Rename keyguard to gatekeeper
Prevents confusion between this component and the
actual Keyguard that shows when the device is locked.
Change-Id: I47bc02b73947d56841ed126aae4eaf007749038a
diff --git a/Android.mk b/Android.mk
index 8a9bd86..20ebbcb 100644
--- a/Android.mk
+++ b/Android.mk
@@ -15,14 +15,14 @@
LOCAL_PATH := $(call my-dir)
###
-# libkeyguard contains just the code necessary to communicate with a
-# GoogleKeyguard implementation, e.g. one running in TrustZone.
+# libgatekeeper contains just the code necessary to communicate with a
+# GoogleGateKeeper implementation, e.g. one running in TrustZone.
##
include $(CLEAR_VARS)
-LOCAL_MODULE:= libkeyguard
+LOCAL_MODULE:= libgatekeeper
LOCAL_SRC_FILES := \
- keyguard_messages.cpp \
- keyguard.cpp
+ gatekeeper_messages.cpp \
+ gatekeeper.cpp
LOCAL_C_INCLUDES := \
$(LOCAL_PATH)/include
LOCAL_CFLAGS = -Wall -Werror -g
diff --git a/keyguard.cpp b/gatekeeper.cpp
similarity index 88%
rename from keyguard.cpp
rename to gatekeeper.cpp
index 3e1f338..a63b221 100644
--- a/keyguard.cpp
+++ b/gatekeeper.cpp
@@ -18,9 +18,9 @@
#include <iomanip>
#include <UniquePtr.h>
-#include <keyguard/keyguard.h>
+#include <gatekeeper/gatekeeper.h>
-namespace keyguard {
+namespace gatekeeper {
/**
* Internal only structure for easy serialization
@@ -38,11 +38,11 @@
uint8_t signature[32];
};
-void Keyguard::Enroll(const EnrollRequest &request, EnrollResponse *response) {
+void GateKeeper::Enroll(const EnrollRequest &request, EnrollResponse *response) {
if (response == NULL) return;
if (!request.provided_password.buffer.get()) {
- response->error = KG_ERROR_INVALID;
+ response->error = ERROR_INVALID;
return;
}
@@ -55,7 +55,7 @@
GetRandom(&user_id, sizeof(secure_id_t));
} else {
if (!ValidatePasswordFile(request.user_id, request.password_handle)) {
- response->error = KG_ERROR_INVALID;
+ response->error = ERROR_INVALID;
return;
} else {
// Password handle matches password file
@@ -63,7 +63,7 @@
reinterpret_cast<password_handle_t *>(request.password_handle.buffer.get());
if (!DoVerify(pw_handle, request.enrolled_password)) {
// incorrect old password
- response->error = KG_ERROR_INVALID;
+ response->error = ERROR_INVALID;
return;
}
@@ -82,7 +82,7 @@
if(!CreatePasswordHandle(&password_handle,
salt, user_id, authenticator_id, request.provided_password.buffer.get(),
request.provided_password.length)) {
- response->error = KG_ERROR_INVALID;
+ response->error = ERROR_INVALID;
return;
}
@@ -92,11 +92,11 @@
response->SetEnrolledPasswordHandle(&password_handle);
}
-void Keyguard::Verify(const VerifyRequest &request, VerifyResponse *response) {
+void GateKeeper::Verify(const VerifyRequest &request, VerifyResponse *response) {
if (response == NULL) return;
if (!request.provided_password.buffer.get() || !request.password_handle.buffer.get()) {
- response->error = KG_ERROR_INVALID;
+ response->error = ERROR_INVALID;
return;
}
@@ -106,7 +106,7 @@
// Sanity check
if (password_handle->version != HANDLE_VERSION) {
- response->error = KG_ERROR_INVALID;
+ response->error = ERROR_INVALID;
return;
}
@@ -133,11 +133,11 @@
user_id, authenticator_id);
response->SetVerificationToken(&auth_token);
} else {
- response->error = KG_ERROR_INVALID;
+ response->error = ERROR_INVALID;
}
}
-bool Keyguard::CreatePasswordHandle(SizedBuffer *password_handle_buffer, salt_t salt,
+bool GateKeeper::CreatePasswordHandle(SizedBuffer *password_handle_buffer, salt_t salt,
secure_id_t user_id, secure_id_t authenticator_id, const uint8_t *password,
size_t password_length) {
password_handle_buffer->buffer.reset(new uint8_t[sizeof(password_handle_t)]);
@@ -169,7 +169,7 @@
return true;
}
-bool Keyguard::DoVerify(const password_handle_t *expected_handle, const SizedBuffer &password) {
+bool GateKeeper::DoVerify(const password_handle_t *expected_handle, const SizedBuffer &password) {
if (!password.buffer.get()) return false;
SizedBuffer provided_handle;
@@ -181,7 +181,7 @@
return memcmp_s(provided_handle.buffer.get(), expected_handle, sizeof(*expected_handle)) == 0;
}
-bool Keyguard::ValidatePasswordFile(uint32_t uid, const SizedBuffer &provided_handle) {
+bool GateKeeper::ValidatePasswordFile(uint32_t uid, const SizedBuffer &provided_handle) {
SizedBuffer stored_handle;
ReadPasswordFile(uid, &stored_handle);
@@ -193,7 +193,7 @@
== 0;
}
-void Keyguard::MintAuthToken(UniquePtr<uint8_t> *auth_token, size_t *length,
+void GateKeeper::MintAuthToken(UniquePtr<uint8_t> *auth_token, size_t *length,
uint32_t timestamp, secure_id_t user_id, secure_id_t authenticator_id) {
if (auth_token == NULL) return;
diff --git a/keyguard_messages.cpp b/gatekeeper_messages.cpp
similarity index 86%
rename from keyguard_messages.cpp
rename to gatekeeper_messages.cpp
index 34c3c91..03f5b3f 100644
--- a/keyguard_messages.cpp
+++ b/gatekeeper_messages.cpp
@@ -15,12 +15,12 @@
*
*/
