Add new IRemotelyProvisionedKeyPool service to keystore2
This service allows clients to request remotely provisioned attestation
keys. These blobs are only usable by applications that have the ability
to pass them to a keymint implementation for use as keys.
This API is intended as a short-term solution in Android T to enable
remote key provisioning for identity credential keys. In Android U,
the underlying service will be updated to be more flexible allowing for
IRemotelyProvisionedComponent to be implemented by things other than
keymint.
Test: keystore2_test
Test: RemoteProvisionerUnitTests
Test: VtsHalRemotelyProvisionedComponentTargetTest
Bug: 194696876
Change-Id: I5ddb1bd087b606ccea88ccf170b99d5bc1b4501d
diff --git a/keystore2/src/database.rs b/keystore2/src/database.rs
index 7099f5a..133a926 100644
--- a/keystore2/src/database.rs
+++ b/keystore2/src/database.rs
@@ -3207,7 +3207,7 @@
}
#[cfg(test)]
-mod tests {
+pub mod tests {
use super::*;
use crate::key_parameter::{
@@ -3237,7 +3237,7 @@
#[cfg(disabled)]
use std::time::Instant;
- fn new_test_db() -> Result<KeystoreDB> {
+ pub fn new_test_db() -> Result<KeystoreDB> {
let conn = KeystoreDB::make_connection("file::memory:")?;
let mut db = KeystoreDB { conn, gc: None, perboot: Arc::new(perboot::PerbootDB::new()) };