tequilaOS/platform_system_security
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Update keystore to use KM4.1.

Browse source 
This is the first part of the update, adjusting keystore to use the
KM4.1 interface, but not call any of the new methods.  That will come
in a subsequent CL.

Test: CtsKeystoreTestCases
Change-Id: Ib7486aad46c144471a1607eec31b8df1059a511d
Merged-In: Ib7486aad46c144471a1607eec31b8df1059a511d
This commit is contained in:
Shawn Willden 2020-01-16 13:27:49 -07:00
parent fc1fc88195
commit a97aea4040
14 changed files with 31 additions and 32 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
keystore/Android.bp
View file

@ -53,6 +53,7 @@ cc_binary {
"android.hardware.confirmationui@1.0",
"android.hardware.keymaster@3.0",
"android.hardware.keymaster@4.0",
"android.hardware.keymaster@4.1",
"libbase",
"libbinder",
"libcrypto",
@ -60,6 +61,7 @@ cc_binary {
"libhardware",
"libhidlbase",
"libkeymaster4support",
"libkeymaster4_1support",
"libkeymaster_messages",
"libkeymaster_portable",
"libkeystore-attestation-application-id",
@ -150,10 +152,12 @@ cc_library_shared {
],
shared_libs: [
"android.hardware.keymaster@4.0",
"android.hardware.keymaster@4.1",
"libbinder",
"libhardware",
"libhidlbase",
"libkeymaster4support",
"libkeymaster4_1support",
"liblog",
"libprotobuf-cpp-lite",
"libutils",
@ -161,9 +165,10 @@ cc_library_shared {
],
export_shared_lib_headers: [
"android.hardware.keymaster@4.0",
"android.hardware.keymaster@4.1",
"libbinder",
"libhidlbase",
"libkeymaster4support",
"libkeymaster4_1support",
],
}
// Library for keystore clients

2
keystore/KeyStore.h
View file

@ -18,7 +18,7 @@
#define KEYSTORE_KEYSTORE_H_
#include <android/hardware/keymaster/3.0/IKeymasterDevice.h>
#include <keymasterV4_0/Keymaster.h>
#include <keymasterV4_1/Keymaster.h>
#include <utils/Vector.h>
#include <keystore/keymaster_types.h>

2
keystore/OperationResult.cpp
View file

@ -29,8 +29,8 @@ namespace android {
namespace security {
namespace keymaster {
using keystore::keymaster::ErrorCode;
using ::android::status_t;
using ::keystore::ErrorCode;
OperationResult::OperationResult() : resultCode(), token(), handle(0), inputConsumed(0), data() {}

2
keystore/auth_token_table.h
View file

@ -25,8 +25,6 @@
namespace keystore {
using keymaster::HardwareAuthToken;
namespace test {
class AuthTokenTableTest;
} // namespace test

19
keystore/include/keystore/keymaster_types.h
View file

@ -16,11 +16,11 @@
#define SECURITY_KEYSTORE_INCLUDE_KEYSTORE_KEYMASTER_TYPES_H_
#include <android/hardware/keymaster/3.0/types.h>
#include <android/hardware/keymaster/4.0/IKeymasterDevice.h>
#include <android/hardware/keymaster/4.0/types.h>
#include <android/hardware/keymaster/4.1/IKeymasterDevice.h>
#include <android/hardware/keymaster/4.1/types.h>
#include <keymasterV4_0/authorization_set.h>
#include <keymasterV4_0/keymaster_tags.h>
#include <keymasterV4_1/authorization_set.h>
#include <keymasterV4_1/keymaster_tags.h>
/**
* This header lifts the types from the current Keymaster version into the keystore namespace.
@ -29,7 +29,7 @@
namespace keystore {
// Changing this namespace alias will change the keymaster version.
namespace keymaster = ::android::hardware::keymaster::V4_0;
namespace keymaster = ::android::hardware::keymaster::V4_1;
using android::hardware::hidl_vec;
using android::hardware::Return;
@ -40,11 +40,17 @@ using keymaster::SecurityLevel;
using keymaster::AuthorizationSet;
using keymaster::AuthorizationSetBuilder;
// It's more convenient to use the V4.0 error and tag types by default.
using ::android::hardware::keymaster::V4_0::ErrorCode;
using ::android::hardware::keymaster::V4_0::Tag;
using V4_1_ErrorCode = ::android::hardware::keymaster::V4_1::ErrorCode;
using V4_1_Tag = ::android::hardware::keymaster::V4_1::Tag;
using keymaster::Algorithm;
using keymaster::BlockMode;
using keymaster::Digest;
using keymaster::EcCurve;
using keymaster::ErrorCode;
using keymaster::HardwareAuthenticatorType;
using keymaster::HardwareAuthToken;
using keymaster::HmacSharingParameters;
@ -55,7 +61,6 @@ using keymaster::KeyPurpose;
using keymaster::OperationHandle;
using keymaster::PaddingMode;
using keymaster::SecurityLevel;
using keymaster::Tag;
using keymaster::TagType;
using keymaster::VerificationToken;