-#include <keyguard/keyguard_messages.h>
+#include <gatekeeper/gatekeeper_messages.h>
#include <string.h>
-namespace keyguard {
+namespace gatekeeper {
/**
* Methods for serializing/deserializing SizedBuffers
@@ -39,34 +39,34 @@
}
}
-static inline keyguard_error_t read_from_buffer(const uint8_t **buffer, const uint8_t *end,
+static inline gatekeeper_error_t read_from_buffer(const uint8_t **buffer, const uint8_t *end,
SizedBuffer *target) {
- if (*buffer + sizeof(target->length) > end) return KG_ERROR_INVALID;
+ if (*buffer + sizeof(target->length) > end) return ERROR_INVALID;
memcpy(&target->length, *buffer, sizeof(target->length));
*buffer += sizeof(target->length);
if (target->length != 0) {
const uint8_t *buffer_end = *buffer + target->length;
- if (buffer_end > end || buffer_end <= *buffer) return KG_ERROR_INVALID;
+ if (buffer_end > end || buffer_end <= *buffer) return ERROR_INVALID;
target->buffer.reset(new uint8_t[target->length]);
memcpy(target->buffer.get(), *buffer, target->length);
*buffer += target->length;
}
- return KG_ERROR_OK;
+ return ERROR_NONE;
}
-size_t KeyguardMessage::GetSerializedSize() const {
- if (error == KG_ERROR_OK) {
+size_t GateKeeperMessage::GetSerializedSize() const {
+ if (error == ERROR_NONE) {
return 2 * sizeof(uint32_t) + nonErrorSerializedSize();
} else {
return sizeof(uint32_t);
}
}
-uint8_t *KeyguardMessage::Serialize() const {
- if (error != KG_ERROR_OK) {
+uint8_t *GateKeeperMessage::Serialize() const {
+ if (error != ERROR_NONE) {
uint32_t *error_buf = new uint32_t;
*error_buf = static_cast<uint32_t>(error);
return reinterpret_cast<uint8_t *>(error_buf);
@@ -80,14 +80,14 @@
}
}
-keyguard_error_t KeyguardMessage::Deserialize(const uint8_t *payload, const uint8_t *end) {
+gatekeeper_error_t GateKeeperMessage::Deserialize(const uint8_t *payload, const uint8_t *end) {
uint32_t error_value;
- if (payload + sizeof(uint32_t) > end) return KG_ERROR_INVALID;
+ if (payload + sizeof(uint32_t) > end) return ERROR_INVALID;
memcpy(&error_value, payload, sizeof(uint32_t));
- error = static_cast<keyguard_error_t>(error_value);
+ error = static_cast<gatekeeper_error_t>(error_value);
payload += sizeof(uint32_t);
- if (error == KG_ERROR_OK) {
- if (payload == end) return KG_ERROR_INVALID;
+ if (error == ERROR_NONE) {
+ if (payload == end) return ERROR_INVALID;
user_id = *((uint32_t *) payload);
error = nonErrorDeserialize(payload + sizeof(uint32_t), end);
}
@@ -130,8 +130,8 @@
append_to_buffer(&buffer, &provided_password);
}
-keyguard_error_t VerifyRequest::nonErrorDeserialize(const uint8_t *payload, const uint8_t *end) {
- keyguard_error_t error = KG_ERROR_OK;
+gatekeeper_error_t VerifyRequest::nonErrorDeserialize(const uint8_t *payload, const uint8_t *end) {
+ gatekeeper_error_t error = ERROR_NONE;
if (password_handle.buffer.get()) {
password_handle.buffer.reset();
@@ -143,7 +143,7 @@
}
error = read_from_buffer(&payload, end, &password_handle);
- if (error != KG_ERROR_OK) return error;
+ if (error != ERROR_NONE) return error;
return read_from_buffer(&payload, end, &provided_password);
@@ -178,7 +178,7 @@
append_to_buffer(&buffer, &auth_token);
}
-keyguard_error_t VerifyResponse::nonErrorDeserialize(const uint8_t *payload, const uint8_t *end) {
+gatekeeper_error_t VerifyResponse::nonErrorDeserialize(const uint8_t *payload, const uint8_t *end) {
if (auth_token.buffer.get()) {
auth_token.buffer.reset();
}
@@ -243,8 +243,8 @@
append_to_buffer(&buffer, &password_handle);
}
-keyguard_error_t EnrollRequest::nonErrorDeserialize(const uint8_t *payload, const uint8_t *end) {
- keyguard_error_t ret;
+gatekeeper_error_t EnrollRequest::nonErrorDeserialize(const uint8_t *payload, const uint8_t *end) {
+ gatekeeper_error_t ret;
if (provided_password.buffer.get()) {
memset_s(provided_password.buffer.get(), 0, provided_password.length);
provided_password.buffer.reset();
@@ -261,12 +261,12 @@
}
ret = read_from_buffer(&payload, end, &provided_password);
- if (ret != KG_ERROR_OK) {
+ if (ret != ERROR_NONE) {
return ret;
}
ret = read_from_buffer(&payload, end, &enrolled_password);
- if (ret != KG_ERROR_OK) {
+ if (ret != ERROR_NONE) {
return ret;
}
@@ -302,7 +302,7 @@
append_to_buffer(&buffer, &enrolled_password_handle);
}
-keyguard_error_t EnrollResponse::nonErrorDeserialize(const uint8_t *payload, const uint8_t *end) {
+gatekeeper_error_t EnrollResponse::nonErrorDeserialize(const uint8_t *payload, const uint8_t *end) {
if (enrolled_password_handle.buffer.get()) {
enrolled_password_handle.buffer.reset();
}
diff --git a/include/keyguard/keyguard.h b/include/gatekeeper/gatekeeper.h
similarity index 92%
rename from include/keyguard/keyguard.h
rename to include/gatekeeper/gatekeeper.h
index 8141ce3..aaaba03 100644
--- a/include/keyguard/keyguard.h
+++ b/include/gatekeeper/gatekeeper.h
@@ -14,16 +14,16 @@
* limitations under the License.
