Fix Keymint VTS test after adding CERTIFICATE_* tags

Pass required tags to generateKey and importKey. Bug: 179809936 Test: VtsAidlKeyMintTargetTest Change-Id: I762f73de50ca35c2f1ed271385d863910f53dcd2
author: Janis Danisevskis <jdanis@google.com> 2021-02-09 11:30:25 -0800
committer: Janis Danisevskis <jdanis@google.com> 2021-02-09 13:55:26 -0800
commit: 164bb878d4d09c7d351a0a1b5247615960faf295 (patch)
tree: 4eb9b63bf420c19b14afb9bddee306c18f19fef7 /security/keymint/support/authorization_set.cpp
parent: a47bf3b8adb52894665d57ce8421f63f9aced2c0 (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/security/keymint/support/authorization_set.cpp b/security/keymint/support/authorization_set.cpp
index 3d44dff27c..8d4257101c 100644
--- a/security/keymint/support/authorization_set.cpp
+++ b/security/keymint/support/authorization_set.cpp
@@ -243,4 +243,12 @@ AuthorizationSetBuilder& AuthorizationSetBuilder::Padding(
     return *this;
 }
 
+AuthorizationSetBuilder& AuthorizationSetBuilder::SetDefaultValidity() {
+    // Per RFC 5280 4.1.2.5, an undefined expiration (not-after) field should be set to
+    // GeneralizedTime 999912312359559, which is 253402300799000 ms from Jan 1, 1970.
+    constexpr uint64_t kUndefinedExpirationDateTime = 253402300799000;
+    Authorization(TAG_CERTIFICATE_NOT_BEFORE, 0);
+    return Authorization(TAG_CERTIFICATE_NOT_AFTER, kUndefinedExpirationDateTime);
+}
+
 }  // namespace aidl::android::hardware::security::keymint
author	Janis Danisevskis <jdanis@google.com>	2021-02-09 11:30:25 -0800
committer	Janis Danisevskis <jdanis@google.com>	2021-02-09 13:55:26 -0800
commit	164bb878d4d09c7d351a0a1b5247615960faf295 (patch)
tree	4eb9b63bf420c19b14afb9bddee306c18f19fef7 /security/keymint/support/authorization_set.cpp
parent	a47bf3b8adb52894665d57ce8421f63f9aced2c0 (diff)