Support attestation
Add methods to get attestation key and certificate chain data from the
bootloader, store data in secure storage, and implement
TrustyKeymasterContext AttestationKey and AttestationChain. At runtime,
if attestation keys are not available in RPMB, the keymaster TA will
fallback to hardcoded test keys.
When KEYMASTER_DEBUG is defined, fake root of trust values are used to
generate attestations.
Test: passes attestation CTS test when KEYMASTER_DEBUG is defined
Change-Id: Ie89522876e410f780db44f7c3f3a01050e72352c
12 files changed