*/
-#ifndef KEYGUARD_H_
-#define KEYGUARD_H_
+#ifndef GATEKEEPER_H_
+#define GATEKEEPER_H_
#include <memory>
#include <stdint.h>
#include <UniquePtr.h>
-#include "keyguard_messages.h"
+#include "gatekeeper_messages.h"
-namespace keyguard {
+namespace gatekeeper {
typedef uint64_t secure_id_t;
typedef uint64_t salt_t;
@@ -48,14 +48,14 @@
struct password_handle_t;
/**
- * Base class for keyguard implementations. Provides all functionality except
+ * Base class for gatekeeper implementations. Provides all functionality except
* the ability to create/access keys and compute signatures. These are left up
* to the platform-specific implementation.
*/
-class Keyguard {
+class GateKeeper {
public:
- Keyguard() {}
- virtual ~Keyguard() {}
+ GateKeeper() {}
+ virtual ~GateKeeper() {}
void Enroll(const EnrollRequest &request, EnrollResponse *response);
void Verify(const VerifyRequest &request, VerifyResponse *response);
@@ -65,7 +65,7 @@
// The following methods are intended to be implemented by concrete subclasses
/**
- * Retrieves the key used by Keyguard::MintAuthToken to sign the payload
+ * Retrieves the key used by GateKeeper::MintAuthToken to sign the payload
* of the AuthToken. This is not cached as is may have changed due to an event such
* as a password change.
*
@@ -158,4 +158,4 @@
}
-#endif // KEYGUARD_H_
+#endif // GATEKEEPER_H_
diff --git a/include/keyguard/keyguard_messages.h b/include/gatekeeper/gatekeeper_messages.h
similarity index 78%
rename from include/keyguard/keyguard_messages.h
rename to include/gatekeeper/gatekeeper_messages.h
index 87cb38a..3b48e35 100644
--- a/include/keyguard/keyguard_messages.h
+++ b/include/gatekeeper/gatekeeper_messages.h
@@ -13,23 +13,23 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-#ifndef KEYGUARD_MESSAGES_H_
-#define KEYGUARD_MESSAGES_H_
+#ifndef GATEKEEPER_MESSAGES_H_
+#define GATEKEEPER_MESSAGES_H_
#include <stdint.h>
#include <UniquePtr.h>
-#include "keyguard_utils.h"
+#include "gatekeeper_utils.h"
/**
- * Message serialization objects for communicating with the hardware keyguard.
+ * Message serialization objects for communicating with the hardware gatekeeper.
*/
-namespace keyguard {
+namespace gatekeeper {
typedef enum {
- KG_ERROR_OK = 0,
- KG_ERROR_INVALID = 1,
-} keyguard_error_t;
+ ERROR_NONE = 0,
+ ERROR_INVALID = 1,
+} gatekeeper_error_t;
struct SizedBuffer {
SizedBuffer() {
@@ -68,10 +68,10 @@
* elements like the error and user ID. Delegates specialized serialization
* to protected pure virtual functions implemented by subclasses.
*/
-struct KeyguardMessage {
- KeyguardMessage() : error(KG_ERROR_OK) {}
- KeyguardMessage(keyguard_error_t error) : error(error) {}
- virtual ~KeyguardMessage() {}
+struct GateKeeperMessage {
+ GateKeeperMessage() : error(ERROR_NONE) {}
+ GateKeeperMessage(gatekeeper_error_t error) : error(error) {}
+ virtual ~GateKeeperMessage() {}
/**
* Returns serialized size in bytes of the current state of the
@@ -88,7 +88,7 @@
/**
* Inflates the object from its serial representation.
*/
- keyguard_error_t Deserialize(const uint8_t *payload, const uint8_t *end);
+ gatekeeper_error_t Deserialize(const uint8_t *payload, const uint8_t *end);
/**
* The following methods are intended to be implemented by subclasses.
@@ -111,15 +111,15 @@
/**
* Deserializes subclass specific data from payload without reading past end.
