Signing EEK chain properly in tests.
This change is required in order to enforce signature checking of the
EEK certificate chain, regardless of if test mode is on or not. Test
mode is only supposed to be relevant for if KeyMint should check the
root certificate of the chain against the root of trust it has
provisioned.
This adds a utility to properly sign the certificate chain and makes the
appropriate changes. It also ups the number of keys generated in the key
provisioning test to avoid framework induced conflicts when the KeyStore
frameworks code would otherwise attempt to generate production
keys/certs when it noticed keys were running low.
Bug: 190942528
Test: atest RemoteProvisionerUnitTests
Change-Id: I89b1b41eb2290a4bdbad63b4d6c4faec7d281653
Merged-In: I89b1b41eb2290a4bdbad63b4d6c4faec7d281653
2 files changed
