diff options
author | Andres Morales | 2015-04-09 21:23:48 -0500 |
---|---|---|
committer | Andres Morales | 2015-04-10 21:56:07 -0500 |
commit | 851b57c1f81bd3572cf5908611ba029be934c706 (patch) | |
tree | 783505d76341c9b8af324dce165767de2156f60a | |
parent | 9bbd0a5c92ed92c295d2f5ab3befdf3efe490bc9 (diff) | |
download | platform-system-core-851b57c1f81bd3572cf5908611ba029be934c706.tar.gz platform-system-core-851b57c1f81bd3572cf5908611ba029be934c706.tar.xz platform-system-core-851b57c1f81bd3572cf5908611ba029be934c706.zip |
Add challenge to verify call
required for enrolling secondary auth form factors
Change-Id: Ia3e1d47f988bca1bb1a0e713c000886e60b4e839
-rw-r--r-- | gatekeeperd/IGateKeeperService.cpp | 5 | ||||
-rw-r--r-- | gatekeeperd/IGateKeeperService.h | 2 | ||||
-rw-r--r-- | gatekeeperd/gatekeeperd.cpp | 4 |
3 files changed, 6 insertions, 5 deletions
diff --git a/gatekeeperd/IGateKeeperService.cpp b/gatekeeperd/IGateKeeperService.cpp index 133df4cbd..933b975de 100644 --- a/gatekeeperd/IGateKeeperService.cpp +++ b/gatekeeperd/IGateKeeperService.cpp | |||
@@ -68,6 +68,7 @@ status_t BnGateKeeperService::onTransact( | |||
68 | case VERIFY: { | 68 | case VERIFY: { |
69 | CHECK_INTERFACE(IGateKeeperService, data, reply); | 69 | CHECK_INTERFACE(IGateKeeperService, data, reply); |
70 | uint32_t uid = data.readInt32(); | 70 | uint32_t uid = data.readInt32(); |
71 | uint64_t challenge = data.readInt64(); | ||
71 | ssize_t currentPasswordHandleSize = data.readInt32(); | 72 | ssize_t currentPasswordHandleSize = data.readInt32(); |
72 | const uint8_t *currentPasswordHandle = | 73 | const uint8_t *currentPasswordHandle = |
73 | static_cast<const uint8_t *>(data.readInplace(currentPasswordHandleSize)); | 74 | static_cast<const uint8_t *>(data.readInplace(currentPasswordHandleSize)); |
@@ -78,8 +79,8 @@ status_t BnGateKeeperService::onTransact( | |||
78 | static_cast<const uint8_t *>(data.readInplace(currentPasswordSize)); | 79 | static_cast<const uint8_t *>(data.readInplace(currentPasswordSize)); |
79 | if (!currentPassword) currentPasswordSize = 0; | 80 | if (!currentPassword) currentPasswordSize = 0; |
80 | 81 | ||
81 | status_t ret = verify(uid, (uint8_t *) currentPasswordHandle, currentPasswordHandleSize, | 82 | status_t ret = verify(uid, challenge, (uint8_t *) currentPasswordHandle, |
82 | (uint8_t *) currentPassword, currentPasswordSize); | 83 | currentPasswordHandleSize, (uint8_t *) currentPassword, currentPasswordSize); |
83 | reply->writeNoException(); | 84 | reply->writeNoException(); |
84 | reply->writeInt32(ret == NO_ERROR ? 1 : 0); | 85 | reply->writeInt32(ret == NO_ERROR ? 1 : 0); |
85 | return NO_ERROR; | 86 | return NO_ERROR; |
diff --git a/gatekeeperd/IGateKeeperService.h b/gatekeeperd/IGateKeeperService.h index 7d8572cec..90d302907 100644 --- a/gatekeeperd/IGateKeeperService.h +++ b/gatekeeperd/IGateKeeperService.h | |||
@@ -51,7 +51,7 @@ public: | |||
51 | * Verifies a password previously enrolled with the GateKeeper. | 51 | * Verifies a password previously enrolled with the GateKeeper. |
52 | * Returns 0 on success, negative on failure. | 52 | * Returns 0 on success, negative on failure. |
53 | */ | 53 | */ |
54 | virtual status_t verify(uint32_t uid, | 54 | virtual status_t verify(uint32_t uid, uint64_t challenge, |
55 | const uint8_t *enrolled_password_handle, uint32_t enrolled_password_handle_length, | 55 | const uint8_t *enrolled_password_handle, uint32_t enrolled_password_handle_length, |
56 | const uint8_t *provided_password, uint32_t provided_password_length) = 0; | 56 | const uint8_t *provided_password, uint32_t provided_password_length) = 0; |
57 | }; | 57 | }; |
diff --git a/gatekeeperd/gatekeeperd.cpp b/gatekeeperd/gatekeeperd.cpp index 492214059..2a435a9c7 100644 --- a/gatekeeperd/gatekeeperd.cpp +++ b/gatekeeperd/gatekeeperd.cpp | |||
@@ -71,7 +71,7 @@ public: | |||
71 | return ret >= 0 ? NO_ERROR : UNKNOWN_ERROR; | 71 | return ret >= 0 ? NO_ERROR : UNKNOWN_ERROR; |
72 | } | 72 | } |
73 | 73 | ||
74 | virtual status_t verify(uint32_t uid, | 74 | virtual status_t verify(uint32_t uid, uint64_t challenge, |
75 | const uint8_t *enrolled_password_handle, uint32_t enrolled_password_handle_length, | 75 | const uint8_t *enrolled_password_handle, uint32_t enrolled_password_handle_length, |
76 | const uint8_t *provided_password, uint32_t provided_password_length) { | 76 | const uint8_t *provided_password, uint32_t provided_password_length) { |
77 | IPCThreadState* ipc = IPCThreadState::self(); | 77 | IPCThreadState* ipc = IPCThreadState::self(); |
@@ -87,7 +87,7 @@ public: | |||
87 | 87 | ||
88 | uint8_t *auth_token; | 88 | uint8_t *auth_token; |
89 | uint32_t auth_token_length; | 89 | uint32_t auth_token_length; |
90 | int ret = device->verify(device, uid, | 90 | int ret = device->verify(device, uid, challenge, |
91 | enrolled_password_handle, enrolled_password_handle_length, | 91 | enrolled_password_handle, enrolled_password_handle_length, |
92 | provided_password, provided_password_length, &auth_token, &auth_token_length); | 92 | provided_password, provided_password_length, &auth_token, &auth_token_length); |
93 | 93 | ||