*/
- virtual keyguard_error_t nonErrorDeserialize(const uint8_t *, const uint8_t *) {
- return KG_ERROR_OK;
+ virtual gatekeeper_error_t nonErrorDeserialize(const uint8_t *, const uint8_t *) {
+ return ERROR_NONE;
}
- keyguard_error_t error;
+ gatekeeper_error_t error;
uint32_t user_id;
};
-struct VerifyRequest : public KeyguardMessage {
+struct VerifyRequest : public GateKeeperMessage {
VerifyRequest(
uint32_t user_id,
SizedBuffer *enrolled_password_handle,
@@ -129,13 +129,13 @@
virtual size_t nonErrorSerializedSize() const;
virtual void nonErrorSerialize(uint8_t *buffer) const;
- virtual keyguard_error_t nonErrorDeserialize(const uint8_t *payload, const uint8_t *end);
+ virtual gatekeeper_error_t nonErrorDeserialize(const uint8_t *payload, const uint8_t *end);
SizedBuffer password_handle;
SizedBuffer provided_password;
};
-struct VerifyResponse : public KeyguardMessage {
+struct VerifyResponse : public GateKeeperMessage {
VerifyResponse(uint32_t user_id, SizedBuffer *auth_token);
VerifyResponse();
~VerifyResponse();
@@ -144,12 +144,12 @@
virtual size_t nonErrorSerializedSize() const;
virtual void nonErrorSerialize(uint8_t *buffer) const;
- virtual keyguard_error_t nonErrorDeserialize(const uint8_t *payload, const uint8_t *end);
+ virtual gatekeeper_error_t nonErrorDeserialize(const uint8_t *payload, const uint8_t *end);
SizedBuffer auth_token;
};
-struct EnrollRequest : public KeyguardMessage {
+struct EnrollRequest : public GateKeeperMessage {
EnrollRequest(uint32_t user_id, SizedBuffer *password_handle,
SizedBuffer *provided_password, SizedBuffer *enrolled_password);
EnrollRequest();
@@ -157,7 +157,7 @@
virtual size_t nonErrorSerializedSize() const;
virtual void nonErrorSerialize(uint8_t *buffer) const;
- virtual keyguard_error_t nonErrorDeserialize(const uint8_t *payload, const uint8_t *end);
+ virtual gatekeeper_error_t nonErrorDeserialize(const uint8_t *payload, const uint8_t *end);
/**
* The password handle returned from the previous call to enroll or NULL
@@ -174,7 +174,7 @@
SizedBuffer provided_password;
};
-struct EnrollResponse : public KeyguardMessage {
+struct EnrollResponse : public GateKeeperMessage {
public:
EnrollResponse(uint32_t user_id, SizedBuffer *enrolled_password_handle);
EnrollResponse();
@@ -184,10 +184,10 @@
virtual size_t nonErrorSerializedSize() const;
virtual void nonErrorSerialize(uint8_t *buffer) const;
- virtual keyguard_error_t nonErrorDeserialize(const uint8_t *payload, const uint8_t *end);
+ virtual gatekeeper_error_t nonErrorDeserialize(const uint8_t *payload, const uint8_t *end);
SizedBuffer enrolled_password_handle;
};
}
-#endif // KEYGUARD_MESSAGES_H_
+#endif // GATEKEEPER_MESSAGES_H_
diff --git a/include/keyguard/keyguard_utils.h b/include/gatekeeper/gatekeeper_utils.h
similarity index 92%
rename from include/keyguard/keyguard_utils.h
rename to include/gatekeeper/gatekeeper_utils.h
index fd00248..6439242 100644
--- a/include/keyguard/keyguard_utils.h
+++ b/include/gatekeeper/gatekeeper_utils.h
@@ -14,12 +14,12 @@
* limitations under the License.
*
*/
-#ifndef GOOGLE_KEYGUARD_UTILS_H_
-#define GOOGLE_KEYGUARD_UTILS_H_
+#ifndef GOOGLE_GATEKEEPER_UTILS_H_
+#define GOOGLE_GATEKEEPER_UTILS_H_
#include <string.h>
-namespace keyguard {
+namespace gatekeeper {
/**
* Variant of memset() that uses GCC-specific pragmas to disable optimizations, so effect is not
* optimized away. This is important because we often need to wipe blocks of sensitive data from
@@ -54,4 +54,4 @@
}
};
-#endif //GOOGLE_KEYGUARD_UTILS_H_
+#endif //GOOGLE_GATEKEEPER_UTILS_H_
diff --git a/include/keyguard/soft_keyguard.h b/include/gatekeeper/soft_gatekeeper.h
similarity index 89%
rename from include/keyguard/soft_keyguard.h
rename to include/gatekeeper/soft_gatekeeper.h
index 56ba775..ce1fcc4 100644
--- a/include/keyguard/soft_keyguard.h
+++ b/include/gatekeeper/soft_gatekeeper.h
@@ -15,8 +15,8 @@
*
*/
-#ifndef SOFT_KEYGUARD_H_
-#define SOFT_KEYGUARD_H_
+#ifndef SOFT_GATEKEEPER_H_
+#define SOFT_GATEKEEPER_H_
extern "C" {
#include <openssl/rand.h>
