Separate keymaster0 and keymaster1 HALs.
Change-Id: I5c54282c12d1c4b8b22ed4929b6e6c724a94ede4
diff --git a/keystore/keyblob_utils.cpp b/keystore/keyblob_utils.cpp
index 9970e8c..3616822 100644
--- a/keystore/keyblob_utils.cpp
+++ b/keystore/keyblob_utils.cpp
@@ -14,10 +14,13 @@
* limitations under the License.
*/
+#include <stdint.h>
#include <string.h>
#include <sys/types.h>
#include <unistd.h>
+#include <keystore/keystore.h>
+
/**
* When a key is being migrated from a software keymaster implementation
* to a hardware keymaster implementation, the first 4 bytes of the key_blob
diff --git a/keystore/keystore.cpp b/keystore/keystore.cpp
index f00fa6f..194b87c 100644
--- a/keystore/keystore.cpp
+++ b/keystore/keystore.cpp
@@ -41,7 +41,7 @@
#include <openssl/md5.h>
#include <openssl/pem.h>
-#include <hardware/keymaster.h>
+#include <hardware/keymaster0.h>
#include <keymaster/softkeymaster.h>
@@ -103,7 +103,7 @@
typedef UniquePtr<PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_Delete> Unique_PKCS8_PRIV_KEY_INFO;
-static int keymaster_device_initialize(keymaster_device_t** dev) {
+static int keymaster_device_initialize(keymaster0_device_t** dev) {
int rc;
const hw_module_t* mod;
@@ -113,7 +113,7 @@
goto out;
}
- rc = keymaster_open(mod, dev);
+ rc = keymaster0_open(mod, dev);
if (rc) {
ALOGE("could not open keymaster device in %s (%s)",
KEYSTORE_HARDWARE_MODULE_ID, strerror(-rc));
@@ -127,7 +127,7 @@
return rc;
}
-static int fallback_keymaster_device_initialize(keymaster_device_t** dev) {
+static int fallback_keymaster_device_initialize(keymaster0_device_t** dev) {
int rc;
rc = openssl_open(reinterpret_cast<hw_module_t*>(&softkeymaster_module),
KEYSTORE_KEYMASTER,
@@ -143,8 +143,8 @@
return rc;
}
-static void keymaster_device_release(keymaster_device_t* dev) {
- keymaster_close(dev);
+static void keymaster_device_release(keymaster0_device_t* dev) {
+ keymaster0_close(dev);
}
/***************
@@ -961,7 +961,7 @@
class KeyStore {
public:
- KeyStore(Entropy* entropy, keymaster_device_t* device, keymaster_device_t* fallback)
+ KeyStore(Entropy* entropy, keymaster0_device_t* device, keymaster0_device_t* fallback)
: mEntropy(entropy)
, mDevice(device)
, mFallbackDevice(fallback)
@@ -983,15 +983,15 @@
mMasterKeys.clear();
}
- keymaster_device_t *getDevice() const {
+ keymaster0_device_t *getDevice() const {
return mDevice;
}
- keymaster_device_t *getFallbackDevice() const {
+ keymaster0_device_t *getFallbackDevice() const {
return mFallbackDevice;
}
- keymaster_device_t *getDeviceForBlob(const Blob& blob) const {
+ keymaster0_device_t *getDeviceForBlob(const Blob& blob) const {
return blob.isFallback() ? mFallbackDevice: mDevice;
}
@@ -1389,8 +1389,8 @@
static const android::String16 sRSAKeyType;
Entropy* mEntropy;
- keymaster_device_t* mDevice;
- keymaster_device_t* mFallbackDevice;
+ keymaster0_device_t* mDevice;
+ keymaster0_device_t* mFallbackDevice;
android::Vector<UserState*> mMasterKeys;
@@ -1869,8 +1869,8 @@
int rc;
bool isFallback = false;
- const keymaster_device_t* device = mKeyStore->getDevice();
- const keymaster_device_t* fallback = mKeyStore->getFallbackDevice();
+ const keymaster0_device_t* device = mKeyStore->getDevice();
+ const keymaster0_device_t* fallback = mKeyStore->getFallbackDevice();
