/refs/heads/main/docs/specification.md#mode-value-details">
- *     open-dice mode-value-details
- * </a>
- * @hide
- */
-@Backing(type="int")
-@VintfStability
-enum Mode {
-    NOT_INITIALIZED = 0,
-    NORMAL = 1,
-    DEBUG = 2,
-    /**
-     * The recovery mode is also referred to as "maintenance" mode.
-     */
-    RECOVERY = 3,
-}
diff --git a/security/dice/aidl/android/hardware/security/dice/ResponseCode.aidl b/security/dice/aidl/android/hardware/security/dice/ResponseCode.aidl
deleted file mode 100644
index 3e77cf7d2c..0000000000
--- a/security/dice/aidl/android/hardware/security/dice/ResponseCode.aidl
+++ /dev/null
@@ -1,43 +0,0 @@
-/*
- * Copyright 2020, The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package android.hardware.security.dice;
-
-@Backing(type="int")
-/**
- * These response codes are used as service specific exception codes by
- * IDiceDevice.
- * @hide
- */
-@VintfStability
-enum ResponseCode {
-    /**
-     * The caller has insufficient privilege to access the DICE API.
-     */
-    PERMISSION_DENIED = 1,
-    /**
-     * An unexpected error occurred, likely with IO or IPC.
-     */
-    SYSTEM_ERROR = 2,
-    /**
-     * Returned if the called function is not implemented.
-     */
-    NOT_IMPLEMENTED = 3,
-    /**
-     * An attempt to demote the implementation failed.
-     */
-    DEMOTION_FAILED = 4,
-}
diff --git a/security/dice/aidl/android/hardware/security/dice/Signature.aidl b/security/dice/aidl/android/hardware/security/dice/Signature.aidl
deleted file mode 100644
index ea3594f83a..0000000000
--- a/security/dice/aidl/android/hardware/security/dice/Signature.aidl
+++ /dev/null
@@ -1,32 +0,0 @@
-/*
- * Copyright 2021, The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package android.hardware.security.dice;
-
-/**
- * This parcelable represents a Signature. It is used as return value of IDiceNode::sign.
- *
- * @hide
- */
-@RustDerive(Clone=true, Eq=true, PartialEq=true, Ord=true, PartialOrd=true, Hash=true)
-@VintfStability
-parcelable Signature {
-    /**
-     * The RFC 8032 PureEd25519 signature.
-     * @see <a href="https://datatracker.ietf.org/doc/html/rfc8032">RFC 8032</a>
-     */
-    byte[] data;
-}
diff --git a/security/dice/aidl/default/Android.bp b/security/dice/aidl/default/Android.bp
deleted file mode 100644
index 5ff4847702..0000000000
--- a/security/dice/aidl/default/Android.bp
+++ /dev/null
@@ -1,29 +0,0 @@
-package {
-    // See: http://go/android-license-faq
-    // A large-scale-change added 'default_applicable_licenses' to import
-    // all of the 'license_kinds' from "hardware_interfaces_license"
-    // to get the below license kinds:
-    //   SPDX-license-identifier-Apache-2.0
-    default_applicable_licenses: ["hardware_interfaces_license"],
-}
-
-rust_binary {
-    name: "android.hardware.security.dice-service.non-secure-software",
-    srcs: ["service.rs"],
-    relative_install_path: "hw",
-    vendor: true,
-    rustlibs: [
-        "android.hardware.security.dice-V1-rust",
-        "libdiced_sample_inputs",
-        "libdiced_vendor",
-        "libandroid_logger",
-        "libanyhow",
-        "libbinder_rs",
-        "liblog_rust",
-        "libserde",
-    ],
-    init_rc: ["android.hardware.security.dice-service.non-secure-software.rc"],
-    vintf_fragments: [
-        "android.hardware.security.dice-service.non-secure-software.xml",
-    ],
-}
diff --git a/security/dice/aidl/default/android.hardware.security.dice-service.non-secure-software.rc b/security/dice/aidl/default/android.hardware.security.dice-service.non-secure-software.rc
deleted file mode 100644
index 28e43c3bfa..0000000000
--- a/security/dice/aidl/default/android.hardware.security.dice-service.non-secure-software.rc
+++ /dev/null
@@ -1,9 +0,0 @@
-service vendor.dice /vendor/bin/hw/android.hardware.security.dice-service.non-secure-software
-    class early_hal
-    user nobody
-    # The diced HAL cannot be allowed to restart. When it crashes for any reason.
