Check that the various ATTESTATION_ID_* tags are included if they
have the correct value, and that keygen fails if they have an invalid
value.
Also fix the support libraries to add the missing fields to the ASN.1
schema and fix the existing ordering.
Bug: 190757200
Test: VtsHalKeymasterV4_1TargetTest, VtsHalKeymasterV4_0TargetTest
Change-Id: I11d28d71676d44ebdc79b25b2eb70947022bb1cf
Ignore-AOSP-First: to be cross-merged manually
Test the validity of the chain produced when device-unique attestation
is requested.
When the caller requests that the key attestation be signed using the
device-unique attestation key, the chain will look different than
a chain signed by the batch key (common case):
(1) The chain is exactly of length 2.
(2) The root is self-signed and is unique to the device.
Test that the chain is correctly signed in this change. The root is not
currently correctly self-signed, so don't test (2) yet.
Bug: 189425310
Bug: 187803288
Test: atest VtsHalKeymasterV4_1TargetTest:PerInstance/DeviceUniqueAttestationTest
Ignore-AOSP-First: Already merged in aosp
Merged-In: I91578eb2b7588685cc86c467423e9394c3f3c262
Change-Id: I7e83ba7c9c8c68b95b1456fb37bb5aa939c4e6f8
This CL needs some polish. Changes
herein are somewhat brute-force to
make things work, particularly with
authorization-list parsing and validation.
This CL also copies over support for
dumping attestation records.
Bug: 129282228
Test: VtsHalKeymasterV4_1TargetTest
Change-Id: I4fc0183dc0b8a76e84d14054b38ad7c1540a1897
This test is expected to be run
on non-StrongBox instances.
Bug: 129282228
Test: StrongBoxOnly passes on TZ
Change-Id: Ia6b274d097b4c698904d1c51daed821188a50510
