Add more EEK variant tests and related fixes

 - Test with deliberately-invalid EEK in request:
    - corrupt signature
    - missing initial self-signed cert
 - Test with different sizes of EEK chain.

These tests will only really take effect when we have a valid GEEK to
test with.

Other changes:
 - Fix encoding of KeyUsage bitset.
 - Add a made-up allowed-root pubkey for prod mode. This needs to be
   replaced with the real GEEK when available.
 - Fix generateEek() so that the first private key isn't used for
   all signing operations.

Test: VtsHalRemotelyProvisionedComponentTargetTest
Change-Id: I833894d33cd1757b7a0cfcf18f79b61e4e56a556

0 files changed, 0 insertions, 0 deletions