Merge "Update Keystore to use keymaster2 HAL." am: fd50293cd5
am: f647e0a994
* commit 'f647e0a99492d21825e891c53b9a05fed04dbb9c':
Update Keystore to use keymaster2 HAL.
diff --git a/keystore/key_store_service.cpp b/keystore/key_store_service.cpp
index f20f4ba..b990407 100644
--- a/keystore/key_store_service.cpp
+++ b/keystore/key_store_service.cpp
@@ -561,8 +561,8 @@
}
int32_t KeyStoreService::addRngEntropy(const uint8_t* data, size_t dataLength) {
- const keymaster1_device_t* device = mKeyStore->getDevice();
- const keymaster1_device_t* fallback = mKeyStore->getFallbackDevice();
+ const auto* device = mKeyStore->getDevice();
+ const auto* fallback = mKeyStore->getFallbackDevice();
int32_t devResult = KM_ERROR_UNIMPLEMENTED;
int32_t fallbackResult = KM_ERROR_UNIMPLEMENTED;
if (device->common.module->module_api_version >= KEYMASTER_MODULE_API_VERSION_1_0 &&
@@ -593,10 +593,10 @@
rc = KM_ERROR_UNIMPLEMENTED;
bool isFallback = false;
keymaster_key_blob_t blob;
- keymaster_key_characteristics_t* out = NULL;
+ keymaster_key_characteristics_t out = {{nullptr, 0}, {nullptr, 0}};
- const keymaster1_device_t* device = mKeyStore->getDevice();
- const keymaster1_device_t* fallback = mKeyStore->getFallbackDevice();
+ const auto* device = mKeyStore->getDevice();
+ const auto* fallback = mKeyStore->getFallbackDevice();
std::vector<keymaster_key_param_t> opParams(params.params);
const keymaster_key_param_set_t inParams = {opParams.data(), opParams.size()};
if (device == NULL) {
@@ -613,7 +613,8 @@
rc = KM_ERROR_UNIMPLEMENTED;
}
if (rc == KM_ERROR_OK) {
- rc = device->generate_key(device, &inParams, &blob, &out);
+ rc =
+ device->generate_key(device, &inParams, &blob, outCharacteristics ? &out : nullptr);
}
}
// If the HW device didn't support generate_key or generate_key failed
@@ -629,17 +630,13 @@
rc = KM_ERROR_UNIMPLEMENTED;
}
if (rc == KM_ERROR_OK) {
- rc = fallback->generate_key(fallback, &inParams, &blob, &out);
+ rc = fallback->generate_key(fallback, &inParams, &blob,
+ outCharacteristics ? &out : nullptr);
}
}
- if (out) {
- if (outCharacteristics) {
- outCharacteristics->characteristics = *out;
- } else {
- keymaster_free_characteristics(out);
- }
- free(out);
+ if (outCharacteristics) {
+ outCharacteristics->characteristics = out;
}
if (rc) {
@@ -686,18 +683,19 @@
keymaster_key_blob_t key;
key.key_material_size = keyBlob.getLength();
key.key_material = keyBlob.getValue();
- keymaster1_device_t* dev = mKeyStore->getDeviceForBlob(keyBlob);
- keymaster_key_characteristics_t* out = NULL;
+ auto* dev = mKeyStore->getDeviceForBlob(keyBlob);
+ keymaster_key_characteristics_t out = {{nullptr, 0}, {nullptr, 0}};
if (!dev->get_key_characteristics) {
- ALOGW("device does not implement get_key_characteristics");
+ ALOGE("device does not implement get_key_characteristics");
return KM_ERROR_UNIMPLEMENTED;
}
rc = dev->get_key_characteristics(dev, &key, clientId, appData, &out);
- if (out) {
- outCharacteristics->characteristics = *out;
- free(out);
+ if (rc != KM_ERROR_OK) {
+ return rc;
}
- return rc ? rc : ::NO_ERROR;
+
+ outCharacteristics->characteristics = out;
+ return ::NO_ERROR;
}
int32_t KeyStoreService::importKey(const String16& name, const KeymasterArguments& params,
@@ -713,10 +711,10 @@
rc = KM_ERROR_UNIMPLEMENTED;
bool isFallback = false;
keymaster_key_blob_t blob;
- keymaster_key_characteristics_t* out = NULL;
