Add keymaster to keystore with soft implementation Add hardware crypto capabilities to keystore. This allows hardware escrow of private key material. There is also an OpenSSL engine that connects to keystore to allow use of the keystore keys from native code built into the platform. This includes a software implementation of keymaster using OpenSSL as the backend. This is just as insecure as the previous solution, but it's needed so devices without hardware support can continue to operate in the new scheme without a lot of compatibility code. Change-Id: I2bc67766e1f633ef1cbbd2874a65962074e84f4f

commit: 70e3a86abd2c412d602a018967c01c177eb6cf4e [log] [tgz]
author: Kenny Root <kroot@google.com> Wed Feb 15 17:20:23 2012 -0800
committer: Kenny Root <kroot@google.com> Wed Mar 21 17:12:27 2012 -0700
tree: e59ab280a44ff7d4a408bd3dcb298f3840ba13ae
parent: 5187818895c4c5f650a611c40531b1dff7764c18 [diff] [blame]
diff --git a/keystore/Android.mk b/keystore/Android.mk
index d0ab19d..548f783 100644
--- a/keystore/Android.mk
+++ b/keystore/Android.mk

@@ -19,8 +19,9 @@
 include $(CLEAR_VARS)
 LOCAL_SRC_FILES := keystore.cpp
 LOCAL_C_INCLUDES := external/openssl/include
-LOCAL_SHARED_LIBRARIES := libcutils libcrypto
+LOCAL_SHARED_LIBRARIES := libcutils libcrypto libhardware
 LOCAL_MODULE := keystore
+LOCAL_MODULE_TAGS := optional
 include $(BUILD_EXECUTABLE)
 
 include $(CLEAR_VARS)
commit	70e3a86abd2c412d602a018967c01c177eb6cf4e	[log] [tgz]
author	Kenny Root <kroot@google.com>	Wed Feb 15 17:20:23 2012 -0800
committer	Kenny Root <kroot@google.com>	Wed Mar 21 17:12:27 2012 -0700
tree	e59ab280a44ff7d4a408bd3dcb298f3840ba13ae
parent	5187818895c4c5f650a611c40531b1dff7764c18 [diff] [blame]