@@ -24,22 +24,22 @@
}
#include <UniquePtr.h>
-#include <keyguard/keyguard.h>
+#include <gatekeeper/gatekeeper.h>
#include <iostream>
-namespace keyguard {
+namespace gatekeeper {
/**
* Convenience class for easily switching out a testing implementation
*/
-class KeyguardFileIo {
+class GateKeeperFileIo {
public:
- virtual ~KeyguardFileIo() {}
+ virtual ~GateKeeperFileIo() {}
virtual void Write(const char *filename, const uint8_t *bytes, size_t length) = 0;
virtual size_t Read(const char *filename, UniquePtr<uint8_t> *bytes) const = 0;
};
-class SoftKeyguard : public Keyguard {
+class SoftGateKeeper : public GateKeeper {
public:
static const size_t SALT_LENGTH = 8;
static const size_t SIGNATURE_LENGTH = 16;
@@ -51,11 +51,11 @@
static const int MAX_UINT_32_CHARS = 11;
- SoftKeyguard(KeyguardFileIo *file_io) {
+ SoftGateKeeper(GateKeeperFileIo *file_io) {
file_io_ = file_io;
}
- virtual ~SoftKeyguard() {
+ virtual ~SoftGateKeeper() {
delete file_io_;
}
@@ -107,9 +107,9 @@
}
private:
- KeyguardFileIo *file_io_;
+ GateKeeperFileIo *file_io_;
};
}
-#endif // SOFT_KEYGUARD_H_
+#endif // SOFT_GATEKEEPER_H_
diff --git a/softkeyguard/Android.mk b/softgatekeeper/Android.mk
similarity index 89%
rename from softkeyguard/Android.mk
rename to softgatekeeper/Android.mk
index 9eb67a4..7851ea2 100644
--- a/softkeyguard/Android.mk
+++ b/softgatekeeper/Android.mk
@@ -18,13 +18,13 @@
ifeq ($(USE_32_BIT_KEYSTORE), true)
LOCAL_MULTILIB := 32
endif
-LOCAL_MODULE := keyguard.default
+LOCAL_MODULE := gatekeeper.default
LOCAL_MODULE_RELATIVE_PATH := hw
LOCAL_SRC_FILES := \
module.cpp \
- soft_keyguard_device.cpp
+ soft_gatekeeper_device.cpp
LOCAL_CFLAGS = -fvisibility=hidden -Wall -Werror
-LOCAL_SHARED_LIBRARIES := libcrypto libkeyguard
+LOCAL_SHARED_LIBRARIES := libcrypto libgatekeeper
LOCAL_STATIC_LIBRARIES := libscrypt_static
LOCAL_C_INCLUDES := external/scrypt/lib/crypto
LOCAL_MODULE_TAGS := optional
diff --git a/softkeyguard/module.cpp b/softgatekeeper/module.cpp
similarity index 73%
rename from softkeyguard/module.cpp
rename to softgatekeeper/module.cpp
index 07f1ec0..4c0b624 100644
--- a/softkeyguard/module.cpp
+++ b/softgatekeeper/module.cpp
@@ -13,9 +13,9 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-#include "soft_keyguard_device.h"
+#include "soft_gatekeeper_device.h"
-extern struct keyguard_module soft_keyguard_device_module;
+extern struct gatekeeper_module soft_gatekeeper_device_module;
-struct keyguard_module HAL_MODULE_INFO_SYM __attribute__((visibility("default")))
- = soft_keyguard_device_module;
+struct gatekeeper_module HAL_MODULE_INFO_SYM __attribute__((visibility("default")))
+ = soft_gatekeeper_device_module;
diff --git a/softkeyguard/native_keyguard_file_io.h b/softgatekeeper/native_gatekeeper_file_io.h
similarity index 77%
rename from softkeyguard/native_keyguard_file_io.h
rename to softgatekeeper/native_gatekeeper_file_io.h
index 61a75de..b16dcf1 100644
--- a/softkeyguard/native_keyguard_file_io.h
+++ b/softgatekeeper/native_gatekeeper_file_io.h
@@ -14,14 +14,14 @@
* limitations under the License.
*/
-#ifndef KEYGUARD_FILE_IO_
-#define KEYGUARD_FILE_IO_
+#ifndef NATIVE_GATEKEEPER_FILE_IO_H
+#define NATIVE_GATEKEEPER_FILE_IO_H
-#include <keyguard/soft_keyguard.h>
+#include <gatekeeper/soft_gatekeeper.h>
-namespace keyguard {
+namespace gatekeeper {
-class NativeKeyguardFileIo : public ::keyguard::KeyguardFileIo {
+class NativeGateKeeperFileIo : public ::gatekeeper::GateKeeperFileIo {
public:
virtual void Write(const char *filename, const uint8_t *bytes, size_t length) {
// TODO
@@ -35,4 +35,4 @@
};
}
-#endif // KEYGUARD_FILE_IO_
+#endif // NATIVE_GATEKEEPER_FILE_IO_H
diff --git a/softkeyguard/soft_keyguard_device.cpp b/softgatekeeper/soft_gatekeeper_device.cpp
similarity index 72%
rename from softkeyguard/soft_keyguard_device.cpp
rename to softgatekeeper/soft_gatekeeper_device.cpp
index 8781b74..03cc686 100644
--- a/softkeyguard/soft_keyguard_device.cpp
+++ b/softgatekeeper/soft_gatekeeper_device.cpp
@@ -14,15 +14,15 @@
* limitations under the License.