-    # it loses security critical state. The only remedy is to restart the device.
-    # This may be implementation depended. It is safe to restart the HAL if the
-    # state change during a call to "demote" is is preserved.
-    # see android/hardware/security/dice/IDiceDevice.aidl for details on "demote".
-    oneshot
diff --git a/security/dice/aidl/default/android.hardware.security.dice-service.non-secure-software.xml b/security/dice/aidl/default/android.hardware.security.dice-service.non-secure-software.xml
deleted file mode 100644
index 94ef24363b..0000000000
--- a/security/dice/aidl/default/android.hardware.security.dice-service.non-secure-software.xml
+++ /dev/null
@@ -1,6 +0,0 @@
-<manifest version="1.0" type="device">
-    <hal format="aidl">
-        <name>android.hardware.security.dice</name>
-        <fqname>IDiceDevice/default</fqname>
-    </hal>
-</manifest>
\ No newline at end of file
diff --git a/security/dice/aidl/default/service.rs b/security/dice/aidl/default/service.rs
deleted file mode 100644
index 4363e91ec3..0000000000
--- a/security/dice/aidl/default/service.rs
+++ /dev/null
@@ -1,108 +0,0 @@
-// Copyright 2021, The Android Open Source Project
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-//! Main entry point for the android.hardware.security.dice service.
-
-use anyhow::{anyhow, Result};
-use diced::{
-    dice,
-    hal_node::{DiceArtifacts, DiceDevice, ResidentHal, UpdatableDiceArtifacts},
-};
-use diced_sample_inputs::make_sample_bcc_and_cdis;
-use serde::{Deserialize, Serialize};
-use std::panic;
-use std::sync::Arc;
-
-static DICE_HAL_SERVICE_NAME: &str = "android.hardware.security.dice.IDiceDevice/default";
-
-#[derive(Debug, Serialize, Deserialize, Clone)]
-struct InsecureSerializableArtifacts {
-    cdi_attest: [u8; dice::CDI_SIZE],
-    cdi_seal: [u8; dice::CDI_SIZE],
-    bcc: Vec<u8>,
-}
-
-impl DiceArtifacts for InsecureSerializableArtifacts {
-    fn cdi_attest(&self) -> &[u8; dice::CDI_SIZE] {
-        &self.cdi_attest
-    }
-    fn cdi_seal(&self) -> &[u8; dice::CDI_SIZE] {
-        &self.cdi_seal
-    }
-    fn bcc(&self) -> Option<&[u8]> {
-        Some(&self.bcc)
-    }
-}
-
-impl UpdatableDiceArtifacts for InsecureSerializableArtifacts {
-    fn with_artifacts<F, T>(&self, f: F) -> Result<T>
-    where
-        F: FnOnce(&dyn DiceArtifacts) -> Result<T>,
-    {
-        f(self)
-    }
-    fn update(self, new_artifacts: &impl DiceArtifacts) -> Result<Self> {
-        Ok(Self {
-            cdi_attest: *new_artifacts.cdi_attest(),
-            cdi_seal: *new_artifacts.cdi_seal(),
-            bcc: new_artifacts
-                .bcc()
-                .ok_or_else(|| anyhow!("bcc is none"))?
-                .to_vec(),
-        })
-    }
-}
-
-fn main() {
-    android_logger::init_once(
-        android_logger::Config::default()
-            .with_tag("android.hardware.security.dice")
-            .with_min_level(log::Level::Debug),
-    );
-    // Redirect panic messages to logcat.