+ keymaster_key_characteristics_t out = {{nullptr, 0}, {nullptr, 0}};
- const keymaster1_device_t* device = mKeyStore->getDevice();
- const keymaster1_device_t* fallback = mKeyStore->getFallbackDevice();
+ const auto* device = mKeyStore->getDevice();
+ const auto* fallback = mKeyStore->getFallbackDevice();
std::vector<keymaster_key_param_t> opParams(params.params);
const keymaster_key_param_set_t inParams = {opParams.data(), opParams.size()};
const keymaster_blob_t input = {keyData, keyLength};
@@ -725,21 +723,19 @@
}
if (device->common.module->module_api_version >= KEYMASTER_MODULE_API_VERSION_1_0 &&
device->import_key != NULL) {
- rc = device->import_key(device, &inParams, format, &input, &blob, &out);
+ rc = device->import_key(device, &inParams, format, &input, &blob,
+ outCharacteristics ? &out : nullptr);
}
if (rc && fallback->import_key != NULL) {
ALOGW("Primary keymaster device failed to import key, falling back to SW.");
isFallback = true;
- rc = fallback->import_key(fallback, &inParams, format, &input, &blob, &out);
+ rc = fallback->import_key(fallback, &inParams, format, &input, &blob,
+ outCharacteristics ? &out : nullptr);
}
- if (out) {
- if (outCharacteristics) {
- outCharacteristics->characteristics = *out;
- } else {
- keymaster_free_characteristics(out);
- }
- free(out);
+ if (outCharacteristics) {
+ outCharacteristics->characteristics = out;
}
+
if (rc) {
return rc;
}
@@ -751,7 +747,7 @@
keyBlob.setFallback(isFallback);
keyBlob.setEncrypted(flags & KEYSTORE_FLAG_ENCRYPTED);
- free((void*)blob.key_material);
+ free(const_cast<uint8_t*>(blob.key_material));
return mKeyStore->put(filename.string(), &keyBlob, get_user_id(uid));
}
@@ -781,7 +777,7 @@
keymaster_key_blob_t key;
key.key_material_size = keyBlob.getLength();
key.key_material = keyBlob.getValue();
- keymaster1_device_t* dev = mKeyStore->getDeviceForBlob(keyBlob);
+ auto* dev = mKeyStore->getDeviceForBlob(keyBlob);
if (!dev->export_key) {
result->resultCode = KM_ERROR_UNIMPLEMENTED;
return;
@@ -825,7 +821,7 @@
key.key_material_size = keyBlob.getLength();
key.key_material = keyBlob.getValue();
keymaster_operation_handle_t handle;
- keymaster1_device_t* dev = mKeyStore->getDeviceForBlob(keyBlob);
+ auto* dev = mKeyStore->getDeviceForBlob(keyBlob);
keymaster_error_t err = KM_ERROR_UNIMPLEMENTED;
std::vector<keymaster_key_param_t> opParams(params.params);
Unique_keymaster_key_characteristics characteristics;
@@ -934,7 +930,7 @@
result->resultCode = KM_ERROR_INVALID_ARGUMENT;
return;
}
- const keymaster1_device_t* dev;
+ const keymaster2_device_t* dev;
keymaster_operation_handle_t handle;
keymaster_purpose_t purpose;
keymaster::km_id_t keyid;
@@ -985,7 +981,7 @@
result->resultCode = KM_ERROR_INVALID_ARGUMENT;
return;
}
- const keymaster1_device_t* dev;
+ const keymaster2_device_t* dev;
keymaster_operation_handle_t handle;
keymaster_purpose_t purpose;
keymaster::km_id_t keyid;
@@ -1014,9 +1010,10 @@
}
keymaster_key_param_set_t inParams = {opParams.data(), opParams.size()};
- keymaster_blob_t input = {signature, signatureLength};
- keymaster_blob_t output = {NULL, 0};
- keymaster_key_param_set_t outParams = {NULL, 0};
+ keymaster_blob_t input = {nullptr, 0};
+ keymaster_blob_t sig = {signature, signatureLength};
+ keymaster_blob_t output = {nullptr, 0};
+ keymaster_key_param_set_t outParams = {nullptr, 0};
// Check that all key authorization policy requirements are met.