if (device == NULL) {
return ::SYSTEM_ERROR;
}
@@ -2045,7 +2045,7 @@
return responseCode;
}
- const keymaster_device_t* device = mKeyStore->getDeviceForBlob(keyBlob);
+ const keymaster0_device_t* device = mKeyStore->getDeviceForBlob(keyBlob);
if (device == NULL) {
ALOGE("no keymaster device; cannot sign");
return ::SYSTEM_ERROR;
@@ -2094,7 +2094,7 @@
return responseCode;
}
- const keymaster_device_t* device = mKeyStore->getDeviceForBlob(keyBlob);
+ const keymaster0_device_t* device = mKeyStore->getDeviceForBlob(keyBlob);
if (device == NULL) {
return ::SYSTEM_ERROR;
}
@@ -2146,7 +2146,7 @@
return responseCode;
}
- const keymaster_device_t* device = mKeyStore->getDeviceForBlob(keyBlob);
+ const keymaster0_device_t* device = mKeyStore->getDeviceForBlob(keyBlob);
if (device == NULL) {
return ::SYSTEM_ERROR;
}
@@ -2347,7 +2347,7 @@
return ::PERMISSION_DENIED;
}
- const keymaster_device_t* device = mKeyStore->getDevice();
+ const keymaster0_device_t* device = mKeyStore->getDevice();
if (device == NULL) {
ALOGW("can't get keymaster device");
return ::SYSTEM_ERROR;
@@ -2445,7 +2445,7 @@
return false;
}
- bool isKeyTypeSupported(const keymaster_device_t* device, keymaster_keypair_t keyType) {
+ bool isKeyTypeSupported(const keymaster0_device_t* device, keymaster_keypair_t keyType) {
const int32_t device_api = device->common.module->module_api_version;
if (device_api == KEYMASTER_MODULE_API_VERSION_0_2) {
switch (keyType) {
@@ -2492,13 +2492,13 @@
return 1;
}
- keymaster_device_t* dev;
+ keymaster0_device_t* dev;
if (keymaster_device_initialize(&dev)) {
ALOGE("keystore keymaster could not be initialized; exiting");
return 1;
}
- keymaster_device_t* fallback;
+ keymaster0_device_t* fallback;
if (fallback_keymaster_device_initialize(&fallback)) {
ALOGE("software keymaster could not be initialized; exiting");
return 1;
diff --git a/softkeymaster/include/keymaster/softkeymaster.h b/softkeymaster/include/keymaster/softkeymaster.h
index e4b173c..e86ba3d 100644
--- a/softkeymaster/include/keymaster/softkeymaster.h
+++ b/softkeymaster/include/keymaster/softkeymaster.h
@@ -14,26 +14,26 @@
* limitations under the License.
*/
-#include <hardware/keymaster.h>
+#include <hardware/keymaster0.h>
#ifndef SOFTKEYMASTER_INCLUDE_KEYMASTER_SOFTKEYMASTER_H_
#define SOFTKEYMASTER_INCLUDE_KEYMASTER_SOFTKEYMASTER_H_
-int openssl_generate_keypair(const keymaster_device_t* dev, const keymaster_keypair_t key_type,
+int openssl_generate_keypair(const keymaster0_device_t* dev, const keymaster_keypair_t key_type,
const void* key_params, uint8_t** keyBlob, size_t* keyBlobLength);
-int openssl_import_keypair(const keymaster_device_t* dev, const uint8_t* key,
+int openssl_import_keypair(const keymaster0_device_t* dev, const uint8_t* key,
const size_t key_length, uint8_t** key_blob, size_t* key_blob_length);
-int openssl_get_keypair_public(const struct keymaster_device* dev, const uint8_t* key_blob,
+int openssl_get_keypair_public(const struct keymaster0_device* dev, const uint8_t* key_blob,
const size_t key_blob_length, uint8_t** x509_data,
size_t* x509_data_length);
-int openssl_sign_data(const keymaster_device_t* dev, const void* params, const uint8_t* keyBlob,
+int openssl_sign_data(const keymaster0_device_t* dev, const void* params, const uint8_t* keyBlob,
