1 /*
2 **
3 ** Copyright 2016, The Android Open Source Project
4 **
5 ** Licensed under the Apache License, Version 2.0 (the "License");
6 ** you may not use this file except in compliance with the License.
7 ** You may obtain a copy of the License at
8 **
9 ** http://www.apache.org/licenses/LICENSE-2.0
10 **
11 ** Unless required by applicable law or agreed to in writing, software
12 ** distributed under the License is distributed on an "AS IS" BASIS,
13 ** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 ** See the License for the specific language governing permissions and
15 ** limitations under the License.
16 */
17
18 #define LOG_TAG "android.hardware.keymaster@3.0-impl"
19
20 #include "include/AndroidKeymaster3Device.h"
21
22 #include <android/log.h>
23
24 #include "include/authorization_set.h"
25
26 #include <keymaster/android_keymaster.h>
27 #include <keymaster/android_keymaster_messages.h>
28 #include <keymaster/contexts/soft_keymaster_context.h>
29 #include <keymaster/contexts/keymaster0_passthrough_context.h>
30 #include <keymaster/contexts/keymaster1_passthrough_context.h>
31 #include <keymaster/contexts/keymaster2_passthrough_context.h>
32 #include <keymaster/contexts/pure_soft_keymaster_context.h>
33 #include <keymaster/keymaster_configuration.h>
34 #include <keymaster/keymaster_enforcement.h>
35 #include <keymaster/km_openssl/soft_keymaster_enforcement.h>
36
37 using ::keymaster::AddEntropyRequest;
38 using ::keymaster::AddEntropyResponse;
39 using ::keymaster::AttestKeyRequest;
40 using ::keymaster::AttestKeyResponse;
41 using ::keymaster::AuthorizationSet;
42 using ::keymaster::ExportKeyRequest;
43 using ::keymaster::ExportKeyResponse;
44 using ::keymaster::GenerateKeyRequest;
45 using ::keymaster::GenerateKeyResponse;
46 using ::keymaster::GetKeyCharacteristicsRequest;
47 using ::keymaster::GetKeyCharacteristicsResponse;
48 using ::keymaster::ImportKeyRequest;
49 using ::keymaster::ImportKeyResponse;
50 using ::keymaster::BeginOperationRequest;
51 using ::keymaster::BeginOperationResponse;
52 using ::keymaster::UpdateOperationRequest;
53 using ::keymaster::UpdateOperationResponse;
54 using ::keymaster::FinishOperationRequest;
55 using ::keymaster::FinishOperationResponse;
56 using ::keymaster::AbortOperationRequest;
57 using ::keymaster::AbortOperationResponse;
58
59 namespace keymaster {
60 namespace ng {
61
62 namespace {
63
64 constexpr size_t kOperationTableSize = 16;
65
legacy_enum_conversion(const Tag value)66 inline keymaster_tag_t legacy_enum_conversion(const Tag value) {
67 return keymaster_tag_t(value);
68 }
legacy_enum_conversion(const keymaster_tag_t value)69 inline Tag legacy_enum_conversion(const keymaster_tag_t value) {
70 return Tag(value);
71 }
legacy_enum_conversion(const KeyPurpose value)72 inline keymaster_purpose_t legacy_enum_conversion(const KeyPurpose value) {
73 return keymaster_purpose_t(value);
74 }
legacy_enum_conversion(const KeyFormat value)75 inline keymaster_key_format_t legacy_enum_conversion(const KeyFormat value) {
76 return keymaster_key_format_t(value);
77 }
legacy_enum_conversion(const keymaster_error_t value)78 inline ErrorCode legacy_enum_conversion(const keymaster_error_t value) {
79 return ErrorCode(value);
80 }
81
typeFromTag(const keymaster_tag_t tag)82 inline keymaster_tag_type_t typeFromTag(const keymaster_tag_t tag) {
83 return keymaster_tag_get_type(tag);
84 }
85
86 class KmParamSet : public keymaster_key_param_set_t {
87 public:
KmParamSet(const hidl_vec<KeyParameter> & keyParams)88 explicit KmParamSet(const hidl_vec<KeyParameter>& keyParams) {
89 params = new keymaster_key_param_t[keyParams.size()];
