Simplify KeyMint setAdditionalAttestationInfo impl Make `allowed_additional_attestation_tags` a const slice instead of a BTreeSet & make `additional_attestation_info` a Vec instead of BTreeMap. Bug: 369375199 Test: VtsAidlKeyMintTargetTest Change-Id: Iebcc04473e3a051530f71ab324ae8aebfde9888f

diff --git a/ta/src/keys.rs b/ta/src/keys.rs
index 87a070d..7323b01 100644
--- a/ta/src/keys.rs
+++ b/ta/src/keys.rs

@@ -172,8 +172,6 @@
             if let Some(SigningInfo { attestation_info: Some((challenge, app_id)), .. }) = &info {
                 let unique_id = self.calculate_unique_id(app_id, params)?;
                 let boot_info = self.boot_info_hashed_key()?;
-                let additional_attestation_info =
-                    self.additional_attestation_info.values().cloned().collect::<Vec<_>>();
                 let attest_ext = cert::attestation_extension(
                     self.aidl_version as i32,
                     challenge,
@@ -184,7 +182,7 @@
                     chars,
                     &unique_id,
                     &boot_info,
-                    additional_attestation_info.as_slice(),
+                    &self.additional_attestation_info,
                 )?;
                 Some(
                     cert::asn1_der_encode(&attest_ext)

diff --git a/ta/src/lib.rs b/ta/src/lib.rs
index 773f0c1..95bdf09 100644
--- a/ta/src/lib.rs
+++ b/ta/src/lib.rs

@@ -18,8 +18,7 @@
 extern crate alloc;
 
 use alloc::{
-    boxed::Box, collections::BTreeMap, collections::BTreeSet, format, rc::Rc, string::String,
-    string::ToString, vec::Vec,
+    boxed::Box, collections::BTreeMap, format, rc::Rc, string::String, string::ToString, vec::Vec,
 };
 use core::cmp::Ordering;
 use core::mem::size_of;
@@ -85,6 +84,9 @@
 /// Maximum number of keys whose use count can be tracked.
 const MAX_USE_COUNTED_KEYS: usize = 32;
 
+/// Tags allowed in `KeyMintTa::additional_attestation_info`.
+const ALLOWED_ADDITIONAL_ATTESTATION_TAGS: &[Tag] = &[Tag::ModuleHash];
+
 /// Per-key ID use count.
 struct UseCount {
     key_id: KeyId,
@@ -138,10 +140,7 @@
 
     /// Additional information to attest to, provided by Android. Refer to
     /// `IKeyMintDevice::setAdditionalAttestationInfo()`.
-    additional_attestation_info: BTreeMap<Tag, KeyParam>,
-
-    /// Tags allowed in additional_attestation_info.
-    allowed_additional_attestation_tags: BTreeSet<Tag>,
+    additional_attestation_info: Vec<KeyParam>,
 
     /// Attestation chain information, retrieved on first use.
     attestation_chain_info: RefCell<BTreeMap<device::SigningKeyType, AttestationChainInfo>>,
@@ -336,8 +335,7 @@
             attestation_chain_info: RefCell::new(BTreeMap::new()),
             attestation_id_info: RefCell::new(None),
             dice_info: RefCell::new(None),
-            additional_attestation_info: BTreeMap::new(),
-            allowed_additional_attestation_tags: BTreeSet::from([Tag::ModuleHash]),
+            additional_attestation_info: Vec::new(),
         }
     }
 
@@ -1105,25 +1103,35 @@
     fn set_additional_attestation_info(&mut self, info: Vec<KeyParam>) -> Result<(), Error> {
         for param in info {
             let tag = param.tag();
-            if !self.allowed_additional_attestation_tags.contains(&tag) {
+            if !ALLOWED_ADDITIONAL_ATTESTATION_TAGS.contains(&tag) {
+                warn!("ignoring non-allowlisted tag: {tag:?}");
                 continue;
             }
-            match self.additional_attestation_info.get(&tag) {
+            match self.additional_attestation_info.iter().find(|&x| x.tag() == tag) {
                 Some(value) if value == &param => {
-                    warn!("additional attestation info for: {:?} already set, ignoring repeated attempt to set same info", param);
+                    warn!(
+                        concat!(
+                            "additional attestation info for: {:?} already set, ignoring repeated",
+                            " attempt to set same info"
+                        ),
+                        param
+                    );
                     continue;
                 }
                 Some(value) => {
                     return Err(set_additional_attestation_info_err(
                         tag,
                         format!(
-                            "attempt to set additional attestation info for: {:?}, but that tag already has a different value set: {:?}",
+                            concat!(
+                            "attempt to set additional attestation info for: {:?}, but that tag",
+                            " already has a different value set: {:?}"
+                        ),
                             param, value
                         ),
                     ));
                 }
                 None => {
-                    self.additional_attestation_info.insert(tag, param.clone());
+                    self.additional_attestation_info.push(param.clone());
                 }
             }
         }
@@ -1269,12 +1277,12 @@
     }
 }
 
-/// Create an Error for set_additional_attestation_info failure that corresponds to the
-/// specified tag.
-pub fn set_additional_attestation_info_err(tag: Tag, err_msg: String) -> Error {
+/// Create an Error for [`KeyMintTa::set_additional_attestation_info`] failure that corresponds to
+/// the specified tag.
+fn set_additional_attestation_info_err(tag: Tag, err_msg: String) -> Error {
     match tag {
         Tag::ModuleHash => km_err!(ModuleHashAlreadySet, "{}", err_msg),
-        _ => km_err!(InvalidTag, "unexpected tag: {:?}", tag),
+        _ => km_err!(InvalidTag, "unexpected tag: {tag:?}"),
     }
 }