Check that the various ATTESTATION_ID_* tags are included if they
have the correct value, and that keygen fails if they have an invalid
value.
Also fix the support libraries to add the missing fields to the ASN.1
schema and fix the existing ordering.
Bug: 190757200
Test: VtsHalKeymasterV4_1TargetTest, VtsHalKeymasterV4_0TargetTest
Merged-In: I11d28d71676d44ebdc79b25b2eb70947022bb1cf
Ignore-AOSP-First: to be cross-merged manually
Change-Id: I5e19880bbc9e2e667f1204bdc2247ae53a3dada7
Test the validity of the chain produced when device-unique attestation
is requested.
When the caller requests that the key attestation be signed using the
device-unique attestation key, the chain will look different than
a chain signed by the batch key (common case):
(1) The chain is exactly of length 2.
(2) The root is self-signed and is unique to the device.
Test that the chain is correctly signed in this change. The root is not
currently correctly self-signed, so don't test (2) yet.
Bug: 189425310
Bug: 187803288
Test: atest VtsHalKeymasterV4_1TargetTest:PerInstance/DeviceUniqueAttestationTest
Change-Id: I91578eb2b7588685cc86c467423e9394c3f3c262
This CL needs some polish. Changes
herein are somewhat brute-force to
make things work, particularly with
authorization-list parsing and validation.
This CL also copies over support for
dumping attestation records.
Bug: 129282228
Test: VtsHalKeymasterV4_1TargetTest
Change-Id: I4fc0183dc0b8a76e84d14054b38ad7c1540a1897
This test is expected to be run
on non-StrongBox instances.
Bug: 129282228
Test: StrongBoxOnly passes on TZ
Change-Id: Ia6b274d097b4c698904d1c51daed821188a50510