keymaster::AuthorizationSet key_auths(characteristics->hw_enforced);
@@ -1029,7 +1026,9 @@
return;
}
- err = dev->finish(dev, handle, &inParams, &input, &outParams, &output);
+ err =
+ dev->finish(dev, handle, &inParams, &input /* TODO(swillden): wire up input to finish() */,
+ &sig, &outParams, &output);
// Remove the operation regardless of the result
mOperationMap.removeOperation(token);
mAuthTokenTable.MarkCompleted(handle);
@@ -1044,7 +1043,7 @@
}
int32_t KeyStoreService::abort(const sp<IBinder>& token) {
- const keymaster1_device_t* dev;
+ const keymaster2_device_t* dev;
keymaster_operation_handle_t handle;
keymaster_purpose_t purpose;
keymaster::km_id_t keyid;
@@ -1066,7 +1065,7 @@
}
bool KeyStoreService::isOperationAuthorized(const sp<IBinder>& token) {
- const keymaster1_device_t* dev;
+ const keymaster2_device_t* dev;
keymaster_operation_handle_t handle;
const keymaster_key_characteristics_t* characteristics;
keymaster_purpose_t purpose;
@@ -1204,7 +1203,7 @@
return false;
}
-bool KeyStoreService::isKeyTypeSupported(const keymaster1_device_t* device,
+bool KeyStoreService::isKeyTypeSupported(const keymaster2_device_t* device,
keymaster_keypair_t keyType) {
const int32_t device_api = device->common.module->module_api_version;
if (device_api == KEYMASTER_MODULE_API_VERSION_0_2) {
@@ -1250,7 +1249,7 @@
}
keymaster_error_t KeyStoreService::getOperationCharacteristics(
- const keymaster_key_blob_t& key, const keymaster1_device_t* dev,
+ const keymaster_key_blob_t& key, const keymaster2_device_t* dev,
const std::vector<keymaster_key_param_t>& params, keymaster_key_characteristics_t* out) {
UniquePtr<keymaster_blob_t> appId;
UniquePtr<keymaster_blob_t> appData;
@@ -1265,15 +1264,14 @@
appData->data_length = param.blob.data_length;
}
}
- keymaster_key_characteristics_t* result = NULL;
+ keymaster_key_characteristics_t result = {{nullptr, 0}, {nullptr, 0}};
if (!dev->get_key_characteristics) {
return KM_ERROR_UNIMPLEMENTED;
}
keymaster_error_t error =
dev->get_key_characteristics(dev, &key, appId.get(), appData.get(), &result);
- if (result) {
- *out = *result;
- free(result);
+ if (error == KM_ERROR_OK) {
+ *out = result;
}
return error;
}
@@ -1343,7 +1341,7 @@
const hw_auth_token_t* authToken = NULL;
mOperationMap.getOperationAuthToken(token, &authToken);
if (!authToken) {
- const keymaster1_device_t* dev;
+ const keymaster2_device_t* dev;
keymaster_operation_handle_t handle;
const keymaster_key_characteristics_t* characteristics = NULL;
