Configure keymaster with OS version info.

Change-Id: Ia09591dbea04ff5d45370b47341efa5bf34604ce

1 files changed, 22 insertions, 0 deletions

diff --git a/keystore/keystore_main.cpp b/keystore/keystore_main.cpp
index a2b75f65..e84fb371 100644
--- a/keystore/keystore_main.cpp
+++ b/keystore/keystore_main.cpp
@@ -17,6 +17,7 @@
 //#define LOG_NDEBUG 0
 #define LOG_TAG "keystore"
 
+#include <keymaster/keymaster_configuration.h>
 #include <keymaster/soft_keymaster_device.h>
 #include <keymaster/soft_keymaster_logger.h>
 
@@ -36,8 +37,24 @@
  * user-defined password. To keep things simple, buffers are always larger than
  * the maximum space we needed, so boundary checks on buffers are omitted. */
 
+using keymaster::AuthorizationSet;
+using keymaster::AuthorizationSetBuilder;
 using keymaster::SoftKeymasterDevice;
 
+static int configure_keymaster_devices(keymaster2_device_t* main, keymaster2_device_t* fallback) {
+    keymaster_error_t error = keymaster::ConfigureDevice(main);
+    if (error != KM_ERROR_OK) {
+        return -1;
+    }
+
+    error = keymaster::ConfigureDevice(fallback);
+    if (error != KM_ERROR_OK) {
+        return -1;
+    }
+
+    return 0;
+}
+
 static int keymaster0_device_initialize(const hw_module_t* mod, keymaster2_device_t** dev) {
     assert(mod->module_api_version < KEYMASTER_MODULE_API_VERSION_1_0);
     ALOGI("Found keymaster0 module %s, version %x", mod->name, mod->module_api_version);
@@ -199,6 +216,11 @@ int main(int argc, char* argv[]) {
         return 1;
     }
 
+    if (configure_keymaster_devices(dev, fallback)) {
+        ALOGE("Keymaster devices could not be configured; exiting");
+        return 1;
+    }
+
     if (configure_selinux() == -1) {
         return -1;
     }