*/
-#include "soft_keyguard_device.h"
-#include "native_keyguard_file_io.h"
+#include "soft_gatekeeper_device.h"
+#include "native_gatekeeper_file_io.h"
__attribute__((visibility("default")))
-int softkeyguard_device_open(const hw_module_t *module, const char *name, hw_device_t **device) {
- if (device == NULL || strcmp(name, HARDWARE_KEYGUARD) != 0)
+int softgatekeeper_device_open(const hw_module_t *module, const char *name, hw_device_t **device) {
+ if (device == NULL || strcmp(name, HARDWARE_GATEKEEPER) != 0)
return -EINVAL;
- keyguard::SoftKeyguardDevice *dev = new keyguard::SoftKeyguardDevice(module);
+ gatekeeper::SoftGateKeeperDevice *dev = new gatekeeper::SoftGateKeeperDevice(module);
if (dev == NULL)
return -ENOMEM;
@@ -31,39 +31,39 @@
}
-static struct hw_module_methods_t keyguard_module_methods = {
- .open = softkeyguard_device_open,
+static struct hw_module_methods_t gatekeeper_module_methods = {
+ .open = softgatekeeper_device_open,
};
__attribute__((visibility("default")))
-struct keyguard_module soft_keyguard_device_module = {
+struct gatekeeper_module soft_gatekeeper_device_module = {
.common =
{
.tag = HARDWARE_MODULE_TAG,
- .module_api_version = KEYGUARD_MODULE_API_VERSION_0_1,
+ .module_api_version = GATEKEEPER_MODULE_API_VERSION_0_1,
.hal_api_version = HARDWARE_HAL_API_VERSION,
- .id = KEYGUARD_HARDWARE_MODULE_ID,
- .name = "Keyguard SCrypt HAL",
+ .id = GATEKEEPER_HARDWARE_MODULE_ID,
+ .name = "GateKeeper SCrypt HAL",
.author = "The Android Open Source Project",
- .methods = &keyguard_module_methods,
+ .methods = &gatekeeper_module_methods,
.dso = 0,
.reserved = {},
},
};
-namespace keyguard {
+namespace gatekeeper {
-SoftKeyguardDevice::SoftKeyguardDevice(const hw_module_t *module)
- : impl_(new SoftKeyguard(new NativeKeyguardFileIo())) {
+SoftGateKeeperDevice::SoftGateKeeperDevice(const hw_module_t *module)
+ : impl_(new SoftGateKeeper(new NativeGateKeeperFileIo())) {
#if __cplusplus >= 201103L || defined(__GXX_EXPERIMENTAL_CXX0X__)
- static_assert(std::is_standard_layout<SoftKeyguardDevice>::value,
- "SoftKeyguardDevice must be standard layout");
- static_assert(offsetof(SoftKeyguardDevice, device_) == 0,
+ static_assert(std::is_standard_layout<SoftGateKeeperDevice>::value,
+ "SoftGateKeeperDevice must be standard layout");
+ static_assert(offsetof(SoftGateKeeperDevice, device_) == 0,
"device_ must be the first member of KeymasterOpenSsl");
- static_assert(offsetof(SoftKeyguardDevice, device_.common) == 0,
+ static_assert(offsetof(SoftGateKeeperDevice, device_.common) == 0,
"common must be the first member of keymaster_device");
#else
- assert(reinterpret_cast<keyguard_device*>(this) == &device_);
+ assert(reinterpret_cast<gatekeeper_device*>(this) == &device_);
assert(reinterpret_cast<hw_device_t*>(this) == &(device_.common));
#endif
@@ -77,21 +77,21 @@
device_.enroll = Enroll;
}
-hw_device_t *SoftKeyguardDevice::hw_device() {
+hw_device_t *SoftGateKeeperDevice::hw_device() {
return &device_.common;
}
-static inline SoftKeyguardDevice *convert_device(const struct keyguard_device *dev) {
- return reinterpret_cast<SoftKeyguardDevice *>(const_cast<keyguard_device *>(dev));
+static inline SoftGateKeeperDevice *convert_device(const struct gatekeeper_device *dev) {
+ return reinterpret_cast<SoftGateKeeperDevice *>(const_cast<gatekeeper_device *>(dev));
}
/* static */
-int SoftKeyguardDevice::close_device(hw_device_t* dev) {
- delete reinterpret_cast<SoftKeyguardDevice *>(dev);
+int SoftGateKeeperDevice::close_device(hw_device_t* dev) {
+ delete reinterpret_cast<SoftGateKeeperDevice *>(dev);
return 0;
}
-int SoftKeyguardDevice::Enroll(const struct keyguard_device *dev, uint32_t uid,
+int SoftGateKeeperDevice::Enroll(const struct gatekeeper_device *dev, uint32_t uid,
const uint8_t *current_password_handle, size_t current_password_handle_length,
const uint8_t *current_password, size_t current_password_length,
const uint8_t *desired_password, size_t desired_password_length,
@@ -131,7 +131,7 @@
convert_device(dev)->impl_->Enroll(request, &response);
- if (response.error != KG_ERROR_OK)
+ if (response.error != ERROR_NONE)
return -EINVAL;
*enrolled_password_handle = response.enrolled_password_handle.buffer.release();
@@ -139,7 +139,7 @@
return 0;
}
-int SoftKeyguardDevice::Verify(const struct keyguard_device *dev, uint32_t uid,
+int SoftGateKeeperDevice::Verify(const struct gatekeeper_device *dev, uint32_t uid,
const uint8_t *enrolled_password_handle, size_t enrolled_password_handle_length,
const uint8_t *provided_password, size_t provided_password_length,
uint8_t **auth_token, size_t *auth_token_length) {
@@ -159,7 +159,7 @@
convert_device(dev)->impl_->Verify(request, &response);
- if (response.error != KG_ERROR_OK)
+ if (response.error != ERROR_NONE)
return -EINVAL;
if (auth_token != NULL && auth_token_length != NULL) {
diff --git a/softkeyguard/soft_keyguard_device.h b/softgatekeeper/soft_gatekeeper_device.h
similarity index 76%
rename from softkeyguard/soft_keyguard_device.h
rename to softgatekeeper/soft_gatekeeper_device.h
index 23bc944..88bb59f 100644
--- a/softkeyguard/soft_keyguard_device.h
+++ b/softgatekeeper/soft_gatekeeper_device.h
@@ -14,33 +14,33 @@
* limitations under the License.
