Merge "Delete user's keys only after keystore reset" into lmp-dev

commit: 90c4779146c9ac154fe85cd6a0775f8e1fc29be8 [log] [tgz]
author: Robin Lee <rgl@google.com> Fri Sep 26 19:22:37 2014 +0000
committer: Android (Google) Code Review <android-gerrit@google.com> Fri Sep 26 19:22:38 2014 +0000
tree: 8009432b18232a9a4ff20e050a8ad213076489e0
parent: a39da5a226975f8b75f93de255a21d526ae8d334 [diff]
parent: 4b84fdc21457e16b08dc2738f4744c9ca7f7cc46 [diff]
diff --git a/keystore/keystore.cpp b/keystore/keystore.cpp
index a24feba..63f7ee2 100644
--- a/keystore/keystore.cpp
+++ b/keystore/keystore.cpp

@@ -1239,11 +1239,14 @@
         bool isFallback = false;
         rc = mDevice->import_keypair(mDevice, key, keyLen, &data, &dataLength);
         if (rc) {
-            // If this is an old device HAL, try to fall back to an old version
-            if (mDevice->common.module->module_api_version < KEYMASTER_MODULE_API_VERSION_0_2) {
-                rc = openssl_import_keypair(mDevice, key, keyLen, &data, &dataLength);
-                isFallback = true;
-            }
+            /*
+             * Maybe the device doesn't support this type of key. Try to use the
+             * software fallback keymaster implementation. This is a little bit
+             * lazier than checking the PKCS#8 key type, but the software
+             * implementation will do that anyway.
+             */
+            rc = openssl_import_keypair(mDevice, key, keyLen, &data, &dataLength);
+            isFallback = true;
 
             if (rc) {
                 ALOGE("Error while importing keypair: %d", rc);
commit	90c4779146c9ac154fe85cd6a0775f8e1fc29be8	[log] [tgz]
author	Robin Lee <rgl@google.com>	Fri Sep 26 19:22:37 2014 +0000
committer	Android (Google) Code Review <android-gerrit@google.com>	Fri Sep 26 19:22:38 2014 +0000
tree	8009432b18232a9a4ff20e050a8ad213076489e0
parent	a39da5a226975f8b75f93de255a21d526ae8d334 [diff]
parent	4b84fdc21457e16b08dc2738f4744c9ca7f7cc46 [diff]