Advertise support for attest keys in Cuttlefish Cuttlefish builds on the reference implementation of KeyMint, which includes support for keys with ATTEST_KEY purpose. Turn on the android.hardware.keystore.app_attest_key feature to indicate this. This will mean that Keystore CTS tests that exercise the feature are turned on. Test: atest CtsKeystoreTestCases:KeyAttestationTest Bug: 197096139 Bug: 171845652 Change-Id: I351f3de1faeaf17a1be87edb9840fdd543f339e2

commit: 3b6dcefe4249d0b74e286774d27473df7c9010cc [log] [tgz]
author: David Drysdale <drysdale@google.com> Thu Nov 04 07:07:06 2021 +0000
committer: David Drysdale <drysdale@google.com> Thu Nov 04 07:40:45 2021 +0000
tree: e9cef65946a31be1fcaae744f1cdc1a7e1df863c
parent: 414e906290afcf97c2ffe35a8e146f9c5c33b79c [diff]
diff --git a/shared/device.mk b/shared/device.mk
index c0b6112..192f83c 100644
--- a/shared/device.mk
+++ b/shared/device.mk

@@ -572,6 +572,9 @@
 #
 ifeq ($(LOCAL_KEYMINT_PRODUCT_PACKAGE),)
        LOCAL_KEYMINT_PRODUCT_PACKAGE := android.hardware.security.keymint-service.remote
+# Indicate that this KeyMint includes support for the ATTEST_KEY key purpose.
+PRODUCT_COPY_FILES += \
+    frameworks/native/data/etc/android.hardware.keystore.app_attest_key.xml:$(TARGET_COPY_OUT_VENDOR)/etc/permissions/android.hardware.keystore.app_attest_key.xml
 endif
  PRODUCT_PACKAGES += \
     $(LOCAL_KEYMINT_PRODUCT_PACKAGE)
commit	3b6dcefe4249d0b74e286774d27473df7c9010cc	[log] [tgz]
author	David Drysdale <drysdale@google.com>	Thu Nov 04 07:07:06 2021 +0000
committer	David Drysdale <drysdale@google.com>	Thu Nov 04 07:40:45 2021 +0000
tree	e9cef65946a31be1fcaae744f1cdc1a7e1df863c
parent	414e906290afcf97c2ffe35a8e146f9c5c33b79c [diff]