[dice] Adapt dice service and tests to the new DiceArtifacts trait

The code needed to be adpated because the public fields the code
accessed previously now become private. We need to access them
via the trait now.

This cl also deletes unused dependence libdiced_open_dice_cbor in
the dice service and tests targets.

Bug: 267575445
Test: m android.hardware.security.dice-service.non-secure-software
Test: atest VtsAidlDiceTargetTest VtsAidlDiceDemoteTargetTest
Change-Id: I16e18226c0bce8a90ed764ba598e90e7c1c854ab

security/dice/aidl/default/Android.bp

@@ -14,7 +14,6 @@ rust_binary {
     vendor: true,
     rustlibs: [
         "android.hardware.security.dice-V1-rust",
-        "libdiced_open_dice_cbor",
         "libdiced_sample_inputs",
         "libdiced_vendor",
         "libandroid_logger",

security/dice/aidl/default/service.rs

@@ -14,7 +14,7 @@
 
 //! Main entry point for the android.hardware.security.dice service.
 
-use anyhow::Result;
+use anyhow::{anyhow, Result};
 use diced::{
     dice,
     hal_node::{DiceArtifacts, DiceDevice, ResidentHal, UpdatableDiceArtifacts},
@@ -40,8 +40,8 @@ impl DiceArtifacts for InsecureSerializableArtifacts {
     fn cdi_seal(&self) -> &[u8; dice::CDI_SIZE] {
         &self.cdi_seal
     }
-    fn bcc(&self) -> Vec<u8> {
-        self.bcc.clone()
+    fn bcc(&self) -> Option<&[u8]> {
+        Some(&self.bcc)
     }
 }
 
@@ -56,7 +56,10 @@ impl UpdatableDiceArtifacts for InsecureSerializableArtifacts {
         Ok(Self {
             cdi_attest: *new_artifacts.cdi_attest(),
             cdi_seal: *new_artifacts.cdi_seal(),
-            bcc: new_artifacts.bcc(),
+            bcc: new_artifacts
+                .bcc()
+                .ok_or_else(|| anyhow!("bcc is none"))?
+                .to_vec(),
         })
     }
 }
@@ -77,16 +80,19 @@ fn main() {
 
     let dice_artifacts =
         make_sample_bcc_and_cdis().expect("Failed to construct sample dice chain.");
-
+    let mut cdi_attest = [0u8; dice::CDI_SIZE];
+    cdi_attest.copy_from_slice(dice_artifacts.cdi_attest());
+    let mut cdi_seal = [0u8; dice::CDI_SIZE];
+    cdi_seal.copy_from_slice(dice_artifacts.cdi_seal());
     let hal_impl = Arc::new(
         unsafe {
             // Safety: ResidentHal cannot be used in multi threaded processes.
             // This service does not start a thread pool. The main thread is the only thread
             // joining the thread pool, thereby keeping the process single threaded.
             ResidentHal::new(InsecureSerializableArtifacts {
-                cdi_attest: dice_artifacts.cdi_values.cdi_attest,
-                cdi_seal: dice_artifacts.cdi_values.cdi_seal,
-                bcc: dice_artifacts.bcc[..].to_vec(),
+                cdi_attest,
+                cdi_seal,
+                bcc: dice_artifacts.bcc().expect("bcc is none").to_vec(),
             })
         }
         .expect("Failed to create ResidentHal implementation."),

security/dice/aidl/vts/functional/Android.bp

@@ -23,7 +23,7 @@ rust_test {
         "android.hardware.security.dice-V1-rust",
         "libanyhow",
         "libbinder_rs",
-        "libdiced_open_dice_cbor",
+        "libdiced_open_dice",
         "libdiced_sample_inputs",
         "libdiced_utils",
         "libkeystore2_vintf_rust",
@@ -46,7 +46,7 @@ rust_test {
         "android.hardware.security.dice-V1-rust",
         "libanyhow",
         "libbinder_rs",
-        "libdiced_open_dice_cbor",
+        "libdiced_open_dice",
         "libdiced_sample_inputs",
         "libdiced_utils",
         "libkeystore2_vintf_rust",

security/dice/aidl/vts/functional/dice_demote_test.rs

@@ -12,6 +12,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
+use diced_open_dice::DiceArtifacts;
 use diced_sample_inputs;
 use diced_utils;
 use std::convert::TryInto;
@@ -44,11 +45,10 @@ fn demote_test() {
         .unwrap();
 
         let artifacts = artifacts.execute_steps(input_values.iter()).unwrap();
-        let (cdi_attest, cdi_seal, bcc) = artifacts.into_tuple();
         let from_former = diced_utils::make_bcc_handover(
-            cdi_attest[..].try_into().unwrap(),
-            cdi_seal[..].try_into().unwrap(),
-            &bcc,
+            artifacts.cdi_attest(),
+            artifacts.cdi_seal(),
+            artifacts.bcc().expect("bcc is none"),
         )
         .unwrap();
         // TODO b/204938506 when we have a parser/verifier, check equivalence rather

security/dice/aidl/vts/functional/dice_test.rs

@@ -12,9 +12,9 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
+use diced_open_dice::DiceArtifacts;
 use diced_sample_inputs;
 use diced_utils;
-use std::convert::TryInto;
 
 mod utils;
 use utils::with_connection;
@@ -44,11 +44,10 @@ fn equivalence_test() {
         .unwrap();
 
         let artifacts = artifacts.execute_steps(input_values.iter()).unwrap();
-        let (cdi_attest, cdi_seal, bcc) = artifacts.into_tuple();
         let from_former = diced_utils::make_bcc_handover(
-            cdi_attest[..].try_into().unwrap(),
-            cdi_seal[..].try_into().unwrap(),
-            &bcc,
+            artifacts.cdi_attest(),
+            artifacts.cdi_seal(),
+            artifacts.bcc().expect("bcc is none"),
         )
         .unwrap();
         // TODO b/204938506 when we have a parser/verifier, check equivalence rather