*/
-#ifndef SYSTEM_SOFT_KEYGUARD_DEVICE_H_
-#define SYSTEM_SOFT_KEYGUARD_DEVICE_H_
+#ifndef SOFT_GATEKEEPER_DEVICE_H_
+#define SOFT_GATEKEEPER_DEVICE_H_
-#include <keyguard/soft_keyguard.h>
-#include <hardware/keyguard.h>
+#include <gatekeeper/soft_gatekeeper.h>
+#include <hardware/gatekeeper.h>
#include <UniquePtr.h>
-namespace keyguard {
+namespace gatekeeper {
/**
- * Software based Keyguard implementation
+ * Software based GateKeeper implementation
*
* IMPORTANT MAINTAINER NOTE: Pointers to instances of this class must be castable to hw_device_t
- * and keyguard. This means it must remain a standard layout class (no virtual functions and
+ * and gatekeeper. This means it must remain a standard layout class (no virtual functions and
* no data members which aren't standard layout), and device_ must be the first data member.
* Assertions in the constructor validate compliance with those constraints.
*/
-class SoftKeyguardDevice {
+class SoftGateKeeperDevice {
public:
- SoftKeyguardDevice(const hw_module_t *module);
+ SoftGateKeeperDevice(const hw_module_t *module);
hw_device_t *hw_device();
private:
static int close_device(hw_device_t* dev);
- // Wrappers to translate the keyguard HAL API to the Kegyuard Messages API.
+ // Wrappers to translate the gatekeeper HAL API to the Kegyuard Messages API.
/**
* Enrolls password_payload, which should be derived from a user selected pin or password,
@@ -50,7 +50,7 @@
* Returns: 0 on success or an error code less than 0 on error.
* On error, enrolled_password_handle will not be allocated.
*/
- static int Enroll(const struct keyguard_device *dev, uint32_t uid,
+ static int Enroll(const struct gatekeeper_device *dev, uint32_t uid,
const uint8_t *current_password_handle, size_t current_password_handle_length,
const uint8_t *current_password, size_t current_password_length,
const uint8_t *desired_password, size_t desired_password_length,
@@ -68,15 +68,15 @@
* Returns: 0 on success or an error code less than 0 on error
* On error, verification token will not be allocated
*/
- static int Verify(const struct keyguard_device *dev, uint32_t uid,
+ static int Verify(const struct gatekeeper_device *dev, uint32_t uid,
const uint8_t *enrolled_password_handle, size_t enrolled_password_handle_length,
const uint8_t *provided_password, size_t provided_password_length,
uint8_t **auth_token, size_t *auth_token_length);
- keyguard_device device_;
- UniquePtr<Keyguard> impl_;
+ gatekeeper_device device_;
+ UniquePtr<GateKeeper> impl_;
};
-} // namespace keyguard
+} // namespace gatekeeper
-#endif //SYSTEM_SOFT_KEYGUARD_DEVICE_H_
+#endif //SOFT_GATEKEEPER_DEVICE_H_
diff --git a/tests/Android.mk b/tests/Android.mk
index fff72ca..f1238af 100644
--- a/tests/Android.mk
+++ b/tests/Android.mk
@@ -17,14 +17,14 @@
LOCAL_PATH:= $(call my-dir)
include $(CLEAR_VARS)
-LOCAL_MODULE := keyguard-unit-tests
+LOCAL_MODULE := gatekeeper-unit-tests
LOCAL_ADDITIONAL_DEPENDENCIES := $(LOCAL_PATH)/Android.mk
LOCAL_CFLAGS += -g -Wall -Werror -std=gnu++11 -Wno-missing-field-initializers
-LOCAL_SHARED_LIBRARIES := libkeyguard libcrypto libhardware
+LOCAL_SHARED_LIBRARIES := libgatekeeper libcrypto libhardware
LOCAL_STATIC_LIBRARIES := libscrypt_static
LOCAL_C_INCLUDES := external/scrypt/lib/crypto
LOCAL_SRC_FILES := \
- keyguard_messages_test.cpp \
- keyguard_test.cpp \
- keyguard_device_test.cpp
+ gatekeeper_messages_test.cpp \
+ gatekeeper_test.cpp \
+ gatekeeper_device_test.cpp
include $(BUILD_NATIVE_TEST)
diff --git a/tests/keyguard_device_test.cpp b/tests/gatekeeper_device_test.cpp
similarity index 78%
rename from tests/keyguard_device_test.cpp
rename to tests/gatekeeper_device_test.cpp
index b3f3b21..c5ad9c3 100644
--- a/tests/keyguard_device_test.cpp
+++ b/tests/gatekeeper_device_test.cpp
@@ -14,39 +14,39 @@
* limitations under the License.
