Add compatibility wrappers for ISecureClock and ISharedSecret

Test: keystore2_km_compat_test
Change-Id: I0a5361e36298b6d240818dc83f4210f9ecb213af
diff --git a/keystore2/src/km_compat/lib.rs b/keystore2/src/km_compat/lib.rs
index 6d3aa96..aed0e7e 100644
--- a/keystore2/src/km_compat/lib.rs
+++ b/keystore2/src/km_compat/lib.rs
@@ -37,10 +37,12 @@
     use android_hardware_security_keymint::binder;
     use android_security_compat::aidl::android::security::compat::IKeystoreCompatService::IKeystoreCompatService;
 
+    static COMPAT_NAME: &str = "android.security.compat";
+
     fn get_device() -> Box<dyn IKeyMintDevice> {
         add_keymint_device_service();
         let compat_service: Box<dyn IKeystoreCompatService> =
-            binder::get_interface("android.security.compat").unwrap();
+            binder::get_interface(COMPAT_NAME).unwrap();
         compat_service.getKeyMintDevice(SecurityLevel::TRUSTED_ENVIRONMENT).unwrap()
     }
 
@@ -55,15 +57,6 @@
     }
 
     #[test]
-    fn test_verify_authorization() {
-        use android_hardware_security_keymint::aidl::android::hardware::security::keymint::HardwareAuthToken::HardwareAuthToken;
-        let legacy = get_device();
-        let result = legacy.verifyAuthorization(0, &HardwareAuthToken::default());
-        assert!(result.is_err());
-        assert_eq!(result.unwrap_err().service_specific_error(), ErrorCode::UNIMPLEMENTED.0,);
-    }
-
-    #[test]
     fn test_add_rng_entropy() {
         let legacy = get_device();
         let result = legacy.addRngEntropy(&[42; 16]);
@@ -306,4 +299,36 @@
         assert!(result.is_ok(), "{:?}", result);
         assert!(out_params.is_some());
     }
+
+    #[test]
+    fn test_secure_clock() {
+        add_keymint_device_service();
+        let compat_service: Box<dyn IKeystoreCompatService> =
+            binder::get_interface(COMPAT_NAME).unwrap();
+        let secure_clock = compat_service.getSecureClock().unwrap();
+
+        let challenge = 42;
+        let result = secure_clock.generateTimeStamp(challenge);
+        assert!(result.is_ok(), "{:?}", result);
+        let result = result.unwrap();
+        assert_eq!(result.challenge, challenge);
+        assert_eq!(result.mac.len(), 32);
+    }
+
+    #[test]
+    fn test_shared_secret() {
+        add_keymint_device_service();
+        let compat_service: Box<dyn IKeystoreCompatService> =
+            binder::get_interface(COMPAT_NAME).unwrap();
+        let shared_secret =
+            compat_service.getSharedSecret(SecurityLevel::TRUSTED_ENVIRONMENT).unwrap();
+
+        let result = shared_secret.getSharedSecretParameters();
+        assert!(result.is_ok(), "{:?}", result);
+        let params = result.unwrap();
+
+        let result = shared_secret.computeSharedSecret(&[params]);
+        assert!(result.is_ok(), "{:?}", result);
+        assert_ne!(result.unwrap().len(), 0);
+    }
 }