2
keystore/include/keystore/keystore_return_types.h
View file

@ -23,8 +23,6 @@
namespace keystore {
using keymaster::ErrorCode;
class KeyStoreServiceReturnCode;
class KeyStoreNativeReturnCode;

2
keystore/key_proto_handler.cpp
View file

@ -19,7 +19,7 @@
#include <android/os/DropBoxManager.h>
#include <google/protobuf/message_lite.h>
#include <keymasterV4_0/Keymaster.h>
#include <keymasterV4_1/Keymaster.h>
#include <keystore/keymaster_types.h>
#include <utils/String16.h>
#include <utils/StrongPointer.h>

14
keystore/keymaster_worker.h
View file

@ -20,7 +20,7 @@
#include <condition_variable>
#include <functional>
#include <keymasterV4_0/Keymaster.h>
#include <keymasterV4_1/Keymaster.h>
#include <memory>
#include <mutex>
#include <optional>
@ -32,6 +32,7 @@
#include <keystore/KeyCharacteristics.h>
#include <keystore/KeymasterBlob.h>
#include <keystore/OperationResult.h>
#include <keystore/keymaster_types.h>
#include <keystore/keystore_return_types.h>
#include "blob.h"
@ -43,16 +44,7 @@ using android::sp;
using ::android::hardware::hidl_vec;
using ::android::hardware::Return;
using ::android::hardware::Void;
using android::hardware::keymaster::V4_0::ErrorCode;
using android::hardware::keymaster::V4_0::HardwareAuthToken;
using android::hardware::keymaster::V4_0::HmacSharingParameters;
using android::hardware::keymaster::V4_0::KeyCharacteristics;
using android::hardware::keymaster::V4_0::KeyFormat;
using android::hardware::keymaster::V4_0::KeyParameter;
using android::hardware::keymaster::V4_0::KeyPurpose;
using android::hardware::keymaster::V4_0::VerificationToken;
using android::hardware::keymaster::V4_0::support::Keymaster;
// using KeystoreCharacteristics = ::android::security::keymaster::KeyCharacteristics;
using android::hardware::keymaster::V4_1::support::Keymaster;
using ::android::security::keymaster::KeymasterBlob;
class KeyStore;

2
keystore/keystore_aidl_hidl_marshalling_utils.cpp
View file

@ -205,7 +205,7 @@ namespace security {
namespace keymaster {
using ::android::status_t;
using ::keystore::keymaster::ErrorCode;
using ::keystore::ErrorCode;
ExportResult::ExportResult() : resultCode() {}

4
keystore/keystore_main.cpp
View file

@ -21,8 +21,8 @@
#include <android/security/keystore/IKeystoreService.h>
#include <binder/IPCThreadState.h>
#include <binder/IServiceManager.h>
#include <keymasterV4_0/Keymaster3.h>
#include <keymasterV4_0/Keymaster4.h>
#include <keymasterV4_1/Keymaster3.h>
#include <keymasterV4_1/Keymaster4.h>
#include <utils/StrongPointer.h>
#include <keystore/keystore_hidl_support.h>

2
keystore/operation.h
View file

@ -26,7 +26,7 @@
#include <binder/Binder.h>
#include <binder/IBinder.h>
#include <keymasterV4_0/Keymaster.h>
#include <keymasterV4_1/Keymaster.h>
#include <utils/StrongPointer.h>
#include <keystore/keymaster_types.h>

2
keystore/operation_proto_handler.cpp
View file

@ -19,7 +19,7 @@
#include <android/os/DropBoxManager.h>
#include <google/protobuf/message_lite.h>
#include <keymasterV4_0/Keymaster.h>
#include <keymasterV4_1/Keymaster.h>
#include <keystore/keymaster_types.h>
#include <keystore/keystore_hidl_support.h>
#include <utils/String16.h>

2
keystore/operation_struct.h
View file

@ -19,7 +19,7 @@
#include <binder/Binder.h>
#include <binder/IBinder.h>
#include <keymasterV4_0/Keymaster.h>
#include <keymasterV4_1/Keymaster.h>
#include <utils/StrongPointer.h>
#include <keystore/keymaster_types.h>

1
keystore/tests/Android.bp
View file

@ -24,6 +24,7 @@ cc_test {
"libgtest_main",
"libhidlbase",
"libkeymaster4support",
"libkeymaster4_1support",
"libkeystore_test",
"liblog",
"libutils",