We need to add more methods to the keystore engine, so split out RSA so
it doesn't become too unwieldy.
This doesn't affect the size of the symbol table since the default
visibility for this module is "hidden."
Change-Id: I806553a8d1a01ff0ffd7b67054932ddf783bb502
We don't need our engine to be copied when initialized with
ENGINE_by_id, so just make sure our flags are cleared when we
initialize.
Change-Id: Ie75fad37c2f78a769c425889c1d0661b468cd0c7
ENGINE_by_id will load up multiple copies of the engine which will
create a new ex_data index each time it's called. This change makes sure
the ex_data index is only initialized once.
Change-Id: I5e197faf6273ec3b3cafcbeadf7da8ec04a4f50b
Add hardware crypto capabilities to keystore. This allows hardware
escrow of private key material.
There is also an OpenSSL engine that connects to keystore to allow use
of the keystore keys from native code built into the platform.
This includes a software implementation of keymaster using OpenSSL
as the backend. This is just as insecure as the previous solution,
but it's needed so devices without hardware support can continue
to operate in the new scheme without a lot of compatibility code.
Change-Id: I2bc67766e1f633ef1cbbd2874a65962074e84f4f
