Gatekeeper.cpp revision f9d303435d80161fabb16cdff3b8f2f75f362480
1/* 2 * Copyright (C) 2016 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16#define LOG_TAG "android.hardware.gatekeeper@1.0-service" 17 18#include <android/log.h> 19#include <dlfcn.h> 20 21#include "Gatekeeper.h" 22 23namespace android { 24namespace hardware { 25namespace gatekeeper { 26namespace V1_0 { 27namespace implementation { 28 29Gatekeeper::Gatekeeper() 30{ 31 int ret = hw_get_module_by_class(GATEKEEPER_HARDWARE_MODULE_ID, NULL, &module); 32 device = NULL; 33 34 if (!ret) { 35 ret = gatekeeper_open(module, &device); 36 } 37 if (ret < 0) { 38 LOG_ALWAYS_FATAL_IF(ret < 0, "Unable to open GateKeeper HAL"); 39 } 40} 41 42Gatekeeper::~Gatekeeper() 43{ 44 if (device != nullptr) { 45 int ret = gatekeeper_close(device); 46 if (ret < 0) { 47 ALOGE("Unable to close GateKeeper HAL"); 48 } 49 } 50 dlclose(module->dso); 51} 52 53// Methods from ::android::hardware::gatekeeper::V1_0::IGatekeeper follow. 54Return<void> Gatekeeper::enroll(uint32_t uid, 55 const hidl_vec<uint8_t>& currentPasswordHandle, 56 const hidl_vec<uint8_t>& currentPassword, 57 const hidl_vec<uint8_t>& desiredPassword, 58 enroll_cb cb) 59{ 60 GatekeeperResponse rsp; 61 uint8_t *enrolled_password_handle = nullptr; 62 uint32_t enrolled_password_handle_length = 0; 63 64 int ret = device->enroll(device, uid, 65 currentPasswordHandle.data(), currentPasswordHandle.size(), 66 currentPassword.data(), currentPassword.size(), 67 desiredPassword.data(), desiredPassword.size(), 68 &enrolled_password_handle, &enrolled_password_handle_length); 69 if (!ret) { 70 rsp.data.setToExternal(enrolled_password_handle, 71 enrolled_password_handle_length, 72 true); 73 rsp.code = GatekeeperStatusCode::STATUS_OK; 74 } else if (ret > 0) { 75 rsp.timeout = ret; 76 rsp.code = GatekeeperStatusCode::ERROR_RETRY_TIMEOUT; 77 } else { 78 rsp.code = GatekeeperStatusCode::ERROR_GENERAL_FAILURE; 79 } 80 cb(rsp); 81 return Void(); 82} 83 84Return<void> Gatekeeper::verify(uint32_t uid, 85 uint64_t challenge, 86 const hidl_vec<uint8_t>& enrolledPasswordHandle, 87 const hidl_vec<uint8_t>& providedPassword, 88 verify_cb cb) 89{ 90 GatekeeperResponse rsp; 91 uint8_t *auth_token = nullptr; 92 uint32_t auth_token_length = 0; 93 bool request_reenroll = false; 94 95 int ret = device->verify(device, uid, challenge, 96 enrolledPasswordHandle.data(), enrolledPasswordHandle.size(), 97 providedPassword.data(), providedPassword.size(), 98 &auth_token, &auth_token_length, 99 &request_reenroll); 100 if (!ret) { 101 rsp.data.setToExternal(auth_token, auth_token_length, true); 102 if (request_reenroll) { 103 rsp.code = GatekeeperStatusCode::STATUS_REENROLL; 104 } else { 105 rsp.code = GatekeeperStatusCode::STATUS_OK; 106 } 107 } else if (ret > 0) { 108 rsp.timeout = ret; 109 rsp.code = GatekeeperStatusCode::ERROR_RETRY_TIMEOUT; 110 } else { 111 rsp.code = GatekeeperStatusCode::ERROR_GENERAL_FAILURE; 112 } 113 cb(rsp); 114 return Void(); 115} 116 117Return<void> Gatekeeper::deleteUser(uint32_t uid, deleteUser_cb cb) { 118 GatekeeperResponse rsp; 119 120 if (device->delete_user != nullptr) { 121 int ret = device->delete_user(device, uid); 122 if (!ret) { 123 rsp.code = GatekeeperStatusCode::STATUS_OK; 124 } else if (ret > 0) { 125 rsp.timeout = ret; 126 rsp.code = GatekeeperStatusCode::ERROR_RETRY_TIMEOUT; 127 } else { 128 rsp.code = GatekeeperStatusCode::ERROR_GENERAL_FAILURE; 129 } 130 } else { 131 rsp.code = GatekeeperStatusCode::ERROR_NOT_IMPLEMENTED; 132 } 133 cb(rsp); 134 return Void(); 135} 136 137Return<void> Gatekeeper::deleteAllUsers(deleteAllUsers_cb cb) { 138 GatekeeperResponse rsp; 139 if (device->delete_all_users != nullptr) { 140 int ret = device->delete_all_users(device); 141 if (!ret) { 142 rsp.code = GatekeeperStatusCode::STATUS_OK; 143 } else if (ret > 0) { 144 rsp.timeout = ret; 145 rsp.code = GatekeeperStatusCode::ERROR_RETRY_TIMEOUT; 146 } else { 147 rsp.code = GatekeeperStatusCode::ERROR_GENERAL_FAILURE; 148 } 149 } else { 150 rsp.code = GatekeeperStatusCode::ERROR_NOT_IMPLEMENTED; 151 } 152 cb(rsp); 153 return Void(); 154} 155 156IGatekeeper* HIDL_FETCH_IGatekeeper(const char* /* name */) { 157 return new Gatekeeper(); 158} 159 160} // namespace implementation 161} // namespace V1_0 162} // namespace gatekeeper 163} // namespace hardware 164} // namespace android 165