keymaster_purpose_t purpose;
diff --git a/keystore/key_store_service.h b/keystore/key_store_service.h
index 85dc966..4fe9012 100644
--- a/keystore/key_store_service.h
+++ b/keystore/key_store_service.h
@@ -162,7 +162,7 @@
bool isKeystoreUnlocked(State state);
- bool isKeyTypeSupported(const keymaster1_device_t* device, keymaster_keypair_t keyType);
+ bool isKeyTypeSupported(const keymaster2_device_t* device, keymaster_keypair_t keyType);
/**
* Check that all keymaster_key_param_t's provided by the application are
@@ -171,7 +171,7 @@
bool checkAllowedOperationParams(const std::vector<keymaster_key_param_t>& params);
keymaster_error_t getOperationCharacteristics(const keymaster_key_blob_t& key,
- const keymaster1_device_t* dev,
+ const keymaster2_device_t* dev,
const std::vector<keymaster_key_param_t>& params,
keymaster_key_characteristics_t* out);
diff --git a/keystore/keystore.cpp b/keystore/keystore.cpp
index 25b2e82..90cfdb1 100644
--- a/keystore/keystore.cpp
+++ b/keystore/keystore.cpp
@@ -33,7 +33,7 @@
const android::String16 KeyStore::sRSAKeyType("RSA");
-KeyStore::KeyStore(Entropy* entropy, keymaster1_device_t* device, keymaster1_device_t* fallback)
+KeyStore::KeyStore(Entropy* entropy, keymaster2_device_t* device, keymaster2_device_t* fallback)
: mEntropy(entropy), mDevice(device), mFallbackDevice(fallback) {
memset(&mMetaData, '\0', sizeof(mMetaData));
}
@@ -292,7 +292,7 @@
}
}
if (keyBlob.getType() == ::TYPE_KEYMASTER_10) {
- keymaster1_device_t* dev = getDeviceForBlob(keyBlob);
+ auto* dev = getDeviceForBlob(keyBlob);
if (dev->delete_key) {
keymaster_key_blob_t blob;
blob.key_material = keyBlob.getValue();
diff --git a/keystore/keystore.h b/keystore/keystore.h
index 480b10f..b15d00f 100644
--- a/keystore/keystore.h
+++ b/keystore/keystore.h
@@ -19,7 +19,7 @@
#include "user_state.h"
-#include <hardware/keymaster1.h>
+#include <hardware/keymaster2.h>
#include <utils/Vector.h>
@@ -32,20 +32,14 @@
class KeyStore {
public:
- KeyStore(Entropy* entropy, keymaster1_device_t* device, keymaster1_device_t* fallback);
+ KeyStore(Entropy* entropy, keymaster2_device_t* device, keymaster2_device_t* fallback);
~KeyStore();
- /**
- * Depending on the hardware keymaster version is this may return a
- * keymaster0_device_t* cast to a keymaster1_device_t*. All methods from
- * keymaster0 are safe to call, calls to keymaster1_device_t methods should
- * be guarded by a check on the device's version.