const size_t keyBlobLength, const uint8_t* data, const size_t dataLength,
uint8_t** signedData, size_t* signedDataLength);
-int openssl_verify_data(const keymaster_device_t* dev, const void* params, const uint8_t* keyBlob,
+int openssl_verify_data(const keymaster0_device_t* dev, const void* params, const uint8_t* keyBlob,
const size_t keyBlobLength, const uint8_t* signedData,
const size_t signedDataLength, const uint8_t* signature,
const size_t signatureLength);
diff --git a/softkeymaster/keymaster_openssl.cpp b/softkeymaster/keymaster_openssl.cpp
index 5b07160..ba58791 100644
--- a/softkeymaster/keymaster_openssl.cpp
+++ b/softkeymaster/keymaster_openssl.cpp
@@ -20,7 +20,7 @@
#include <keystore/keystore.h>
#include <hardware/hardware.h>
-#include <hardware/keymaster.h>
+#include <hardware/keymaster0.h>
#include <openssl/evp.h>
#include <openssl/bio.h>
@@ -37,61 +37,45 @@
#include <cutils/log.h>
struct BIGNUM_Delete {
- void operator()(BIGNUM* p) const {
- BN_free(p);
- }
+ void operator()(BIGNUM* p) const { BN_free(p); }
};
typedef UniquePtr<BIGNUM, BIGNUM_Delete> Unique_BIGNUM;
struct EVP_PKEY_Delete {
- void operator()(EVP_PKEY* p) const {
- EVP_PKEY_free(p);
- }
+ void operator()(EVP_PKEY* p) const { EVP_PKEY_free(p); }
};
typedef UniquePtr<EVP_PKEY, EVP_PKEY_Delete> Unique_EVP_PKEY;
struct PKCS8_PRIV_KEY_INFO_Delete {
- void operator()(PKCS8_PRIV_KEY_INFO* p) const {
- PKCS8_PRIV_KEY_INFO_free(p);
- }
+ void operator()(PKCS8_PRIV_KEY_INFO* p) const { PKCS8_PRIV_KEY_INFO_free(p); }
};
typedef UniquePtr<PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_Delete> Unique_PKCS8_PRIV_KEY_INFO;
struct DSA_Delete {
- void operator()(DSA* p) const {
- DSA_free(p);
- }
+ void operator()(DSA* p) const { DSA_free(p); }
};
typedef UniquePtr<DSA, DSA_Delete> Unique_DSA;
struct EC_KEY_Delete {
- void operator()(EC_KEY* p) const {
- EC_KEY_free(p);
- }
+ void operator()(EC_KEY* p) const { EC_KEY_free(p); }
};
typedef UniquePtr<EC_KEY, EC_KEY_Delete> Unique_EC_KEY;
struct EC_GROUP_Delete {
- void operator()(EC_GROUP* p) const {
- EC_GROUP_free(p);
- }
+ void operator()(EC_GROUP* p) const { EC_GROUP_free(p); }
};
typedef UniquePtr<EC_GROUP, EC_GROUP_Delete> Unique_EC_GROUP;
struct RSA_Delete {
- void operator()(RSA* p) const {
- RSA_free(p);
- }
+ void operator()(RSA* p) const { RSA_free(p); }
};
typedef UniquePtr<RSA, RSA_Delete> Unique_RSA;
struct Malloc_Free {
- void operator()(void* p) const {
- free(p);
- }
+ void operator()(void* p) const { free(p); }
};
-typedef UniquePtr<keymaster_device_t> Unique_keymaster_device_t;
+typedef UniquePtr<keymaster0_device_t> Unique_keymaster_device_t;
/**
* Many OpenSSL APIs take ownership of an argument on success but
@@ -378,7 +362,7 @@
}
__attribute__((visibility("default"))) int openssl_generate_keypair(
- const keymaster_device_t*, const keymaster_keypair_t key_type, const void* key_params,
+ const keymaster0_device_t*, const keymaster_keypair_t key_type, const void* key_params,
uint8_t** keyBlob, size_t* keyBlobLength) {
Unique_EVP_PKEY pkey(EVP_PKEY_new());
if (pkey.get() == NULL) {
@@ -413,7 +397,7 @@
return 0;
}
-__attribute__((visibility("default"))) int openssl_import_keypair(const keymaster_device_t*,
+__attribute__((visibility("default"))) int openssl_import_keypair(const keymaster0_device_t*,