-    panic::set_hook(Box::new(|panic_info| {
-        log::error!("{}", panic_info);
-    }));
-
-    // Saying hi.
-    log::info!("android.hardware.security.dice is starting.");
-
-    let dice_artifacts =
-        make_sample_bcc_and_cdis().expect("Failed to construct sample dice chain.");
-    let mut cdi_attest = [0u8; dice::CDI_SIZE];
-    cdi_attest.copy_from_slice(dice_artifacts.cdi_attest());
-    let mut cdi_seal = [0u8; dice::CDI_SIZE];
-    cdi_seal.copy_from_slice(dice_artifacts.cdi_seal());
-    let hal_impl = Arc::new(
-        unsafe {
-            // Safety: ResidentHal cannot be used in multi threaded processes.
-            // This service does not start a thread pool. The main thread is the only thread
-            // joining the thread pool, thereby keeping the process single threaded.
-            ResidentHal::new(InsecureSerializableArtifacts {
-                cdi_attest,
-                cdi_seal,
-                bcc: dice_artifacts.bcc().expect("bcc is none").to_vec(),
-            })
-        }
-        .expect("Failed to create ResidentHal implementation."),
-    );
-
-    let hal = DiceDevice::new_as_binder(hal_impl).expect("Failed to construct hal service.");
-
-    binder::add_service(DICE_HAL_SERVICE_NAME, hal.as_binder())
-        .expect("Failed to register IDiceDevice Service");
-
-    log::info!("Joining thread pool now.");
-    binder::ProcessState::join_thread_pool();
-}
diff --git a/security/dice/aidl/vts/functional/Android.bp b/security/dice/aidl/vts/functional/Android.bp
deleted file mode 100644
index 2a85a19ca2..0000000000
--- a/security/dice/aidl/vts/functional/Android.bp
+++ /dev/null
@@ -1,54 +0,0 @@
-package {
-    // See: http://go/android-license-faq
-    // A large-scale-change added 'default_applicable_licenses' to import
-    // all of the 'license_kinds' from "hardware_interfaces_license"
-    // to get the below license kinds:
-    //   SPDX-license-identifier-Apache-2.0
-    default_applicable_licenses: ["hardware_interfaces_license"],
-}
-
-rust_test {
-    name: "VtsAidlDiceTargetTest",
-    srcs: [
-        "dice_test.rs",
-    ],
-    require_root: true,
-    auto_gen_config: true,
-    test_suites: [
-        "general-tests",
-        "vts",
-    ],
-
-    rustlibs: [
-        "android.hardware.security.dice-V1-rust",
-        "libanyhow",
-        "libbinder_rs",
-        "libdiced_open_dice",
-        "libdiced_sample_inputs",
-        "libdiced_utils",
-        "libkeystore2_vintf_rust",
-    ],
-}
-
-rust_test {
-    name: "VtsAidlDiceDemoteTargetTest",
-    srcs: [
-        "dice_demote_test.rs",
-    ],
-
-    test_config: "VtsAidlDiceDemoteTargetTest.xml",
-    test_suites: [
-        "general-tests",
-        "vts",
-    ],
-
-    rustlibs: [
-        "android.hardware.security.dice-V1-rust",
-        "libanyhow",
-        "libbinder_rs",
-        "libdiced_open_dice",
-        "libdiced_sample_inputs",
-        "libdiced_utils",
-        "libkeystore2_vintf_rust",
-    ],
-}
diff --git a/security/dice/aidl/vts/functional/VtsAidlDiceDemoteTargetTest.xml b/security/dice/aidl/vts/functional/VtsAidlDiceDemoteTargetTest.xml
deleted file mode 100644
index 2991580000..0000000000
--- a/security/dice/aidl/vts/functional/VtsAidlDiceDemoteTargetTest.xml
+++ /dev/null
@@ -1,33 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<!-- Copyright (C) 2019 The Android Open Source Project
-
-     Licensed under the Apache License, Version 2.0 (the "License");
-     you may not use this file except in compliance with the License.