- */
- keymaster1_device_t* getDevice() const { return mDevice; }
+ keymaster2_device_t* getDevice() const { return mDevice; }
- keymaster1_device_t* getFallbackDevice() const { return mFallbackDevice; }
+ keymaster2_device_t* getFallbackDevice() const { return mFallbackDevice; }
- keymaster1_device_t* getDeviceForBlob(const Blob& blob) const {
+ keymaster2_device_t* getDeviceForBlob(const Blob& blob) const {
return blob.isFallback() ? mFallbackDevice : mDevice;
}
@@ -119,8 +113,8 @@
static const android::String16 sRSAKeyType;
Entropy* mEntropy;
- keymaster1_device_t* mDevice;
- keymaster1_device_t* mFallbackDevice;
+ keymaster2_device_t* mDevice;
+ keymaster2_device_t* mFallbackDevice;
android::Vector<UserState*> mMasterKeys;
diff --git a/keystore/keystore_main.cpp b/keystore/keystore_main.cpp
index 57b94b2..a2b75f6 100644
--- a/keystore/keystore_main.cpp
+++ b/keystore/keystore_main.cpp
@@ -38,7 +38,7 @@
using keymaster::SoftKeymasterDevice;
-static int keymaster0_device_initialize(const hw_module_t* mod, keymaster1_device_t** dev) {
+static int keymaster0_device_initialize(const hw_module_t* mod, keymaster2_device_t** dev) {
assert(mod->module_api_version < KEYMASTER_MODULE_API_VERSION_1_0);
ALOGI("Found keymaster0 module %s, version %x", mod->name, mod->module_api_version);
@@ -57,11 +57,11 @@
km0_device->common.close(&km0_device->common);
km0_device = NULL;
// SoftKeymasterDevice will be deleted by keymaster_device_release()
- *dev = soft_keymaster.release()->keymaster_device();
+ *dev = soft_keymaster.release()->keymaster2_device();
return 0;
}
- ALOGE("Wrapping keymaster0 module %s with SoftKeymasterDevice", mod->name);
+ ALOGD("Wrapping keymaster0 module %s with SoftKeymasterDevice", mod->name);
error = soft_keymaster->SetHardwareDevice(km0_device);
km0_device = NULL; // SoftKeymasterDevice has taken ownership.
if (error != KM_ERROR_OK) {
@@ -70,8 +70,8 @@
goto err;
}
- // SoftKeymasterDevice will be deleted by keymaster_device_release()
- *dev = soft_keymaster.release()->keymaster_device();
+ // SoftKeymasterDevice will be deleted by keymaster_device_release()
+ *dev = soft_keymaster.release()->keymaster2_device();
return 0;
err:
@@ -81,12 +81,12 @@
return rc;
}
-static int keymaster1_device_initialize(const hw_module_t* mod, keymaster1_device_t** dev) {
+static int keymaster1_device_initialize(const hw_module_t* mod, keymaster2_device_t** dev) {
assert(mod->module_api_version >= KEYMASTER_MODULE_API_VERSION_1_0);
ALOGI("Found keymaster1 module %s, version %x", mod->name, mod->module_api_version);
UniquePtr<SoftKeymasterDevice> soft_keymaster(new SoftKeymasterDevice);
- keymaster1_device_t* km1_device = NULL;
+ keymaster1_device_t* km1_device = nullptr;
keymaster_error_t error = KM_ERROR_OK;
int rc = keymaster1_open(mod, &km1_device);
@@ -95,30 +95,18 @@
goto err;
}
+ ALOGD("Wrapping keymaster1 module %s with SofKeymasterDevice", mod->name);
error = soft_keymaster->SetHardwareDevice(km1_device);
- km1_device = NULL; // SoftKeymasterDevice has taken ownership.
+ km1_device = nullptr; // SoftKeymasterDevice has taken ownership.
if (error != KM_ERROR_OK) {
ALOGE("Got error %d from SetHardwareDevice", error);
rc = error;
goto err;
}
- if (!soft_keymaster->Keymaster1DeviceIsGood()) {
- ALOGI("Keymaster1 module is incomplete, using SoftKeymasterDevice wrapper");
- // SoftKeymasterDevice will be deleted by keymaster_device_release()
- *dev = soft_keymaster.release()->keymaster_device();
- return 0;
- } else {
- ALOGI("Keymaster1 module is good, destroying wrapper and re-opening");
