Android培训班(40)

<!-- @page { margin: 2cm } P { margin-bottom: 0.21cm } -->

在init.rc文件里，可以看到加载下面的服务：

service keystore /system/bin/keystore /data/misc/keystore

user keystore

group keystore

socket keystore stream 666

keystore服务的代码在目录：

Android-2.0/frameworks/base/cmds/keystore

keystore服务是加解密储存键值的服务。它主要作用就是验证应用程序与签名文件是否一致。

它的主要入口函数代码如下：

int main(int argc, char **argv)

{

获取加密服务的SOCKET。

int control_socket = android_get_control_socket("keystore");

if (argc < 2) {

LOGE("A directory must be specified!");

return 1;

}

if (chdir(argv[1]) == -1) {

LOGE("chdir: %s: %s", argv[1], strerror(errno));

return 1;

}

if ((the_entropy = open(RANDOM_DEVICE, O_RDONLY)) == -1) {

LOGE("open: %s: %s", RANDOM_DEVICE, strerror(errno));

return 1;

}

监听这个服务。

if (listen(control_socket, 3) == -1) {

LOGE("listen: %s", strerror(errno));

return 1;

}

signal(SIGPIPE, SIG_IGN);

if (access(MASTER_KEY_FILE, R_OK) == 0) {

state = LOCKED;

}

接收到连接。

while ((the_socket = accept(control_socket, NULL, 0)) != -1) {

struct timeval tv = {.tv_sec = 3};

struct ucred cred;

socklen_t size = sizeof(cred);

int8_t request;

setsockopt(the_socket, SOL_SOCKET, SO_RCVTIMEO, &tv, sizeof(tv));

setsockopt(the_socket, SOL_SOCKET, SO_SNDTIMEO, &tv, sizeof(tv));

if (getsockopt(the_socket, SOL_SOCKET, SO_PEERCRED, &cred, &size)) {

LOGW("getsockopt: %s", strerror(errno));

} else if (recv_code(&request)) {

接收到请求后，就开始进行加密验证处理。

int8_t old_state = state;

int8_t response;

uid = cred.uid;

if ((response = process(request)) > 0) {

send_code(response);

response = -response;

}

LOGI("uid: %d action: %c -> %d state: %d -> %d retry: %d",

cred.uid, request, -response, old_state, state, retry);

}

close(the_socket);

}

LOGE("accept: %s", strerror(errno));

return 1;

}