-     You may obtain a copy of the License at
-
-          http://www.apache.org/licenses/LICENSE-2.0
-
-     Unless required by applicable law or agreed to in writing, software
-     distributed under the License is distributed on an "AS IS" BASIS,
-     WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-     See the License for the specific language governing permissions and
-     limitations under the License.
--->
-
-<configuration description="Config to run VtsAidlDiceDemoteTargetTest device tests.">
-
-    <target_preparer class="com.android.tradefed.targetprep.RootTargetPreparer">
-    </target_preparer>
-
-    <target_preparer class="com.android.tradefed.targetprep.PushFilePreparer">
-        <option name="cleanup" value="true" />
-        <option name="push" value="VtsAidlDiceDemoteTargetTest->/data/local/tmp/VtsAidlDiceDemoteTargetTest" />
-    </target_preparer>
-
-    <test class="com.android.tradefed.testtype.rust.RustBinaryTest" >
-        <option name="test-device-path" value="/data/local/tmp" />
-        <option name="module-name" value="VtsAidlDiceDemoteTargetTest" />
-    </test>
-    <target_preparer class="com.android.tradefed.targetprep.RebootTargetPreparer" />
-
-</configuration>
\ No newline at end of file
diff --git a/security/dice/aidl/vts/functional/dice_demote_test.rs b/security/dice/aidl/vts/functional/dice_demote_test.rs
deleted file mode 100644
index 49aea6738b..0000000000
--- a/security/dice/aidl/vts/functional/dice_demote_test.rs
+++ /dev/null
@@ -1,59 +0,0 @@
-// Copyright 2021, The Android Open Source Project
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-use diced_open_dice::DiceArtifacts;
-use diced_sample_inputs;
-use diced_utils;
-use std::convert::TryInto;
-
-mod utils;
-use utils::with_connection;
-
-// This test calls derive with an empty argument vector, then demotes the HAL using
-// a set of three input values, and then calls derive with empty argument vector again.
-// It then performs the same three derivation steps on the result of the former and compares
-// the result to the result of the latter.
-#[test]
-fn demote_test() {
-    with_connection(|device| {
-        let input_values = diced_sample_inputs::get_input_values_vector();
-        let former = device.derive(&[]).expect("Trying to call derive.");
-        device
-            .demote(&input_values)
-            .expect("Trying to call demote with input values.");
-
-        let latter = device
-            .derive(&[])
-            .expect("Trying to call derive after demote.");
-
-        let artifacts = diced_utils::ResidentArtifacts::new(
-            former.cdiAttest[..].try_into().unwrap(),
-            former.cdiSeal[..].try_into().unwrap(),
-            &former.bcc.data,
-        )
-        .unwrap();
-
-        let artifacts = artifacts.execute_steps(input_values.iter()).unwrap();
-        let from_former = diced_utils::make_bcc_handover(
-            artifacts.cdi_attest(),
-            artifacts.cdi_seal(),
-            artifacts.bcc().expect("bcc is none"),
-        )
-        .unwrap();
-        // TODO b/204938506 when we have a parser/verifier, check equivalence rather
-        // than bit by bit equality.
-        assert_eq!(latter, from_former);
-        Ok(())
-    })
-}
diff --git a/security/dice/aidl/vts/functional/dice_test.rs b/security/dice/aidl/vts/functional/dice_test.rs
deleted file mode 100644
index fbbdd8192c..0000000000
--- a/security/dice/aidl/vts/functional/dice_test.rs
+++ /dev/null
@@ -1,73 +0,0 @@
-// Copyright 2021, The Android Open Source Project
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-use diced_open_dice::DiceArtifacts;
-use diced_sample_inputs;
-use diced_utils;
-
-mod utils;
-use utils::with_connection;
-
-static TEST_MESSAGE: &[u8] = &[
-    // "My test message!"
-    0x4d, 0x79, 0x20, 0x74, 0x65, 0x73, 0x74, 0x20, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x21,
-    0x0a,
-];
-
-// This test calls derive with an empty argument vector and with a set of three input values.
