[sw,dice] Use simplified lifecycle_is_prod in CWT dice

This commit makes immutable_rom_ext (CDI_0) to use the simplified
`lifecycle_is_prod` when building CWT CDI_0 cert to save space.

On the other hand, the full version `lifecycle_state_get` is linked to the
mutable part (CDI_1), so `lifecycle_state_get` is used to build CDI_1 to
avoid linking `lifecycle_is_prod` to mutable ROM_EXT.

Change-Id: If994e1ad5dd0a787a78691b50a6639b2eeb93fd6
Signed-off-by: Yi-Hsuan Deng <[email protected]>

sw/device/silicon_creator/lib/cert/dice_cwt.c

@@ -57,7 +57,11 @@ static ecdsa_p256_signature_t curr_tbs_signature = {.r = {0}, .s = {0}};
 #define CWT_PROFILE_NAME "android.16"
 
 // Debug=2, Normal=1
-static uint8_t get_chip_mode(void) {
+static uint8_t get_chip_mode_cdi0(void) {
+  return (lifecycle_is_prod() ? 1 : 2);
+}
+
+static uint8_t get_chip_mode_cdi1(void) {
   return ((lifecycle_state_get() == kLcStateProd) ? 1 : 2);
 }
 
@@ -154,7 +158,7 @@ rom_error_t dice_cdi_0_cert_build(hmac_digest_t *rom_ext_measurement,
   hmac_sha256(kCborMap0, sizeof(kCborMap0), &auth_hash);
   util_reverse_bytes(auth_hash.digest, kHmacDigestNumBytes);
 
-  uint8_t mode = get_chip_mode();
+  uint8_t mode = get_chip_mode_cdi0();
   cwt_dice_chain_entry_payload_values_t cwt_dice_chain_entry_payload_params = {
       .auth_hash = (uint8_t *)&auth_hash.digest[0],
       .auth_hash_size = kHmacDigestNumBytes,
@@ -251,7 +255,7 @@ rom_error_t dice_cdi_1_cert_build(hmac_digest_t *owner_measurement,
   hmac_sha256(kCborMap0, sizeof(kCborMap0), &auth_hash);
   util_reverse_bytes(auth_hash.digest, kHmacDigestNumBytes);
 
-  uint8_t mode = get_chip_mode();
+  uint8_t mode = get_chip_mode_cdi1();
   cwt_dice_chain_entry_payload_values_t cwt_dice_chain_entry_payload_params = {
       .auth_hash = (uint8_t *)&auth_hash.digest[0],
       .auth_hash_size = kHmacDigestNumBytes,