Tidy up ssl_platform_key_android_unittest.cc.

net/data/ssl/certificates/README

 This directory contains various certificates for use with SSL-related
 unit tests.
 
 ===== Real-world certificates that need manual updating
 - google.binary.p7b
 - google.chain.pem
 - google.pem_cert.p7b
 - google.pem_pkcs7.p7b
 - google.pkcs7.p7b
 - google.single.der
@@ skipping 207 matching lines @@
 - client_1.pk8
 - client_1_ca.pem
 - client_2.pem
 - client_2.key
 - client_2.pk8
 - client_2_ca.pem
 - client_3.pem
 - client_3.key
 - client_3.pk8
 - client_3_ca.pem
+- client_4.pem
+- client_4.key
+- client_4.pk8
+- client_4_ca.pem
+- client_root_ca.pem
      This is a set of files used to unit test SSL client certificate
      authentication.
      - client_1_ca.pem and client_2_ca.pem are the certificates of
        two distinct signing CAs.
      - client_1.pem and client_1.key correspond to the certificate and
        private key for a first certificate signed by client_1_ca.pem.
      - client_2.pem and client_2.key correspond to the certificate and
        private key for a second certificate signed by client_2_ca.pem.
      - each .pk8 file contains the same key as the corresponding .key file
        as PKCS#8 PrivateKeyInfo in DER encoding.
      - client_3.pem is nearly identical to client_2.pem, except it is used
        to test wifi EAP-TLS authentication so it uses a different set
        of X509v3 extensions.  Specifically it includes two Subject
        Alternative Name fields recognized by Chrome OS.
-
-===== From net/data/ssl/scripts/generate-android-test-key.sh
-- android-test-key-rsa.pem
-- android-test-key-dsa.pem
-- android-test-key-dsa-public.pem
-- android-test-key-ecdsa.pem
-- android-test-key-ecdsa-public.pem
-     This is a set of test RSA/DSA/ECDSA keys used by the Android-specific
-     unit test in net/android/keystore_unittest.c. They are used to verify
-     that the OpenSSL-specific wrapper for platform PrivateKey objects
-     works properly. See the generate-android-test-keys.sh script.
+     - client_4.pem is similar to client_2.pem but is a P-256 ECDSA key rather
+       than RSA.
+     - client_root_ca.pem is the CA certificate which signed client_*_ca.pem.
 
 ===== From net/data/ssl/scripts/generate-bad-eku-certs.sh
 - eku-test-root.pem
 - non-crit-codeSigning-chain.pem
 - crit-codeSigning-chain.pem
      Two code-signing certificates (eKU: codeSigning; eKU: critical,
      codeSigning) which we use to test that clients are making sure that web
      server certs are checked for correct eKU fields (when an eKU field is
      present). Since codeSigning is not valid for web server auth, the checks
      should fail.
@@ skipping 33 matching lines @@
      aia-cert.pem has a caIssuers that points to "aia-test.invalid" as the URL
      containing the intermediate, which can be served via a URLRequestFilter.
      aia-intermediate.der is stored in DER form for convenience, since that is
      the form expected of certificates discovered via AIA.
 
 ===== From net/data/ssl/scripts/generate-self-signed-certs.sh
  - self-signed-invalid-name.pem
  - self-signed-invalid-sig.pem
      Two "self-signed" certificates with mismatched names or an invalid
      signature, respectively.