summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAndres Morales2015-05-18 11:26:19 -0500
committerAndres Morales2015-05-26 21:19:40 -0500
commit2aea55647d8eda7f4fc540dcfac30c753de75adb (patch)
tree700752e435fcdeb492663b28237bd98996a849bb /gatekeeperd/IGateKeeperService.h
parent1cf0580969a09fcbf84d5870da989287e628ce9b (diff)
downloadplatform-system-core-2aea55647d8eda7f4fc540dcfac30c753de75adb.tar.gz
platform-system-core-2aea55647d8eda7f4fc540dcfac30c753de75adb.tar.xz
platform-system-core-2aea55647d8eda7f4fc540dcfac30c753de75adb.zip
[gatekeeperd] return brute-force throttling information
Bug: 21118563 Change-Id: I13c6a44f61668be8b4c1fde8c84dcfebab84517c
Diffstat (limited to 'gatekeeperd/IGateKeeperService.h')
-rw-r--r--gatekeeperd/IGateKeeperService.h35
1 files changed, 27 insertions, 8 deletions
diff --git a/gatekeeperd/IGateKeeperService.h b/gatekeeperd/IGateKeeperService.h
index a7773187e..f070486cd 100644
--- a/gatekeeperd/IGateKeeperService.h
+++ b/gatekeeperd/IGateKeeperService.h
@@ -35,6 +35,12 @@ public:
35 CLEAR_SECURE_USER_ID = IBinder::FIRST_CALL_TRANSACTION + 4, 35 CLEAR_SECURE_USER_ID = IBinder::FIRST_CALL_TRANSACTION + 4,
36 }; 36 };
37 37
38 enum {
39 GATEKEEPER_RESPONSE_OK = 0,
40 GATEKEEPER_RESPONSE_RETRY = 1,
41 GATEKEEPER_RESPONSE_ERROR = -1,
42 };
43
38 // DECLARE_META_INTERFACE - C++ client interface not needed 44 // DECLARE_META_INTERFACE - C++ client interface not needed
39 static const android::String16 descriptor; 45 static const android::String16 descriptor;
40 virtual const android::String16& getInterfaceDescriptor() const; 46 virtual const android::String16& getInterfaceDescriptor() const;
@@ -43,8 +49,13 @@ public:
43 49
44 /** 50 /**
45 * Enrolls a password with the GateKeeper. Returns 0 on success, negative on failure. 51 * Enrolls a password with the GateKeeper. Returns 0 on success, negative on failure.
52 * Returns:
53 * - 0 on success
54 * - A timestamp T > 0 if the call has failed due to throttling and should not
55 * be reattempted until T milliseconds have elapsed
56 * - -1 on failure
46 */ 57 */
47 virtual status_t enroll(uint32_t uid, 58 virtual int enroll(uint32_t uid,
48 const uint8_t *current_password_handle, uint32_t current_password_handle_length, 59 const uint8_t *current_password_handle, uint32_t current_password_handle_length,
49 const uint8_t *current_password, uint32_t current_password_length, 60 const uint8_t *current_password, uint32_t current_password_length,
50 const uint8_t *desired_password, uint32_t desired_password_length, 61 const uint8_t *desired_password, uint32_t desired_password_length,
@@ -52,21 +63,29 @@ public:
52 63
53 /** 64 /**
54 * Verifies a password previously enrolled with the GateKeeper. 65 * Verifies a password previously enrolled with the GateKeeper.
55 * Returns 0 on success, negative on failure. 66 * Returns:
67 * - 0 on success
68 * - A timestamp T > 0 if the call has failed due to throttling and should not
69 * be reattempted until T milliseconds have elapsed
70 * - -1 on failure
56 */ 71 */
57 virtual status_t verify(uint32_t uid, const uint8_t *enrolled_password_handle, 72 virtual int verify(uint32_t uid, const uint8_t *enrolled_password_handle,
58 uint32_t enrolled_password_handle_length, 73 uint32_t enrolled_password_handle_length,
59 const uint8_t *provided_password, uint32_t provided_password_length) = 0; 74 const uint8_t *provided_password, uint32_t provided_password_length,
75 bool *request_reenroll) = 0;
60 76
61 /** 77 /**
62 * Verifies a password previously enrolled with the GateKeeper. 78 * Verifies a password previously enrolled with the GateKeeper.
63 * Returns 0 on success, negative on failure. 79 * Returns:
80 * - 0 on success
81 * - A timestamp T > 0 if the call has failed due to throttling and should not
82 * be reattempted until T milliseconds have elapsed
83 * - -1 on failure
64 */ 84 */
65 virtual status_t verifyChallenge(uint32_t uid, uint64_t challenge, 85 virtual int verifyChallenge(uint32_t uid, uint64_t challenge,
66 const uint8_t *enrolled_password_handle, uint32_t enrolled_password_handle_length, 86 const uint8_t *enrolled_password_handle, uint32_t enrolled_password_handle_length,
67 const uint8_t *provided_password, uint32_t provided_password_length, 87 const uint8_t *provided_password, uint32_t provided_password_length,
68 uint8_t **auth_token, uint32_t *auth_token_length) = 0; 88 uint8_t **auth_token, uint32_t *auth_token_length, bool *request_reenroll) = 0;
69
70 /** 89 /**
71 * Returns the secure user ID for the provided android user 90 * Returns the secure user ID for the provided android user
72 */ 91 */