- soft_keymaster.reset(NULL);
- rc = keymaster1_open(mod, &km1_device);
- if (rc) {
- ALOGE("Error %d re-opening keystore keymaster1 device.", rc);
- goto err;
- }
- *dev = km1_device;
- return 0;
- }
+ // SoftKeymasterDevice will be deleted by keymaster_device_release()
+ *dev = soft_keymaster.release()->keymaster2_device();
+ return 0;
err:
if (km1_device)
@@ -127,21 +115,46 @@
return rc;
}
-static int keymaster_device_initialize(keymaster1_device_t** dev) {
+static int keymaster2_device_initialize(const hw_module_t* mod, keymaster2_device_t** dev) {
+ assert(mod->module_api_version >= KEYMASTER_MODULE_API_VERSION_2_0);
+ ALOGI("Found keymaster2 module %s, version %x", mod->name, mod->module_api_version);
+
+ UniquePtr<SoftKeymasterDevice> soft_keymaster(new SoftKeymasterDevice);
+ keymaster2_device_t* km2_device = nullptr;
+
+ int rc = keymaster2_open(mod, &km2_device);
+ if (rc) {
+ ALOGE("Error %d opening keystore keymaster2 device", rc);
+ goto err;
+ }
+
+ *dev = km2_device;
+ return 0;
+
+err:
+ if (km2_device)
+ km2_device->common.close(&km2_device->common);
+ *dev = nullptr;
+ return rc;
+}
+
+static int keymaster_device_initialize(keymaster2_device_t** dev) {
const hw_module_t* mod;
int rc = hw_get_module_by_class(KEYSTORE_HARDWARE_MODULE_ID, NULL, &mod);
if (rc) {
ALOGI("Could not find any keystore module, using software-only implementation.");
// SoftKeymasterDevice will be deleted by keymaster_device_release()
- *dev = (new SoftKeymasterDevice)->keymaster_device();
+ *dev = (new SoftKeymasterDevice)->keymaster2_device();
return 0;
}
if (mod->module_api_version < KEYMASTER_MODULE_API_VERSION_1_0) {
return keymaster0_device_initialize(mod, dev);
- } else {
+ } else if (mod->module_api_version == KEYMASTER_MODULE_API_VERSION_1_0) {
return keymaster1_device_initialize(mod, dev);
+ } else {
+ return keymaster2_device_initialize(mod, dev);
}
}
@@ -149,13 +162,13 @@
// logger used by SoftKeymasterDevice.
static keymaster::SoftKeymasterLogger softkeymaster_logger;
-static int fallback_keymaster_device_initialize(keymaster1_device_t** dev) {
- *dev = (new SoftKeymasterDevice)->keymaster_device();
+static int fallback_keymaster_device_initialize(keymaster2_device_t** dev) {
+ *dev = (new SoftKeymasterDevice)->keymaster2_device();
// SoftKeymasterDevice will be deleted by keymaster_device_release()
return 0;
}
-static void keymaster_device_release(keymaster1_device_t* dev) {
+static void keymaster_device_release(keymaster2_device_t* dev) {
dev->common.close(&dev->common);
}
@@ -174,13 +187,13 @@
return 1;
}
- keymaster1_device_t* dev;
+ keymaster2_device_t* dev;
if (keymaster_device_initialize(&dev)) {
ALOGE("keystore keymaster could not be initialized; exiting");
return 1;
}
- keymaster1_device_t* fallback;
+ keymaster2_device_t* fallback;
if (fallback_keymaster_device_initialize(&fallback)) {
ALOGE("software keymaster could not be initialized; exiting");
return 1;
diff --git a/keystore/operation.cpp b/keystore/operation.cpp
index 3b381c4..72aa95f 100644
--- a/keystore/operation.cpp
+++ b/keystore/operation.cpp
@@ -21,12 +21,10 @@
namespace android {
OperationMap::OperationMap(IBinder::DeathRecipient* deathRecipient)
- : mDeathRecipient(deathRecipient) {
-}
+ : mDeathRecipient(deathRecipient) {}
-sp<IBinder> OperationMap::addOperation(keymaster_operation_handle_t handle,
- uint64_t keyid, keymaster_purpose_t purpose,
- const keymaster1_device_t* dev,
+sp<IBinder> OperationMap::addOperation(keymaster_operation_handle_t handle, uint64_t keyid,
+ keymaster_purpose_t purpose, const keymaster2_device_t* dev,