-// It then performs the same three derivation steps on the result of the former and compares
-// the result to the result of the latter.
-#[test]
-fn equivalence_test() {
-    with_connection(|device| {
-        let input_values = diced_sample_inputs::get_input_values_vector();
-        let former = device.derive(&[]).expect("Trying to call derive.");
-        let latter = device
-            .derive(&input_values)
-            .expect("Trying to call derive with input values.");
-        let artifacts = diced_utils::ResidentArtifacts::new(
-            former.cdiAttest[..].try_into().unwrap(),
-            former.cdiSeal[..].try_into().unwrap(),
-            &former.bcc.data,
-        )
-        .unwrap();
-
-        let artifacts = artifacts.execute_steps(input_values.iter()).unwrap();
-        let from_former = diced_utils::make_bcc_handover(
-            artifacts.cdi_attest(),
-            artifacts.cdi_seal(),
-            artifacts.bcc().expect("bcc is none"),
-        )
-        .unwrap();
-        // TODO b/204938506 when we have a parser/verifier, check equivalence rather
-        // than bit by bit equality.
-        assert_eq!(latter, from_former);
-        Ok(())
-    })
-}
-
-#[test]
-fn sign_and_verify() {
-    with_connection(|device| {
-        let _signature = device
-            .sign(&[], TEST_MESSAGE)
-            .expect("Trying to call sign.");
-
-        let _bcc = device
-            .getAttestationChain(&[])
-            .expect("Trying to call getAttestationChain.");
-        // TODO b/204938506 check the signature with the bcc when the verifier is available.
-        Ok(())
-    })
-}
diff --git a/security/dice/aidl/vts/functional/utils.rs b/security/dice/aidl/vts/functional/utils.rs
deleted file mode 100644
index 4e6708ec5e..0000000000
--- a/security/dice/aidl/vts/functional/utils.rs
+++ /dev/null
@@ -1,53 +0,0 @@
-// Copyright 2021, The Android Open Source Project
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-use android_hardware_security_dice::aidl::android::hardware::security::dice::IDiceDevice::IDiceDevice;
-use anyhow::Result;
-use binder::Strong;
-use keystore2_vintf::get_aidl_instances;
-use std::sync::Arc;
-
-static DICE_DEVICE_SERVICE_NAME: &str = &"android.hardware.security.dice";
-static DICE_DEVICE_INTERFACE_NAME: &str = &"IDiceDevice";
-
-/// This function iterates through all announced IDiceDevice services and runs the given test
-/// closure against connections to each of them. It also modifies the panic hook to indicate
-/// on which instance the test failed in case the test closure panics.
-pub fn with_connection<R, F>(test: F)
-where
-    F: Fn(&Strong<dyn IDiceDevice>) -> Result<R>,
-{
-    let instances = get_aidl_instances(DICE_DEVICE_SERVICE_NAME, 1, DICE_DEVICE_INTERFACE_NAME);
-    let panic_hook = Arc::new(std::panic::take_hook());
-    for i in instances.into_iter() {
-        let panic_hook_clone = panic_hook.clone();
-        let instance_clone = i.clone();
-        std::panic::set_hook(Box::new(move |v| {
-            println!("While testing instance: \"{}\"", instance_clone);
-            panic_hook_clone(v)
-        }));
-        let connection: Strong<dyn IDiceDevice> = binder::get_interface(&format!(
-            "{}.{}/{}",
-            DICE_DEVICE_SERVICE_NAME, DICE_DEVICE_INTERFACE_NAME, i
-        ))
-        .unwrap();
-        test(&connection).unwrap();
-        drop(std::panic::take_hook());
-    }
-    // Cannot call unwrap here because the panic hook is not Debug.
-    std::panic::set_hook(match Arc::try_unwrap(panic_hook) {
-        Ok(hook) => hook,
-        _ => panic!("Failed to unwrap and reset previous panic hook."),
-    })
-}