commit d91418f7961cb0b9db050aa35f934c729c61437d
author Kenny Root <kroot@google.com> Fri Sep 26 04:30:55 2014 +0000
committer Android Git Automerger <android-git-automerger@android.com> Fri Sep 26 04:30:55 2014 +0000
tree 6fc9604b4502913ec8cc57f43ec6173ceb401982
parent f33c72fcd7b8e599e5d3d096ea3912fa3c53ff07
parent a39da5a226975f8b75f93de255a21d526ae8d334

am a39da5a2: Fallback to software keystore on import_key failure

* commit 'a39da5a226975f8b75f93de255a21d526ae8d334':
  Fallback to software keystore on import_key failure

keystore/keystore.cpp

diff --git a/keystore/keystore.cpp b/keystore/keystore.cpp
index 1dd3af0..3372d04 100644
--- a/keystore/keystore.cpp
+++ b/keystore/keystore.cpp
@@ -1162,11 +1162,14 @@
         bool isFallback = false;
         rc = mDevice->import_keypair(mDevice, key, keyLen, &data, &dataLength);
         if (rc) {
-            // If this is an old device HAL, try to fall back to an old version
-            if (mDevice->common.module->module_api_version < KEYMASTER_MODULE_API_VERSION_0_2) {
-                rc = openssl_import_keypair(mDevice, key, keyLen, &data, &dataLength);
-                isFallback = true;
-            }
+            /*
+             * Maybe the device doesn't support this type of key. Try to use the
+             * software fallback keymaster implementation. This is a little bit
+             * lazier than checking the PKCS#8 key type, but the software
+             * implementation will do that anyway.
+             */
+            rc = openssl_import_keypair(mDevice, key, keyLen, &data, &dataLength);
+            isFallback = true;
 
             if (rc) {
                 ALOGE("Error while importing keypair: %d", rc);