commit bd07a239085228c25898bc6cdece8b1b8758df83
author Chad Brubaker <cbrubaker@google.com> Mon Jun 01 10:44:27 2015 -0700
committer Chad Brubaker <cbrubaker@google.com> Mon Jun 01 10:44:27 2015 -0700
tree dd783c660a40eac3751b46fd6669e981497f6687
parent 7d0e9a4170ec1b1ed0f80c1a75131dadf3dd6abe

Use keymaster adapter to support older devices

The keymaster adapter wraps the hardware module to allow keystore to
call the new keymaster methods on it and continue using old keys created
by that device with the new methods.

Change-Id: Ica08d81c3707023d378ad5fe6562dc642f58ca90

keystore/keystore.cpp

diff --git a/keystore/keystore.cpp b/keystore/keystore.cpp
index 6bcbace..3504843 100644
--- a/keystore/keystore.cpp
+++ b/keystore/keystore.cpp
@@ -106,23 +106,31 @@
 };
 typedef UniquePtr<PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO_Delete> Unique_PKCS8_PRIV_KEY_INFO;
 
-static int keymaster_device_initialize(keymaster0_device_t** dev) {
+static int keymaster_device_initialize(keymaster1_device_t** dev) {
     int rc;
 
     const hw_module_t* mod;
+    keymaster::SoftKeymasterDevice* softkeymaster = NULL;
     rc = hw_get_module_by_class(KEYSTORE_HARDWARE_MODULE_ID, NULL, &mod);
     if (rc) {
         ALOGE("could not find any keystore module");
         goto out;
     }
 
-    rc = keymaster0_open(mod, dev);
+    rc = mod->methods->open(mod, KEYSTORE_KEYMASTER, reinterpret_cast<struct hw_device_t**>(dev));
     if (rc) {
         ALOGE("could not open keymaster device in %s (%s)",
             KEYSTORE_HARDWARE_MODULE_ID, strerror(-rc));
         goto out;
     }
 
+    // Wrap older hardware modules with a softkeymaster adapter.
+    if ((*dev)->common.module->module_api_version >= KEYMASTER_MODULE_API_VERSION_1_0) {
+        return 0;
+    }
+    softkeymaster =
+            new keymaster::SoftKeymasterDevice(reinterpret_cast<keymaster0_device_t*>(*dev));
+    *dev = softkeymaster->keymaster_device();
     return 0;
 
 out:
@@ -142,8 +150,8 @@
     return 0;
 }
 
-static void keymaster_device_release(keymaster0_device_t* dev) {
-    keymaster0_close(dev);
+static void keymaster_device_release(keymaster1_device_t* dev) {
+    dev->common.close(&dev->common);
 }
 
 /***************
@@ -3026,7 +3034,7 @@
         return 1;
     }
 
-    keymaster0_device_t* dev;
+    keymaster1_device_t* dev;
     if (keymaster_device_initialize(&dev)) {
         ALOGE("keystore keymaster could not be initialized; exiting");
         return 1;
@@ -3051,7 +3059,7 @@
         ALOGI("SELinux: Keystore SELinux is disabled.\n");
     }
 
-    KeyStore keyStore(&entropy, reinterpret_cast<keymaster1_device_t*>(dev), fallback);
+    KeyStore keyStore(&entropy, dev, fallback);
     keyStore.initialize();
     android::sp<android::IServiceManager> sm = android::defaultServiceManager();
     android::sp<android::KeyStoreProxy> proxy = new android::KeyStoreProxy(&keyStore);