1310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales/*
2310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales * Copyright (C) 2015 The Android Open Source Project
3310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales *
4310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales * Licensed under the Apache License, Version 2.0 (the "License");
5310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales * you may not use this file except in compliance with the License.
6310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales * You may obtain a copy of the License at
7310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales *
8310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales *      http://www.apache.org/licenses/LICENSE-2.0
9310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales *
10310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales * Unless required by applicable law or agreed to in writing, software
11310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales * distributed under the License is distributed on an "AS IS" BASIS,
12310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales * See the License for the specific language governing permissions and
14310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales * limitations under the License.
15310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales */
16310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales
1766ce3e08c5632a20ea66bde6dd76397041edf034Mark Salyzyn#define LOG_TAG "TrustyGateKeeper"
1866ce3e08c5632a20ea66bde6dd76397041edf034Mark Salyzyn
1966ce3e08c5632a20ea66bde6dd76397041edf034Mark Salyzyn#include <assert.h>
20310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales#include <errno.h>
21310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales#include <stdio.h>
2230f991f251940be3ed11566fb71139852286f68aMark Salyzyn
23310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales#include <type_traits>
24310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales
2530f991f251940be3ed11566fb71139852286f68aMark Salyzyn#include <log/log.h>
2666ce3e08c5632a20ea66bde6dd76397041edf034Mark Salyzyn
27310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales#include "trusty_gatekeeper.h"
28310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales#include "trusty_gatekeeper_ipc.h"
29310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales#include "gatekeeper_ipc.h"
30310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales
31310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Moralesnamespace gatekeeper {
32310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales
33310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Moralesconst uint32_t SEND_BUF_SIZE = 8192;
34310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Moralesconst uint32_t RECV_BUF_SIZE = 8192;
35310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales
36310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres MoralesTrustyGateKeeperDevice::TrustyGateKeeperDevice(const hw_module_t *module) {
37310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales#if __cplusplus >= 201103L || defined(__GXX_EXPERIMENTAL_CXX0X__)
38310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    static_assert(std::is_standard_layout<TrustyGateKeeperDevice>::value,
39310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales                  "TrustyGateKeeperDevice must be standard layout");
40310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    static_assert(offsetof(TrustyGateKeeperDevice, device_) == 0,
41310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales                  "device_ must be the first member of TrustyGateKeeperDevice");
42310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    static_assert(offsetof(TrustyGateKeeperDevice, device_.common) == 0,
43310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales                  "common must be the first member of gatekeeper_device");
44310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales#else
45310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    assert(reinterpret_cast<gatekeeper_device_t *>(this) == &device_);
46310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    assert(reinterpret_cast<hw_device_t *>(this) == &(device_.common));
47310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales#endif
48310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales
49310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    memset(&device_, 0, sizeof(device_));
50310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    device_.common.tag = HARDWARE_DEVICE_TAG;
51310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    device_.common.version = 1;
52310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    device_.common.module = const_cast<hw_module_t *>(module);
53310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    device_.common.close = close_device;
54310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales
55310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    device_.enroll = enroll;
56310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    device_.verify = verify;
57310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    device_.delete_user = nullptr;
58310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    device_.delete_all_users = nullptr;
59310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales
60310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    int rc = trusty_gatekeeper_connect();
61310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    if (rc < 0) {
62310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales        ALOGE("Error initializing trusty session: %d", rc);
63310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    }
64310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales
65310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    error_ = rc;
66310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales
67310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales}
68310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales
69310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Moraleshw_device_t* TrustyGateKeeperDevice::hw_device() {
70310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    return &device_.common;
71310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales}
72310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales
73310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Moralesint TrustyGateKeeperDevice::close_device(hw_device_t* dev) {
74310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    delete reinterpret_cast<TrustyGateKeeperDevice *>(dev);
75310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    return 0;
76310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales}
77310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales
78310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres MoralesTrustyGateKeeperDevice::~TrustyGateKeeperDevice() {
79310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    trusty_gatekeeper_disconnect();
80310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales}
81310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales
82310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Moralesint TrustyGateKeeperDevice::Enroll(uint32_t uid, const uint8_t *current_password_handle,
83310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales        uint32_t current_password_handle_length, const uint8_t *current_password,
84310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales        uint32_t current_password_length, const uint8_t *desired_password,
85310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales        uint32_t desired_password_length, uint8_t **enrolled_password_handle,
86310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales        uint32_t *enrolled_password_handle_length) {
87310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales
88310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    if (error_ != 0) {
89310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales        return error_;
90310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    }
91310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales
92310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    SizedBuffer desired_password_buffer(desired_password_length);
93310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    memcpy(desired_password_buffer.buffer.get(), desired_password, desired_password_length);
94310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales
95310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    SizedBuffer current_password_handle_buffer(current_password_handle_length);
96310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    if (current_password_handle) {
97310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales        memcpy(current_password_handle_buffer.buffer.get(), current_password_handle,
98310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales                current_password_handle_length);
99310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    }
100310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales
101310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    SizedBuffer current_password_buffer(current_password_length);
102310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    if (current_password) {
103310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales        memcpy(current_password_buffer.buffer.get(), current_password, current_password_length);
104310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    }
105310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales
106310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    EnrollRequest request(uid, &current_password_handle_buffer, &desired_password_buffer,
107310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales            &current_password_buffer);
108310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    EnrollResponse response;
109310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales
110310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    gatekeeper_error_t error = Send(request, &response);
111310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales
112310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    if (error == ERROR_RETRY) {
113310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales        return response.retry_timeout;
114310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    } else if (error != ERROR_NONE) {
115310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales        return -EINVAL;
116310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    }
117310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales
118310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    *enrolled_password_handle = response.enrolled_password_handle.buffer.release();
119310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    *enrolled_password_handle_length = response.enrolled_password_handle.length;
120310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales
121310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales
