Set TEE RootOfTrust fields in Attestation Extension
Sets RootOfTrust fields in the TEE enforced AuthorizationList of the
Attestation Extension. Previously, there was no generic way to get
get verified boot state from a TEE-based Keymaster implementation.
This was merged earlier but the change disappeared when internal was
pushed to AOSP.
Test: 1. Passes keystore attestation CTS tests on a device with a KM2 TEE
implementation. Software KM still passes attestation CTS tests.
2. Trusty builds
Bug: 64949951
Change-Id: Id1dd91a4ffcef5ba1544e45de28625aa07e65e59
Merged-In: I24fc0485d5c6aed7cf5b3665cbef12e627123c70
2 files changed