Keystore 2.0: Add keystore2 support to the keystore-engine.

Test: ??? Bug: 173546268 Bug: 171305607 Bug: 175068876 Change-Id: Ib44a8787d31a994453ab56022546cfbc5b76516e
TeamWin · Feb 24, 2021 · 670122f · 670122f
1 parent 5eeb3d1
commit 670122f
Show file tree

Hide file tree

Showing 4 changed files with 453 additions and 3 deletions.
diff --git a/keystore-engine/Android.bp b/keystore-engine/Android.bp
@@ -27,6 +27,7 @@ cc_library_shared {
     srcs: [
         "android_engine.cpp",
         "keystore_backend_binder.cpp",
+        "keystore2_engine.cpp",
     ],
 
     cflags: [
@@ -36,7 +37,9 @@ cc_library_shared {
     ],
 
     shared_libs: [
+        "android.system.keystore2-V1-ndk_platform",
         "libbinder",
+        "libbinder_ndk",
         "libcrypto",
         "libcutils",
         "libhidlbase",
@@ -58,6 +61,7 @@ cc_library_shared {
     srcs: [
         "android_engine.cpp",
         "keystore_backend_hidl.cpp",
+        "keystore2_engine.cpp",
     ],
 
     cflags: [
@@ -68,7 +72,10 @@ cc_library_shared {
     ],
 
     shared_libs: [
+        "android.system.keystore2-V1-ndk_platform",
         "[email protected]",
+        "libbase",
+        "libbinder_ndk",
         "libcrypto",
         "liblog",
         "libhidlbase",

diff --git a/keystore-engine/android_engine.cpp b/keystore-engine/android_engine.cpp
@@ -23,10 +23,7 @@
 #define LOG_TAG "keystore-engine"
 
 #include <pthread.h>
-#include <sys/socket.h>
-#include <stdarg.h>
 #include <string.h>
-#include <unistd.h>
 
 #include <log/log.h>
 
@@ -41,6 +38,8 @@
 
 #include <memory>
 
+#include "keystore2_engine.h"
+
 #ifndef BACKEND_WIFI_HIDL
 #include "keystore_backend_binder.h"
 #else
@@ -335,6 +334,10 @@ EVP_PKEY* EVP_PKEY_from_keystore(const char* key_id) __attribute__((visibility("
 EVP_PKEY* EVP_PKEY_from_keystore(const char* key_id) {
     ALOGV("EVP_PKEY_from_keystore(\"%s\")", key_id);
 
+    if (auto ks2_key = EVP_PKEY_from_keystore2(key_id)) {
+        return ks2_key;
+    }
+
     ensure_keystore_engine();
 
     uint8_t *pubkey = nullptr;