Update the security logs for better understanding

We have had a good deal of reports about the logs
that come out of the security_level file and these update
the logs where there have been bugs made for these in
the past.

Test: atest keystore2_test
Test: atest CtsKeystoreTestCases
Change-Id: I89ec4f7fde67e4db16c1102f815abda9ea796163
diff --git a/keystore2/src/utils.rs b/keystore2/src/utils.rs
index 196cac5..c80bfa5 100644
--- a/keystore2/src/utils.rs
+++ b/keystore2/src/utils.rs
@@ -551,8 +551,8 @@
     items_to_return
 }
 
-/// List all key aliases for a given domain + namespace. whose alias is greater
-/// than start_past_alias (if provided).
+/// Log the key parameters, excluding sensitive ones such as
+/// APPLICATION_DATA and APPLICATION_ID
 pub fn list_key_entries(
     db: &mut KeystoreDB,
     domain: Domain,
@@ -591,6 +591,16 @@
     Ok((legacy_keys.len() + num_keys_in_db) as i32)
 }
 
+/// For params remove sensitive data before returning a string for logging
+pub fn log_security_safe_params(params: &[KmKeyParameter]) -> String {
+    format!(
+        "{:?}",
+        params
+            .iter()
+            .filter(|kp| (kp.tag != Tag::APPLICATION_ID && kp.tag != Tag::APPLICATION_DATA))
+    )
+}
+
 /// Trait implemented by objects that can be used to decrypt cipher text using AES-GCM.
 pub trait AesGcm {
     /// Deciphers `data` using the initialization vector `iv` and AEAD tag `tag`