122310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    return 0;
123310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales}
124310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales
125310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Moralesint TrustyGateKeeperDevice::Verify(uint32_t uid, uint64_t challenge,
126310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales        const uint8_t *enrolled_password_handle, uint32_t enrolled_password_handle_length,
127310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales        const uint8_t *provided_password, uint32_t provided_password_length,
128310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales        uint8_t **auth_token, uint32_t *auth_token_length, bool *request_reenroll) {
129310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    if (error_ != 0) {
130310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales        return error_;
131310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    }
132310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales
133310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    SizedBuffer password_handle_buffer(enrolled_password_handle_length);
134310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    memcpy(password_handle_buffer.buffer.get(), enrolled_password_handle,
135310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales            enrolled_password_handle_length);
136310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    SizedBuffer provided_password_buffer(provided_password_length);
137310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    memcpy(provided_password_buffer.buffer.get(), provided_password, provided_password_length);
138310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales
139310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    VerifyRequest request(uid, challenge, &password_handle_buffer, &provided_password_buffer);
140310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    VerifyResponse response;
141310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales
142310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    gatekeeper_error_t error = Send(request, &response);
143310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales
144310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    if (error == ERROR_RETRY) {
145310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales        return response.retry_timeout;
146310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    } else if (error != ERROR_NONE) {
147310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales        return -EINVAL;
148310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    }
149310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales
150310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    if (auth_token != NULL && auth_token_length != NULL) {
151310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales       *auth_token = response.auth_token.buffer.release();
152310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales       *auth_token_length = response.auth_token.length;
153310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    }
154310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales
155310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    if (request_reenroll != NULL) {
156310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales        *request_reenroll = response.request_reenroll;
157310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    }
158310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales
159310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    return 0;
160310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales}
161310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales
162310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Moralesgatekeeper_error_t TrustyGateKeeperDevice::Send(uint32_t command, const GateKeeperMessage& request,
163310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales        GateKeeperMessage *response) {
164310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    uint32_t request_size = request.GetSerializedSize();
165310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    if (request_size > SEND_BUF_SIZE)
166310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales        return ERROR_INVALID;
167310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    uint8_t send_buf[SEND_BUF_SIZE];
168310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    request.Serialize(send_buf, send_buf + request_size);
169310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales
170310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    // Send it
171310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    uint8_t recv_buf[RECV_BUF_SIZE];
172310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    uint32_t response_size = RECV_BUF_SIZE;
173310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    int rc = trusty_gatekeeper_call(command, send_buf, request_size, recv_buf, &response_size);
174310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    if (rc < 0) {
175310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales        ALOGE("error (%d) calling gatekeeper TA", rc);
176310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales        return ERROR_INVALID;
177310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    }
178310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales
179310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    const gatekeeper_message *msg = reinterpret_cast<gatekeeper_message *>(recv_buf);
180310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    const uint8_t *payload = msg->payload;
181310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales
182310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    return response->Deserialize(payload, payload + response_size);
183310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales}
184310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales
185310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Moralesstatic inline TrustyGateKeeperDevice *convert_device(const gatekeeper_device *dev) {
186310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    return reinterpret_cast<TrustyGateKeeperDevice *>(const_cast<gatekeeper_device *>(dev));
187310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales}
188310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales
189310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales/* static */
190310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Moralesint TrustyGateKeeperDevice::enroll(const struct gatekeeper_device *dev, uint32_t uid,
191310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales            const uint8_t *current_password_handle, uint32_t current_password_handle_length,
192310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales            const uint8_t *current_password, uint32_t current_password_length,
193310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales            const uint8_t *desired_password, uint32_t desired_password_length,
194310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales            uint8_t **enrolled_password_handle, uint32_t *enrolled_password_handle_length) {
195310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales
196310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    if (dev == NULL ||
197310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales            enrolled_password_handle == NULL || enrolled_password_handle_length == NULL ||
198310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales            desired_password == NULL || desired_password_length == 0)
199310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales        return -EINVAL;
200310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales
201310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    // Current password and current password handle go together
202310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    if (current_password_handle == NULL || current_password_handle_length == 0 ||
203310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales            current_password == NULL || current_password_length == 0) {
204310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales        current_password_handle = NULL;
205310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales        current_password_handle_length = 0;
206310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales        current_password = NULL;
207310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales        current_password_length = 0;
208310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    }
209310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales
210310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    return convert_device(dev)->Enroll(uid, current_password_handle, current_password_handle_length,
211310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales            current_password, current_password_length, desired_password, desired_password_length,
212310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales            enrolled_password_handle, enrolled_password_handle_length);
213310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales
214310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales}
215310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales
216310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales/* static */
217310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Moralesint TrustyGateKeeperDevice::verify(const struct gatekeeper_device *dev, uint32_t uid,
218310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales        uint64_t challenge, const uint8_t *enrolled_password_handle,
219310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales        uint32_t enrolled_password_handle_length, const uint8_t *provided_password,
220310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales        uint32_t provided_password_length, uint8_t **auth_token, uint32_t *auth_token_length,
221310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales        bool *request_reenroll) {
222310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales
223310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    if (dev == NULL || enrolled_password_handle == NULL ||
224310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales            provided_password == NULL) {
225310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales        return -EINVAL;
226310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    }
227310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales
228310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales    return convert_device(dev)->Verify(uid, challenge, enrolled_password_handle,
229310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales            enrolled_password_handle_length, provided_password, provided_password_length,
230310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales            auth_token, auth_token_length, request_reenroll);
231310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales}
232310dcffbe0c57b686f459c9961ae7b03a1c86a93Andres Morales};
233