diff options
author | Chad Brubaker <cbrubaker@google.com> | 2015-06-01 10:44:27 -0700 |
---|---|---|
committer | Chad Brubaker <cbrubaker@google.com> | 2015-06-01 10:44:27 -0700 |
commit | bd07a239085228c25898bc6cdece8b1b8758df83 (patch) | |
tree | dd783c660a40eac3751b46fd6669e981497f6687 | |
parent | 7d0e9a4170ec1b1ed0f80c1a75131dadf3dd6abe (diff) | |
download | android_system_security-bd07a239085228c25898bc6cdece8b1b8758df83.tar.gz android_system_security-bd07a239085228c25898bc6cdece8b1b8758df83.tar.bz2 android_system_security-bd07a239085228c25898bc6cdece8b1b8758df83.zip |
Use keymaster adapter to support older devices
The keymaster adapter wraps the hardware module to allow keystore to
call the new keymaster methods on it and continue using old keys created
by that device with the new methods.
Change-Id: Ica08d81c3707023d378ad5fe6562dc642f58ca90
-rw-r--r-- | keystore/keystore.cpp | 20 |
1 files changed, 14 insertions, 6 deletions
diff --git a/keystore/keystore.cpp b/keystore/keystore.cpp index 6bcbace..3504843 100644 --- a/keystore/keystore.cpp +++ b/keystore/keystore.cpp @@ -106,23 +106,31 @@ struct PKCS8_PRIV_KEY_INFO_Delete { }; typedef UniquePtr<PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_Delete> Unique_PKCS8_PRIV_KEY_INFO; -static int keymaster_device_initialize(keymaster0_device_t** dev) { +static int keymaster_device_initialize(keymaster1_device_t** dev) { int rc; const hw_module_t* mod; + keymaster::SoftKeymasterDevice* softkeymaster = NULL; rc = hw_get_module_by_class(KEYSTORE_HARDWARE_MODULE_ID, NULL, &mod); if (rc) { ALOGE("could not find any keystore module"); goto out; } - rc = keymaster0_open(mod, dev); + rc = mod->methods->open(mod, KEYSTORE_KEYMASTER, reinterpret_cast<struct hw_device_t**>(dev)); if (rc) { ALOGE("could not open keymaster device in %s (%s)", KEYSTORE_HARDWARE_MODULE_ID, strerror(-rc)); goto out; } + // Wrap older hardware modules with a softkeymaster adapter. + if ((*dev)->common.module->module_api_version >= KEYMASTER_MODULE_API_VERSION_1_0) { + return 0; + } + softkeymaster = + new keymaster::SoftKeymasterDevice(reinterpret_cast<keymaster0_device_t*>(*dev)); + *dev = softkeymaster->keymaster_device(); return 0; out: @@ -142,8 +150,8 @@ static int fallback_keymaster_device_initialize(keymaster1_device_t** dev) { return 0; } -static void keymaster_device_release(keymaster0_device_t* dev) { - keymaster0_close(dev); +static void keymaster_device_release(keymaster1_device_t* dev) { + dev->common.close(&dev->common); } /*************** @@ -3026,7 +3034,7 @@ int main(int argc, char* argv[]) { return 1; } - keymaster0_device_t* dev; + keymaster1_device_t* dev; if (keymaster_device_initialize(&dev)) { ALOGE("keystore keymaster could not be initialized; exiting"); return 1; @@ -3051,7 +3059,7 @@ int main(int argc, char* argv[]) { ALOGI("SELinux: Keystore SELinux is disabled.\n"); } - KeyStore keyStore(&entropy, reinterpret_cast<keymaster1_device_t*>(dev), fallback); + KeyStore keyStore(&entropy, dev, fallback); keyStore.initialize(); android::sp<android::IServiceManager> sm = android::defaultServiceManager(); android::sp<android::KeyStoreProxy> proxy = new android::KeyStoreProxy(&keyStore); |