90 length = keyParams.size();
91 for (size_t i = 0; i < keyParams.size(); ++i) {
92 auto tag = legacy_enum_conversion(keyParams[i].tag);
93 switch (typeFromTag(tag)) {
94 case KM_ENUM:
95 case KM_ENUM_REP:
96 params[i] = keymaster_param_enum(tag, keyParams[i].f.integer);
97 break;
98 case KM_UINT:
99 case KM_UINT_REP:
100 params[i] = keymaster_param_int(tag, keyParams[i].f.integer);
101 break;
102 case KM_ULONG:
103 case KM_ULONG_REP:
104 params[i] = keymaster_param_long(tag, keyParams[i].f.longInteger);
105 break;
106 case KM_DATE:
107 params[i] = keymaster_param_date(tag, keyParams[i].f.dateTime);
108 break;
109 case KM_BOOL:
110 if (keyParams[i].f.boolValue)
111 params[i] = keymaster_param_bool(tag);
112 else
113 params[i].tag = KM_TAG_INVALID;
114 break;
115 case KM_BIGNUM:
116 case KM_BYTES:
117 params[i] =
118 keymaster_param_blob(tag, &keyParams[i].blob[0], keyParams[i].blob.size());
119 break;
120 case KM_INVALID:
121 default:
122 params[i].tag = KM_TAG_INVALID;
123 /* just skip */
124 break;
125 }
126 }
127 }
KmParamSet(KmParamSet && other)128 KmParamSet(KmParamSet&& other) : keymaster_key_param_set_t{other.params, other.length} {
129 other.length = 0;
130 other.params = nullptr;
131 }
132 KmParamSet(const KmParamSet&) = delete;
~KmParamSet()133 ~KmParamSet() { delete[] params; }
134 };
135
kmBlob2hidlVec(const keymaster_key_blob_t & blob)136 inline hidl_vec<uint8_t> kmBlob2hidlVec(const keymaster_key_blob_t& blob) {
137 hidl_vec<uint8_t> result;
138 result.setToExternal(const_cast<unsigned char*>(blob.key_material), blob.key_material_size);
139 return result;
140 }
141
kmBlob2hidlVec(const keymaster_blob_t & blob)142 inline hidl_vec<uint8_t> kmBlob2hidlVec(const keymaster_blob_t& blob) {
143 hidl_vec<uint8_t> result;
144 result.setToExternal(const_cast<unsigned char*>(blob.data), blob.data_length);
145 return result;
146 }
147
kmBuffer2hidlVec(const::keymaster::Buffer & buf)148 inline hidl_vec<uint8_t> kmBuffer2hidlVec(const ::keymaster::Buffer& buf) {
149 hidl_vec<uint8_t> result;
150 result.setToExternal(const_cast<unsigned char*>(buf.peek_read()), buf.available_read());
151 return result;
152 }
153
154 inline static hidl_vec<hidl_vec<uint8_t>>
kmCertChain2Hidl(const keymaster_cert_chain_t & cert_chain)155 kmCertChain2Hidl(const keymaster_cert_chain_t& cert_chain) {
156 hidl_vec<hidl_vec<uint8_t>> result;
157 if (!cert_chain.entry_count || !cert_chain.entries) return result;
158
159 result.resize(cert_chain.entry_count);
160 for (size_t i = 0; i < cert_chain.entry_count; ++i) {
161 result[i] = kmBlob2hidlVec(cert_chain.entries[i]);
162 }
163
164 return result;
165 }
166
kmParamSet2Hidl(const keymaster_key_param_set_t & set)167 static inline hidl_vec<KeyParameter> kmParamSet2Hidl(const keymaster_key_param_set_t& set) {
168 hidl_vec<KeyParameter> result;
169 if (set.length == 0 || set.params == nullptr) return result;
170
171 result.resize(set.length);
172 keymaster_key_param_t* params = set.params;
173 for (size_t i = 0; i < set.length; ++i) {
174 auto tag = params[i].tag;
175 result[i].tag = legacy_enum_conversion(tag);
176 switch (typeFromTag(tag)) {
177 case KM_ENUM:
178 case KM_ENUM_REP:
179 result[i].f.integer = params[i].enumerated;
180 break;
181 case KM_UINT:
182 case KM_UINT_REP:
183 result[i].f.integer = params[i].integer;
184 break;
185 case KM_ULONG:
186 case KM_ULONG_REP:
187 result[i].f.longInteger = params[i].long_integer;
188 break;
189 case KM_DATE:
190 result[i].f.dateTime = params[i].date_time;
191 break;
192 case KM_BOOL:
193 result[i].f.boolValue = params[i].boolean;
194 break;
195 case KM_BIGNUM:
196 case KM_BYTES:
197 result[i].blob.setToExternal(const_cast<unsigned char*>(params[i].blob.data),
198 params[i].blob.data_length);
199 break;
200 case KM_INVALID:
201 default:
202 params[i].tag = KM_TAG_INVALID;
203 /* just skip */
204 break;
205 }
206 }
207 return result;
208 }
209
addClientAndAppData(const hidl_vec<uint8_t> & clientId,const hidl_vec<uint8_t> & appData,::keymaster::AuthorizationSet * params)210 void addClientAndAppData(const hidl_vec<uint8_t>& clientId, const hidl_vec<uint8_t>& appData,
211 ::keymaster::AuthorizationSet* params) {
212 params->Clear();
213 if (clientId.size()) {
214 params->push_back(::keymaster::TAG_APPLICATION_ID, clientId.data(), clientId.size());
215 }
216 if (appData.size()) {
217 params->push_back(::keymaster::TAG_APPLICATION_DATA, appData.data(), appData.size());
218 }
219 }
220
221 } // anonymous namespace
222
AndroidKeymaster3Device()223 AndroidKeymaster3Device::AndroidKeymaster3Device()
224 : impl_(new ::keymaster::AndroidKeymaster(
225 [] () -> auto {
226 auto context = new PureSoftKeymasterContext();
227 context->SetSystemVersion(GetOsVersion(), GetOsPatchlevel());
228 return context;
229 } (), kOperationTableSize)), profile_(KeymasterHardwareProfile::SW) {}
230
231
AndroidKeymaster3Device(KeymasterContext * context,KeymasterHardwareProfile profile)232 AndroidKeymaster3Device::AndroidKeymaster3Device(KeymasterContext* context, KeymasterHardwareProfile profile)
233 : impl_(new ::keymaster::AndroidKeymaster(context, kOperationTableSize)), profile_(profile) {}
234
~AndroidKeymaster3Device()235 AndroidKeymaster3Device::~AndroidKeymaster3Device() {}
236
237 // Methods from ::android::hardware::keymaster::V3_0::IKeymasterDevice follow.
getHardwareFeatures(getHardwareFeatures_cb _hidl_cb)238 Return<void> AndroidKeymaster3Device::getHardwareFeatures(getHardwareFeatures_cb _hidl_cb) {
239 switch(profile_) {
240 case KeymasterHardwareProfile::KM0:
241 _hidl_cb(true /* is_secure */, false /* supports_ec */,
242 false /* supports_symmetric_cryptography */, false /* supports_attestation */,
243 false /* supportsAllDigests */, "SoftwareWrappedKeymaster0Device", "Google");
244 break;
245 case KeymasterHardwareProfile::KM1:
246 _hidl_cb(true /* is_secure */, true /* supports_ec */,
247 true /* supports_symmetric_cryptography */, false /* supports_attestation */,
248 false /* supportsAllDigests */, "SoftwareWrappedKeymaster1Device", "Google");
249 break;
250 case KeymasterHardwareProfile::KM2:
251 _hidl_cb(true /* is_secure */, true /* supports_ec */,
252 true /* supports_symmetric_cryptography */, true /* supports_attestation */,
253 true /* supportsAllDigests */, "SoftwareWrappedKeymaster2Device", "Google");
254 break;
255 case KeymasterHardwareProfile::SW:
256 default:
257 _hidl_cb(false /* is_secure */, false /* supports_ec */,
258 false /* supports_symmetric_cryptography */, false /* supports_attestation */,
259 false /* supportsAllDigests */, "SoftwareKeymasterDevice", "Google");
260 break;
261 }
262 return Void();
263 }
264
addRngEntropy(const hidl_vec<uint8_t> & data)265 Return<ErrorCode> AndroidKeymaster3Device::addRngEntropy(const hidl_vec<uint8_t>& data) {
266 if (data.size() == 0) return ErrorCode::OK;
267 AddEntropyRequest request;
268 request.random_data.Reinitialize(data.data(), data.size());
269
270 AddEntropyResponse response;
271 impl_->AddRngEntropy(request, &response);
272
273 return legacy_enum_conversion(response.error);
274 }
275
generateKey(const hidl_vec<KeyParameter> & keyParams,generateKey_cb _hidl_cb)276 Return<void> AndroidKeymaster3Device::generateKey(const hidl_vec<KeyParameter>& keyParams,
277 generateKey_cb _hidl_cb) {
278 GenerateKeyRequest request;