const uint8_t* key,
const size_t key_length,
uint8_t** key_blob,
@@ -447,10 +431,11 @@
return 0;
}
-__attribute__((visibility("default"))) int openssl_get_keypair_public(
- const struct keymaster_device*, const uint8_t* key_blob, const size_t key_blob_length,
- uint8_t** x509_data, size_t* x509_data_length) {
-
+__attribute__((visibility("default"))) int openssl_get_keypair_public(const keymaster0_device_t*,
+ const uint8_t* key_blob,
+ const size_t key_blob_length,
+ uint8_t** x509_data,
+ size_t* x509_data_length) {
if (x509_data == NULL || x509_data_length == NULL) {
ALOGW("output public key buffer == NULL");
return -1;
@@ -585,7 +570,7 @@
}
__attribute__((visibility("default"))) int openssl_sign_data(
- const keymaster_device_t*, const void* params, const uint8_t* keyBlob,
+ const keymaster0_device_t*, const void* params, const uint8_t* keyBlob,
const size_t keyBlobLength, const uint8_t* data, const size_t dataLength, uint8_t** signedData,
size_t* signedDataLength) {
if (data == NULL) {
@@ -709,10 +694,9 @@
}
__attribute__((visibility("default"))) int openssl_verify_data(
- const keymaster_device_t*, const void* params, const uint8_t* keyBlob,
+ const keymaster0_device_t*, const void* params, const uint8_t* keyBlob,
const size_t keyBlobLength, const uint8_t* signedData, const size_t signedDataLength,
const uint8_t* signature, const size_t signatureLength) {
-
if (signedData == NULL || signature == NULL) {
ALOGW("data or signature buffers == NULL");
return -1;
@@ -754,12 +738,12 @@
/*
* Generic device handling
*/
-__attribute__((visibility("default"))) int openssl_open(const hw_module_t* module,
- const char* name, hw_device_t** device) {
+__attribute__((visibility("default"))) int openssl_open(const hw_module_t* module, const char* name,
+ hw_device_t** device) {
if (strcmp(name, KEYSTORE_KEYMASTER) != 0)
return -EINVAL;
- Unique_keymaster_device_t dev(new keymaster_device_t);
+ Unique_keymaster_device_t dev(new keymaster0_device_t);
if (dev.get() == NULL)
return -ENOMEM;
@@ -791,15 +775,16 @@
};
struct keystore_module softkeymaster_module __attribute__((visibility("default"))) = {
- .common = {
- .tag = HARDWARE_MODULE_TAG,
- .module_api_version = KEYMASTER_MODULE_API_VERSION_0_2,
- .hal_api_version = HARDWARE_HAL_API_VERSION,
- .id = KEYSTORE_HARDWARE_MODULE_ID,
- .name = "Keymaster OpenSSL HAL",
- .author = "The Android Open Source Project",
- .methods = &keystore_module_methods,
- .dso = 0,
- .reserved = {},
- },
+ .common =
+ {
+ .tag = HARDWARE_MODULE_TAG,
+ .module_api_version = KEYMASTER_MODULE_API_VERSION_0_2,
+ .hal_api_version = HARDWARE_HAL_API_VERSION,
+ .id = KEYSTORE_HARDWARE_MODULE_ID,
+ .name = "Keymaster OpenSSL HAL",
+ .author = "The Android Open Source Project",
+ .methods = &keystore_module_methods,
+ .dso = 0,
+ .reserved = {},
+ },
};
diff --git a/softkeymaster/module.cpp b/softkeymaster/module.cpp
index efc18a7..0dcbadd 100644
--- a/softkeymaster/module.cpp
+++ b/softkeymaster/module.cpp
@@ -18,7 +18,7 @@
#include <keystore/keystore.h>
#include <hardware/hardware.h>
-#include <hardware/keymaster.h>
+#include <hardware/keymaster0.h>
struct keystore_module HAL_MODULE_INFO_SYM __attribute__((visibility("default")))
= softkeymaster_module;