keystore: switch to multi-user version.
diff --git a/cmds/keystore/Android.mk b/cmds/keystore/Android.mk
index 8804636..1b1bebd 100644
--- a/cmds/keystore/Android.mk
+++ b/cmds/keystore/Android.mk
@@ -1,22 +1,32 @@
-ifneq ($(TARGET_SIMULATOR),true)
+#
+# Copyright (C) 2009 The Android Open Source Project
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
LOCAL_PATH:= $(call my-dir)
+
include $(CLEAR_VARS)
-
-LOCAL_SRC_FILES:= \
- netkeystore.c netkeystore_main.c keymgmt.c
-
-LOCAL_C_INCLUDES := \
- $(call include-path-for, system-core)/cutils \
- external/openssl/include
-
-LOCAL_SHARED_LIBRARIES := \
- libcutils libssl
-
-LOCAL_STATIC_LIBRARIES :=
-
+LOCAL_SRC_FILES := keystore.c
+LOCAL_C_INCLUDES := external/openssl/include
+LOCAL_SHARED_LIBRARIES := libcutils libcrypto
LOCAL_MODULE:= keystore
-
include $(BUILD_EXECUTABLE)
-endif # !simulator))
+include $(CLEAR_VARS)
+LOCAL_SRC_FILES := keystore_cli.c
+LOCAL_C_INCLUDES := external/openssl/include
+LOCAL_SHARED_LIBRARIES := libcutils libcrypto
+LOCAL_MODULE:= keystore_cli
+LOCAL_MODULE_TAGS := debug
+include $(BUILD_EXECUTABLE)
diff --git a/cmds/keystore/keystore.c b/cmds/keystore/keystore.c
index 2bcba97..5007891 100644
--- a/cmds/keystore/keystore.c
+++ b/cmds/keystore/keystore.c
@@ -217,8 +217,10 @@
/* Here are the actions. Each of them is a function without arguments. All
* information is defined in global variables, which are set properly before
* performing an action. The number of parameters required by each action is
- * fixed and defined in a table. Note that the lengths of parameters are checked
- * when they are received, so boundary checks on parameters are omitted. */
+ * fixed and defined in a table. If the return value of an action is positive,
+ * it will be treated as a response code and transmitted to the client. Note
+ * that the lengths of parameters are checked when they are received, so
+ * boundary checks on parameters are omitted. */
#define MAX_PARAM 2
#define MAX_RETRY 4
@@ -321,12 +323,10 @@
return SYSTEM_ERROR;
}
while ((file = readdir(dir)) != NULL) {
- if (strcmp(".", file->d_name) || strcmp("..", file->d_name)) {
- unlink(file->d_name);
- }
+ unlink(file->d_name);
}
closedir(dir);
- return UNINITIALIZED;
+ return NO_ERROR;
}
#define MASTER_KEY_FILE ".masterkey"
@@ -387,7 +387,7 @@
memset(&encryption_key, 0, sizeof(encryption_key));
memset(&decryption_key, 0, sizeof(decryption_key));
state = LOCKED;
- return LOCKED;
+ return NO_ERROR;
}
static int8_t unlock()
diff --git a/cmds/keystore/keystore_cli.c b/cmds/keystore/keystore_cli.c
index b0b76ff..e8afb5a 100644
--- a/cmds/keystore/keystore_cli.c
+++ b/cmds/keystore/keystore_cli.c
@@ -53,8 +53,8 @@
return 0;
}
- sock = socket_local_client("keystore",
- ANDROID_SOCKET_NAMESPACE_RESERVED, SOCK_STREAM);
+ sock = socket_local_client("keystore", ANDROID_SOCKET_NAMESPACE_RESERVED,
+ SOCK_STREAM);
if (sock == -1) {
puts("Failed to connect");
return 1;
diff --git a/cmds/keystore/keystore_get.h b/cmds/keystore/keystore_get.h
index 7665e81..0e7e1ae 100644
--- a/cmds/keystore/keystore_get.h
+++ b/cmds/keystore/keystore_get.h
@@ -1,53 +1,69 @@
/*
-**
-** Copyright 2009, The Android Open Source Project
-**
-** Licensed under the Apache License, Version 2.0 (the "License");
-** you may not use this file except in compliance with the License.
-** You may obtain a copy of the License at
-**
-** http://www.apache.org/licenses/LICENSE-2.0
-**
-** Unless required by applicable law or agreed to in writing, software
-** distributed under the License is distributed on an "AS IS" BASIS,
-** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-** See the License for the specific language governing permissions and
-** limitations under the License.
-*/
+ * Copyright (C) 2009 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
#ifndef __KEYSTORE_GET_H__
#define __KEYSTORE_GET_H__
#include <stdio.h>
-#include <stdlib.h>
+#include <stdint.h>
#include <string.h>
+#include <unistd.h>
+#include <sys/types.h>
+#include <sys/socket.h>
-#include "certtool.h"
+#include <cutils/sockets.h>
-/* This function is provided to native components to get values from keystore.
- * Users are required to link against libcutils. If something goes wrong, NULL
- * is returned. Otherwise it returns the value in dynamically allocated memory
- * and sets the size if the pointer is not NULL. One can release the memory by
- * calling free(). */
-static char *keystore_get(const char *key, int *size)
+#define KEYSTORE_MESSAGE_SIZE 65535
+
+/* This function is provided for native components to get values from keystore.
+ * Users are required to link against libcutils. The lengths of keys and values
+ * are limited to KEYSTORE_MESSAGE_SIZE. This function returns the length of
+ * the requested value or -1 if something goes wrong. */
+static int keystore_get(const char *key, char *value)
{
- char buffer[MAX_KEY_VALUE_LENGTH];
- char *value;
- int length;
+ int length = strlen(key);
+ uint8_t bytes[2] = {length >> 8, length};
+ uint8_t code = 'g';
+ int sock;
- if (get_cert(key, (unsigned char *)buffer, &length) != 0) {
- return NULL;
+ if (length > KEYSTORE_MESSAGE_SIZE) {
+ return -1;
}
- value = malloc(length + 1);
- if (!value) {
- return NULL;
+ sock = socket_local_client("keystore", ANDROID_SOCKET_NAMESPACE_RESERVED,
+ SOCK_STREAM);
+ if (sock == -1) {
+ return -1;
}
- memcpy(value, buffer, length);
- value[length] = 0;
- if (size) {
- *size = length;
+ if (send(sock, &code, 1, 0) == 1 && send(sock, bytes, 2, 0) == 2 &&
+ send(sock, key, length, 0) == length && shutdown(sock, SHUT_WR) == 0 &&
+ recv(sock, &code, 1, 0) == 1 && code == /* NO_ERROR */ 1 &&
+ recv(sock, &bytes[0], 1, 0) == 1 && recv(sock, &bytes[1], 1, 0) == 1) {
+ int offset = 0;
+ length = bytes[0] << 8 | bytes[1];
+ while (offset < length) {
+ int n = recv(sock, &value[offset], length - offset, 0);
+ if (n <= 0) {
+ length = -1;
+ break;
+ }
+ offset += n;
+ }
}
- return value;
+ close(sock);
+ return length;
}
#endif