279 request.key_description.Reinitialize(KmParamSet(keyParams));
280
281 GenerateKeyResponse response;
282 impl_->GenerateKey(request, &response);
283
284 KeyCharacteristics resultCharacteristics;
285 hidl_vec<uint8_t> resultKeyBlob;
286 if (response.error == KM_ERROR_OK) {
287 resultKeyBlob = kmBlob2hidlVec(response.key_blob);
288 resultCharacteristics.teeEnforced = kmParamSet2Hidl(response.enforced);
289 resultCharacteristics.softwareEnforced = kmParamSet2Hidl(response.unenforced);
290 }
291 _hidl_cb(legacy_enum_conversion(response.error), resultKeyBlob, resultCharacteristics);
292 return Void();
293 }
294
getKeyCharacteristics(const hidl_vec<uint8_t> & keyBlob,const hidl_vec<uint8_t> & clientId,const hidl_vec<uint8_t> & appData,getKeyCharacteristics_cb _hidl_cb)295 Return<void> AndroidKeymaster3Device::getKeyCharacteristics(const hidl_vec<uint8_t>& keyBlob,
296 const hidl_vec<uint8_t>& clientId,
297 const hidl_vec<uint8_t>& appData,
298 getKeyCharacteristics_cb _hidl_cb) {
299 GetKeyCharacteristicsRequest request;
300 request.SetKeyMaterial(keyBlob.data(), keyBlob.size());
301 addClientAndAppData(clientId, appData, &request.additional_params);
302
303 GetKeyCharacteristicsResponse response;
304 impl_->GetKeyCharacteristics(request, &response);
305
306 KeyCharacteristics resultCharacteristics;
307 if (response.error == KM_ERROR_OK) {
308 resultCharacteristics.teeEnforced = kmParamSet2Hidl(response.enforced);
309 resultCharacteristics.softwareEnforced = kmParamSet2Hidl(response.unenforced);
310 }
311 _hidl_cb(legacy_enum_conversion(response.error), resultCharacteristics);
312 return Void();
313 }
314
importKey(const hidl_vec<KeyParameter> & params,KeyFormat keyFormat,const hidl_vec<uint8_t> & keyData,importKey_cb _hidl_cb)315 Return<void> AndroidKeymaster3Device::importKey(const hidl_vec<KeyParameter>& params,
316 KeyFormat keyFormat, const hidl_vec<uint8_t>& keyData,
317 importKey_cb _hidl_cb) {
318 ImportKeyRequest request;
319 request.key_description.Reinitialize(KmParamSet(params));
320 request.key_format = legacy_enum_conversion(keyFormat);
321 request.SetKeyMaterial(keyData.data(), keyData.size());
322
323 ImportKeyResponse response;
324 impl_->ImportKey(request, &response);
325
326 KeyCharacteristics resultCharacteristics;
327 hidl_vec<uint8_t> resultKeyBlob;
328 if (response.error == KM_ERROR_OK) {
329 resultKeyBlob = kmBlob2hidlVec(response.key_blob);
330 resultCharacteristics.teeEnforced = kmParamSet2Hidl(response.enforced);
331 resultCharacteristics.softwareEnforced = kmParamSet2Hidl(response.unenforced);
332 }
333 _hidl_cb(legacy_enum_conversion(response.error), resultKeyBlob, resultCharacteristics);
334 return Void();
335 }
336
exportKey(KeyFormat exportFormat,const hidl_vec<uint8_t> & keyBlob,const hidl_vec<uint8_t> & clientId,const hidl_vec<uint8_t> & appData,exportKey_cb _hidl_cb)337 Return<void> AndroidKeymaster3Device::exportKey(KeyFormat exportFormat,
338 const hidl_vec<uint8_t>& keyBlob,
339 const hidl_vec<uint8_t>& clientId,
340 const hidl_vec<uint8_t>& appData,
341 exportKey_cb _hidl_cb) {
342 ExportKeyRequest request;
343 request.key_format = legacy_enum_conversion(exportFormat);
344 request.SetKeyMaterial(keyBlob.data(), keyBlob.size());
345 addClientAndAppData(clientId, appData, &request.additional_params);
346
347 ExportKeyResponse response;
348 impl_->ExportKey(request, &response);
349
350 hidl_vec<uint8_t> resultKeyBlob;
351 if (response.error == KM_ERROR_OK) {
352 resultKeyBlob.setToExternal(response.key_data, response.key_data_length);
353 }
354 _hidl_cb(legacy_enum_conversion(response.error), resultKeyBlob);
355 return Void();
356 }
357
