Advertise support for attest keys in Cuttlefish
Cuttlefish builds on the reference implementation of KeyMint, which
includes support for keys with ATTEST_KEY purpose.
Turn on the android.hardware.keystore.app_attest_key feature to indicate
this.
This will mean that Keystore CTS tests that exercise the feature are
turned on.
Test: atest CtsKeystoreTestCases:KeyAttestationTest
Bug: 197096139
Bug: 171845652
Change-Id: I351f3de1faeaf17a1be87edb9840fdd543f339e2
diff --git a/shared/device.mk b/shared/device.mk
index c0b6112..192f83c 100644
--- a/shared/device.mk
+++ b/shared/device.mk
@@ -572,6 +572,9 @@
#
ifeq ($(LOCAL_KEYMINT_PRODUCT_PACKAGE),)
LOCAL_KEYMINT_PRODUCT_PACKAGE := android.hardware.security.keymint-service.remote
+# Indicate that this KeyMint includes support for the ATTEST_KEY key purpose.
+PRODUCT_COPY_FILES += \
+ frameworks/native/data/etc/android.hardware.keystore.app_attest_key.xml:$(TARGET_COPY_OUT_VENDOR)/etc/permissions/android.hardware.keystore.app_attest_key.xml
endif
PRODUCT_PACKAGES += \
$(LOCAL_KEYMINT_PRODUCT_PACKAGE)