diff options
| author | Janis Danisevskis <jdanis@google.com> | 2018-01-02 17:02:21 -0800 |
|---|---|---|
| committer | Janis Danisevskis <jdanis@google.com> | 2018-01-02 17:02:21 -0800 |
| commit | 265f912229d765741a95e661a67465d743292ddd (patch) | |
| tree | ab022760c42b51a8dfa4dd21dfc1fa9c65bbb3ed /ng | |
| parent | fb9b2a455f205710553bbec8944fc9d77b94c80b (diff) | |
| download | android_system_keymaster-265f912229d765741a95e661a67465d743292ddd.tar.gz android_system_keymaster-265f912229d765741a95e661a67465d743292ddd.tar.bz2 android_system_keymaster-265f912229d765741a95e661a67465d743292ddd.zip | |
Add security level parameter to keymaster factory
With this patch we can create reference hals that pretend to be
secure keymaster implementations. This is only to make Keystore happy
It will not pose a security risk because the pretending instances don't
have the right attestation certificate to impersonate an actual secure
implementation.
Change-Id: Ied79884a7cf354652c48bb7d7cd9385f26ad91d2
Diffstat (limited to 'ng')
| -rw-r--r-- | ng/AndroidKeymaster4Device.cpp | 10 | ||||
| -rw-r--r-- | ng/include/AndroidKeymaster4Device.h | 6 |
2 files changed, 9 insertions, 7 deletions
diff --git a/ng/AndroidKeymaster4Device.cpp b/ng/AndroidKeymaster4Device.cpp index ccc3a9e..015d3a4 100644 --- a/ng/AndroidKeymaster4Device.cpp +++ b/ng/AndroidKeymaster4Device.cpp @@ -219,19 +219,19 @@ void addClientAndAppData(const hidl_vec<uint8_t>& clientId, const hidl_vec<uint8 } // anonymous namespace -AndroidKeymaster4Device::AndroidKeymaster4Device() +AndroidKeymaster4Device::AndroidKeymaster4Device(SecurityLevel securityLevel) : impl_(new ::keymaster::AndroidKeymaster( []() -> auto { auto context = new PureSoftKeymasterContext(); context->SetSystemVersion(GetOsVersion(), GetOsPatchlevel()); return context; }(), - kOperationTableSize)) {} + kOperationTableSize)), securityLevel_(securityLevel) {} AndroidKeymaster4Device::~AndroidKeymaster4Device() {} Return<void> AndroidKeymaster4Device::getHardwareInfo(getHardwareInfo_cb _hidl_cb) { - _hidl_cb(::android::hardware::keymaster::V4_0::SecurityLevel::SOFTWARE, + _hidl_cb(securityLevel_, "SoftwareKeymasterDevice", "Google"); return Void(); } @@ -505,8 +505,8 @@ Return<ErrorCode> AndroidKeymaster4Device::abort(uint64_t operationHandle) { return legacy_enum_conversion(response.error); } -IKeymasterDevice* CreateKeymasterDevice() { - return new AndroidKeymaster4Device(); +IKeymasterDevice* CreateKeymasterDevice(SecurityLevel securityLevel) { + return new AndroidKeymaster4Device(securityLevel); } } // namespace ng diff --git a/ng/include/AndroidKeymaster4Device.h b/ng/include/AndroidKeymaster4Device.h index 73445d3..ed1dd13 100644 --- a/ng/include/AndroidKeymaster4Device.h +++ b/ng/include/AndroidKeymaster4Device.h @@ -42,12 +42,13 @@ using ::android::hardware::keymaster::V4_0::IKeymasterDevice; using ::android::hardware::keymaster::V4_0::KeyCharacteristics; using ::android::hardware::keymaster::V4_0::KeyParameter; using ::android::hardware::keymaster::V4_0::KeyPurpose; +using ::android::hardware::keymaster::V4_0::SecurityLevel; using ::android::hardware::keymaster::V4_0::Tag; using ::android::hardware::keymaster::V4_0::VerificationToken; class AndroidKeymaster4Device : public IKeymasterDevice { public: - AndroidKeymaster4Device(); + AndroidKeymaster4Device(SecurityLevel securityLevel); virtual ~AndroidKeymaster4Device(); Return<void> getHardwareInfo(getHardwareInfo_cb _hidl_cb) override; @@ -97,9 +98,10 @@ class AndroidKeymaster4Device : public IKeymasterDevice { private: std::unique_ptr<::keymaster::AndroidKeymaster> impl_; + SecurityLevel securityLevel_; }; -IKeymasterDevice* CreateKeymasterDevice(); +IKeymasterDevice* CreateKeymasterDevice(SecurityLevel securityLevel); } // namespace ng } // namespace V4_0 |