Update the VTS module according to the refactoring in aosp/2826571

Test: atest VtsAidlAuthGraphRoleTest, atest VtsAidlAuthGraphSessionTest
Change-Id: I6cc3bd17952f602b58668d35e09c6a5385c7de61
diff --git a/security/authgraph/aidl/vts/functional/lib.rs b/security/authgraph/aidl/vts/functional/lib.rs
index 7b9b2b9..da3fa1c 100644
--- a/security/authgraph/aidl/vts/functional/lib.rs
+++ b/security/authgraph/aidl/vts/functional/lib.rs
@@ -24,22 +24,19 @@
     PlainPubKey::PlainPubKey, PubKey::PubKey, SessionIdSignature::SessionIdSignature,
 };
 use authgraph_boringssl as boring;
-use authgraph_core::keyexchange as ke;
-use authgraph_core::{arc, key, traits};
-use authgraph_nonsecure::StdClock;
+use authgraph_core::{error::Error as AgError, keyexchange as ke};
 use coset::CborSerializable;
 
 pub mod sink;
 pub mod source;
 
-/// Return a collection of AuthGraph trait implementations suitable for testing.
-pub fn test_impls() -> traits::TraitImpl {
-    // Note that the local implementation is using a clock with a potentially different epoch than
-    // the implementation under test.
-    boring::trait_impls(
+/// Return an AuthGraphParticipant suitable for testing.
+pub fn test_ag_participant() -> Result<ke::AuthGraphParticipant, AgError> {
+    Ok(ke::AuthGraphParticipant::new(
+        boring::crypto_trait_impls(),
         Box::<boring::test_device::AgDevice>::default(),
-        Some(Box::new(StdClock::default())),
-    )
+        ke::MAX_OPENED_SESSIONS,
+    )?)
 }
 
 fn build_plain_pub_key(pub_key: &Option<Vec<u8>>) -> PubKey {
@@ -56,14 +53,6 @@
     }
 }
 
-fn verification_key_from_identity(impls: &traits::TraitImpl, identity: &[u8]) -> key::EcVerifyKey {
-    let identity = key::Identity::from_slice(identity).expect("invalid identity CBOR");
-    impls
-        .device
-        .process_peer_cert_chain(&identity.cert_chain, &*impls.ecdsa)
-        .expect("failed to extract signing key")
-}
-
 fn vec_to_identity(data: &[u8]) -> Identity {
     Identity {
         identity: data.to_vec(),
@@ -75,26 +64,3 @@
         signature: data.to_vec(),
     }
 }
-
-/// Decrypt a pair of AES-256 keys encrypted with the AuthGraph PBK.
-pub fn decipher_aes_keys(imp: &traits::TraitImpl, arc: &[Vec<u8>; 2]) -> [key::AesKey; 2] {
-    [
-        decipher_aes_key(imp, &arc[0]),
-        decipher_aes_key(imp, &arc[1]),
-    ]
-}
-
-/// Decrypt an AES-256 key encrypted with the AuthGraph PBK.
-pub fn decipher_aes_key(imp: &traits::TraitImpl, arc: &[u8]) -> key::AesKey {
-    let pbk = imp.device.get_per_boot_key().expect("no PBK available");
-    let arc::ArcContent {
-        payload,
-        protected_headers: _,
-        unprotected_headers: _,
-    } = arc::decipher_arc(&pbk, arc, &*imp.aes_gcm).expect("failed to decrypt arc");
-    assert_eq!(payload.0.len(), 32);
-    let mut key = key::AesKey([0; 32]);
-    key.0.copy_from_slice(&payload.0);
-    assert_ne!(key.0, [0; 32], "agreed AES-256 key should be non-zero");
-    key
-}