sp<IBinder> appToken,
keymaster_key_characteristics_t* characteristics,
bool pruneable) {
@@ -44,7 +42,7 @@
bool OperationMap::getOperation(sp<IBinder> token, keymaster_operation_handle_t* outHandle,
uint64_t* outKeyid, keymaster_purpose_t* outPurpose,
- const keymaster1_device_t** outDevice,
+ const keymaster2_device_t** outDevice,
const keymaster_key_characteristics_t** outCharacteristics) {
if (!outHandle || !outDevice) {
return false;
@@ -146,20 +144,13 @@
}
}
-OperationMap::Operation::Operation(keymaster_operation_handle_t handle_,
- uint64_t keyid_,
- keymaster_purpose_t purpose_,
- const keymaster1_device_t* device_,
+OperationMap::Operation::Operation(keymaster_operation_handle_t handle_, uint64_t keyid_,
+ keymaster_purpose_t purpose_, const keymaster2_device_t* device_,
keymaster_key_characteristics_t* characteristics_,
sp<IBinder> appToken_)
- : handle(handle_),
- keyid(keyid_),
- purpose(purpose_),
- device(device_),
- characteristics(characteristics_),
- appToken(appToken_) {
-}
+ : handle(handle_), keyid(keyid_), purpose(purpose_), device(device_),
+ characteristics(characteristics_), appToken(appToken_) {}
-OperationMap::Operation::Operation() : handle(0), device(NULL), characteristics(), appToken(NULL) {
-}
-} // namespace android
+OperationMap::Operation::Operation() : handle(0), device(NULL), characteristics(), appToken(NULL) {}
+
+} // namespace android
diff --git a/keystore/operation.h b/keystore/operation.h
index d8d1b18..eb16257 100644
--- a/keystore/operation.h
+++ b/keystore/operation.h
@@ -18,7 +18,7 @@
#define KEYSTORE_OPERATION_H_
#include <hardware/hw_auth_token.h>
-#include <hardware/keymaster1.h>
+#include <hardware/keymaster2.h>
#include <binder/Binder.h>
#include <binder/IBinder.h>
#include <utils/LruCache.h>
@@ -39,7 +39,7 @@
/**
* OperationMap handles the translation of keymaster_operation_handle_t's and
- * keymaster1_device_t's to opaque binder tokens that can be used to reference
+ * keymaster2_device_t's to opaque binder tokens that can be used to reference
* that operation at a later time by applications. It also does LRU tracking
* for operation pruning and keeps a mapping of clients to operations to allow
* for graceful handling of application death.
@@ -48,12 +48,12 @@
public:
OperationMap(IBinder::DeathRecipient* deathRecipient);
sp<IBinder> addOperation(keymaster_operation_handle_t handle, uint64_t keyid,
- keymaster_purpose_t purpose, const keymaster1_device_t* dev,
+ keymaster_purpose_t purpose, const keymaster2_device_t* dev,
sp<IBinder> appToken, keymaster_key_characteristics_t* characteristics,
bool pruneable);
bool getOperation(sp<IBinder> token, keymaster_operation_handle_t* outHandle,
uint64_t* outKeyid, keymaster_purpose_t* outPurpose,
- const keymaster1_device_t** outDev,
+ const keymaster2_device_t** outDev,
const keymaster_key_characteristics_t** outCharacteristics);
bool removeOperation(sp<IBinder> token);
bool hasPruneableOperation() const;
@@ -70,12 +70,12 @@
struct Operation {
Operation();
Operation(keymaster_operation_handle_t handle, uint64_t keyid, keymaster_purpose_t purpose,
- const keymaster1_device_t* device,
+ const keymaster2_device_t* device,
keymaster_key_characteristics_t* characteristics, sp<IBinder> appToken);
keymaster_operation_handle_t handle;
uint64_t keyid;
keymaster_purpose_t purpose;
- const keymaster1_device_t* device;
+ const keymaster2_device_t* device;
Unique_keymaster_key_characteristics characteristics;
sp<IBinder> appToken;
std::unique_ptr<hw_auth_token_t> authToken;