attestKey(const hidl_vec<uint8_t> & keyToAttest,const hidl_vec<KeyParameter> & attestParams,attestKey_cb _hidl_cb)358 Return<void> AndroidKeymaster3Device::attestKey(const hidl_vec<uint8_t>& keyToAttest,
359 const hidl_vec<KeyParameter>& attestParams,
360 attestKey_cb _hidl_cb) {
361 AttestKeyRequest request;
362 request.SetKeyMaterial(keyToAttest.data(), keyToAttest.size());
363 request.attest_params.Reinitialize(KmParamSet(attestParams));
364
365 AttestKeyResponse response;
366 impl_->AttestKey(request, &response);
367
368 hidl_vec<hidl_vec<uint8_t>> resultCertChain;
369 if (response.error == KM_ERROR_OK) {
370 resultCertChain = kmCertChain2Hidl(response.certificate_chain);
371 }
372 _hidl_cb(legacy_enum_conversion(response.error), resultCertChain);
373 return Void();
374 }
375
upgradeKey(const hidl_vec<uint8_t> & keyBlobToUpgrade,const hidl_vec<KeyParameter> & upgradeParams,upgradeKey_cb _hidl_cb)376 Return<void> AndroidKeymaster3Device::upgradeKey(const hidl_vec<uint8_t>& keyBlobToUpgrade,
377 const hidl_vec<KeyParameter>& upgradeParams,
378 upgradeKey_cb _hidl_cb) {
379 // There's nothing to be done to upgrade software key blobs. Further, the software
380 // implementation never returns ErrorCode::KEY_REQUIRES_UPGRADE, so this should never be called.
381 UpgradeKeyRequest request;
382 request.SetKeyMaterial(keyBlobToUpgrade.data(), keyBlobToUpgrade.size());
383 request.upgrade_params.Reinitialize(KmParamSet(upgradeParams));
384
385 UpgradeKeyResponse response;
386 impl_->UpgradeKey(request, &response);
387
388 if (response.error == KM_ERROR_OK){
389 _hidl_cb(ErrorCode::OK, kmBlob2hidlVec(response.upgraded_key));
390 } else {
391 _hidl_cb(legacy_enum_conversion(response.error), hidl_vec<uint8_t>());
392 }
393 return Void();
394 }
395
deleteKey(const hidl_vec<uint8_t> & keyBlob)396 Return<ErrorCode> AndroidKeymaster3Device::deleteKey(const hidl_vec<uint8_t>& keyBlob) {
397 // There's nothing to be done to delete software key blobs.
398 DeleteKeyRequest request;
399 request.SetKeyMaterial(keyBlob.data(), keyBlob.size());
400
401 DeleteKeyResponse response;
402 impl_->DeleteKey(request, &response);
403
404 return legacy_enum_conversion(response.error);
405 }
406
deleteAllKeys()407 Return<ErrorCode> AndroidKeymaster3Device::deleteAllKeys() {
408 // There's nothing to be done to delete software key blobs.
409 DeleteAllKeysRequest request;
410 DeleteAllKeysResponse response;
411 impl_->DeleteAllKeys(request, &response);
412
413 return legacy_enum_conversion(response.error);
414 }
415
destroyAttestationIds()416 Return<ErrorCode> AndroidKeymaster3Device::destroyAttestationIds() {
417 return ErrorCode::UNIMPLEMENTED;
418 }
419
begin(KeyPurpose purpose,const hidl_vec<uint8_t> & key,const hidl_vec<KeyParameter> & inParams,begin_cb _hidl_cb)420 Return<void> AndroidKeymaster3Device::begin(KeyPurpose purpose, const hidl_vec<uint8_t>& key,
421 const hidl_vec<KeyParameter>& inParams, begin_cb _hidl_cb) {
422
423 BeginOperationRequest request;
424 request.purpose = legacy_enum_conversion(purpose);
425 request.SetKeyMaterial(key.data(), key.size());
426 request.additional_params.Reinitialize(KmParamSet(inParams));
427
428 BeginOperationResponse response;
429 impl_->BeginOperation(request, &response);
430
431 hidl_vec<KeyParameter> resultParams;
432 if (response.error == KM_ERROR_OK) {
433 resultParams = kmParamSet2Hidl(response.output_params);
434 }
435
436 _hidl_cb(legacy_enum_conversion(response.error), resultParams, response.op_handle);
437 return Void();
438 }
439
update(uint64_t operationHandle,const hidl_vec<KeyParameter> & inParams,const hidl_vec<uint8_t> & input,update_cb _hidl_cb)440 Return<void> AndroidKeymaster3Device::update(uint64_t operationHandle,
