summaryrefslogtreecommitdiff
path: root/gatekeeperd
diff options
context:
space:
mode:
authorAndres Morales <anmorales@google.com>2015-04-09 19:23:48 -0700
committerAndres Morales <anmorales@google.com>2015-04-10 19:56:07 -0700
commit851b57c1f81bd3572cf5908611ba029be934c706 (patch)
tree783505d76341c9b8af324dce165767de2156f60a /gatekeeperd
parent9bbd0a5c92ed92c295d2f5ab3befdf3efe490bc9 (diff)
Add challenge to verify call
required for enrolling secondary auth form factors Change-Id: Ia3e1d47f988bca1bb1a0e713c000886e60b4e839
Diffstat (limited to 'gatekeeperd')
-rw-r--r--gatekeeperd/IGateKeeperService.cpp5
-rw-r--r--gatekeeperd/IGateKeeperService.h2
-rw-r--r--gatekeeperd/gatekeeperd.cpp4
3 files changed, 6 insertions, 5 deletions
diff --git a/gatekeeperd/IGateKeeperService.cpp b/gatekeeperd/IGateKeeperService.cpp
index 133df4cbd..933b975de 100644
--- a/gatekeeperd/IGateKeeperService.cpp
+++ b/gatekeeperd/IGateKeeperService.cpp
@@ -68,6 +68,7 @@ status_t BnGateKeeperService::onTransact(
case VERIFY: {
CHECK_INTERFACE(IGateKeeperService, data, reply);
uint32_t uid = data.readInt32();
+ uint64_t challenge = data.readInt64();
ssize_t currentPasswordHandleSize = data.readInt32();
const uint8_t *currentPasswordHandle =
static_cast<const uint8_t *>(data.readInplace(currentPasswordHandleSize));
@@ -78,8 +79,8 @@ status_t BnGateKeeperService::onTransact(
static_cast<const uint8_t *>(data.readInplace(currentPasswordSize));
if (!currentPassword) currentPasswordSize = 0;
- status_t ret = verify(uid, (uint8_t *) currentPasswordHandle, currentPasswordHandleSize,
- (uint8_t *) currentPassword, currentPasswordSize);
+ status_t ret = verify(uid, challenge, (uint8_t *) currentPasswordHandle,
+ currentPasswordHandleSize, (uint8_t *) currentPassword, currentPasswordSize);
reply->writeNoException();
reply->writeInt32(ret == NO_ERROR ? 1 : 0);
return NO_ERROR;
diff --git a/gatekeeperd/IGateKeeperService.h b/gatekeeperd/IGateKeeperService.h
index 7d8572cec..90d302907 100644
--- a/gatekeeperd/IGateKeeperService.h
+++ b/gatekeeperd/IGateKeeperService.h
@@ -51,7 +51,7 @@ public:
* Verifies a password previously enrolled with the GateKeeper.
* Returns 0 on success, negative on failure.
*/
- virtual status_t verify(uint32_t uid,
+ virtual status_t verify(uint32_t uid, uint64_t challenge,
const uint8_t *enrolled_password_handle, uint32_t enrolled_password_handle_length,
const uint8_t *provided_password, uint32_t provided_password_length) = 0;
};
diff --git a/gatekeeperd/gatekeeperd.cpp b/gatekeeperd/gatekeeperd.cpp
index 492214059..2a435a9c7 100644
--- a/gatekeeperd/gatekeeperd.cpp
+++ b/gatekeeperd/gatekeeperd.cpp
@@ -71,7 +71,7 @@ public:
return ret >= 0 ? NO_ERROR : UNKNOWN_ERROR;
}
- virtual status_t verify(uint32_t uid,
+ virtual status_t verify(uint32_t uid, uint64_t challenge,
const uint8_t *enrolled_password_handle, uint32_t enrolled_password_handle_length,
const uint8_t *provided_password, uint32_t provided_password_length) {
IPCThreadState* ipc = IPCThreadState::self();
@@ -87,7 +87,7 @@ public:
uint8_t *auth_token;
uint32_t auth_token_length;
- int ret = device->verify(device, uid,
+ int ret = device->verify(device, uid, challenge,
enrolled_password_handle, enrolled_password_handle_length,
provided_password, provided_password_length, &auth_token, &auth_token_length);