441 const hidl_vec<KeyParameter>& inParams,
442 const hidl_vec<uint8_t>& input, update_cb _hidl_cb) {
443 UpdateOperationRequest request;
444 request.op_handle = operationHandle;
445 request.input.Reinitialize(input.data(), input.size());
446 request.additional_params.Reinitialize(KmParamSet(inParams));
447
448 UpdateOperationResponse response;
449 impl_->UpdateOperation(request, &response);
450
451 uint32_t resultConsumed = 0;
452 hidl_vec<KeyParameter> resultParams;
453 hidl_vec<uint8_t> resultBlob;
454 if (response.error == KM_ERROR_OK) {
455 resultConsumed = response.input_consumed;
456 resultParams = kmParamSet2Hidl(response.output_params);
457 resultBlob = kmBuffer2hidlVec(response.output);
458 }
459 _hidl_cb(legacy_enum_conversion(response.error), resultConsumed, resultParams, resultBlob);
460 return Void();
461 }
462
finish(uint64_t operationHandle,const hidl_vec<KeyParameter> & inParams,const hidl_vec<uint8_t> & input,const hidl_vec<uint8_t> & signature,finish_cb _hidl_cb)463 Return<void> AndroidKeymaster3Device::finish(uint64_t operationHandle,
464 const hidl_vec<KeyParameter>& inParams,
465 const hidl_vec<uint8_t>& input,
466 const hidl_vec<uint8_t>& signature, finish_cb _hidl_cb) {
467 FinishOperationRequest request;
468 request.op_handle = operationHandle;
469 request.input.Reinitialize(input.data(), input.size());
470 request.signature.Reinitialize(signature.data(), signature.size());
471 request.additional_params.Reinitialize(KmParamSet(inParams));
472
473 FinishOperationResponse response;
474 impl_->FinishOperation(request, &response);
475
476 hidl_vec<KeyParameter> resultParams;
477 hidl_vec<uint8_t> resultBlob;
478 if (response.error == KM_ERROR_OK) {
479 resultParams = kmParamSet2Hidl(response.output_params);
480 resultBlob = kmBuffer2hidlVec(response.output);
481 }
482 _hidl_cb(legacy_enum_conversion(response.error), resultParams, resultBlob);
483 return Void();
484 }
485
abort(uint64_t operationHandle)486 Return<ErrorCode> AndroidKeymaster3Device::abort(uint64_t operationHandle) {
487 AbortOperationRequest request;
488 request.op_handle = operationHandle;
489
490 AbortOperationResponse response;
491 impl_->AbortOperation(request, &response);
492
493 return legacy_enum_conversion(response.error);
494 }
495
CreateKeymasterDevice()496 IKeymasterDevice* CreateKeymasterDevice() {
497 return new AndroidKeymaster3Device();
498 }
CreateKeymasterDevice(keymaster2_device_t * km2_device)499 IKeymasterDevice* CreateKeymasterDevice(keymaster2_device_t* km2_device) {
500 if (ConfigureDevice(km2_device) != KM_ERROR_OK) return nullptr;
501 auto context = new Keymaster2PassthroughContext(km2_device);
502 context->SetSystemVersion(GetOsVersion(), GetOsPatchlevel());
503 return new AndroidKeymaster3Device(context, KeymasterHardwareProfile::KM2);
504 }
CreateKeymasterDevice(keymaster1_device_t * km1_device)505 IKeymasterDevice* CreateKeymasterDevice(keymaster1_device_t* km1_device) {
506 auto context = new Keymaster1PassthroughContext(km1_device);
507 context->SetSystemVersion(GetOsVersion(), GetOsPatchlevel());
508 return new AndroidKeymaster3Device(context, KeymasterHardwareProfile::KM1);
509 }
CreateKeymasterDevice(keymaster0_device_t * km0_device)510 IKeymasterDevice* CreateKeymasterDevice(keymaster0_device_t* km0_device) {
511 auto context = new Keymaster0PassthroughContext(km0_device);
512 context->SetSystemVersion(GetOsVersion(), GetOsPatchlevel());
513 return new AndroidKeymaster3Device(context, KeymasterHardwareProfile::KM0);
514 }
515
516 } // namespace ng
517 } // namespace keymaster
518