*/
#include <gtest/gtest.h>
-#include <hardware/keyguard.h>
+#include <hardware/gatekeeper.h>
using ::testing::Test;
-class KeyguardDeviceTest : public virtual Test {
+class GateKeeperDeviceTest : public virtual Test {
public:
- KeyguardDeviceTest() {}
- virtual ~KeyguardDeviceTest() {}
+ GateKeeperDeviceTest() {}
+ virtual ~GateKeeperDeviceTest() {}
virtual void SetUp() {
- keyguard_device_initialize(&device);
+ gatekeeper_device_initialize(&device);
}
virtual void TearDown() {
- keyguard_close(device);
+ gatekeeper_close(device);
}
- static void keyguard_device_initialize(keyguard_device_t **dev) {
+ static void gatekeeper_device_initialize(gatekeeper_device_t **dev) {
int ret;
const hw_module_t *mod;
- ret = hw_get_module_by_class(KEYGUARD_HARDWARE_MODULE_ID, NULL, &mod);
+ ret = hw_get_module_by_class(GATEKEEPER_HARDWARE_MODULE_ID, NULL, &mod);
ASSERT_EQ(0, ret);
- ret = keyguard_open(mod, dev);
+ ret = gatekeeper_open(mod, dev);
ASSERT_EQ(0, ret);
}
- keyguard_device_t *device;
+ gatekeeper_device_t *device;
};
-TEST_F(KeyguardDeviceTest, EnrollAndVerify) {
+TEST_F(GateKeeperDeviceTest, EnrollAndVerify) {
size_t password_len = 50;
uint8_t password_payload[password_len];
uint8_t *password_handle;
@@ -66,7 +66,7 @@
ASSERT_EQ(0, ret);
}
-TEST_F(KeyguardDeviceTest, EnrollAndVerifyBadPassword) {
+TEST_F(GateKeeperDeviceTest, EnrollAndVerifyBadPassword) {
size_t password_len = 50;
uint8_t password_payload[password_len];
uint8_t *password_handle;
diff --git a/tests/keyguard_messages_test.cpp b/tests/gatekeeper_messages_test.cpp
similarity index 95%
rename from tests/keyguard_messages_test.cpp
rename to tests/gatekeeper_messages_test.cpp
index fd70c07..e58db04 100644
--- a/tests/keyguard_messages_test.cpp
+++ b/tests/gatekeeper_messages_test.cpp
@@ -19,14 +19,14 @@
#include <stdlib.h>
#include <stdio.h>
-#include <keyguard/keyguard_messages.h>
+#include <gatekeeper/gatekeeper_messages.h>
-using ::keyguard::SizedBuffer;
+using ::gatekeeper::SizedBuffer;
using ::testing::Test;
-using ::keyguard::EnrollRequest;
-using ::keyguard::EnrollResponse;
-using ::keyguard::VerifyRequest;
-using ::keyguard::VerifyResponse;
+using ::gatekeeper::EnrollRequest;
+using ::gatekeeper::EnrollResponse;
+using ::gatekeeper::VerifyRequest;
+using ::gatekeeper::VerifyResponse;
using std::cout;
using std::endl;
@@ -57,7 +57,7 @@
deserialized_req.Deserialize(serialized_req, serialized_req + req.GetSerializedSize());
delete[] serialized_req;
- ASSERT_EQ(keyguard::keyguard_error_t::KG_ERROR_OK,
+ ASSERT_EQ(gatekeeper::gatekeeper_error_t::ERROR_NONE,
deserialized_req.error);
deserialized_password = &deserialized_req.provided_password;
@@ -84,7 +84,7 @@
deserialized_req.Deserialize(serialized_req, serialized_req + req.GetSerializedSize());
delete[] serialized_req;
- ASSERT_EQ(keyguard::keyguard_error_t::KG_ERROR_OK,
+ ASSERT_EQ(gatekeeper::gatekeeper_error_t::ERROR_NONE,
deserialized_req.error);
deserialized_password = &deserialized_req.provided_password;
@@ -113,7 +113,7 @@
deserialized_req.Deserialize(serialized_req, serialized_req + req.GetSerializedSize());
delete[] serialized_req;
- ASSERT_EQ(keyguard::keyguard_error_t::KG_ERROR_OK,
+ ASSERT_EQ(gatekeeper::gatekeeper_error_t::ERROR_NONE,
deserialized_req.error);
deserialized_password = &deserialized_req.provided_password;
@@ -143,7 +143,7 @@
deserialized_req.Deserialize(serialized_req, serialized_req + req.GetSerializedSize());
delete[] serialized_req;
- ASSERT_EQ(keyguard::keyguard_error_t::KG_ERROR_OK,
+ ASSERT_EQ(gatekeeper::gatekeeper_error_t::ERROR_NONE,
deserialized_req.error);
deserialized_password = &deserialized_req.enrolled_password_handle;
@@ -164,7 +164,7 @@
VerifyRequest deserialized_req;
deserialized_req.Deserialize(serialized_req, serialized_req + req.GetSerializedSize());
- ASSERT_EQ(keyguard::keyguard_error_t::KG_ERROR_OK,
+ ASSERT_EQ(gatekeeper::gatekeeper_error_t::ERROR_NONE,
deserialized_req.error);
ASSERT_EQ(USER_ID, deserialized_req.user_id);
@@ -190,7 +190,7 @@
deserialized_req.Deserialize(serialized_req, serialized_req + req.GetSerializedSize());
delete[] serialized_req;
- ASSERT_EQ(keyguard::keyguard_error_t::KG_ERROR_OK,
+ ASSERT_EQ(gatekeeper::gatekeeper_error_t::ERROR_NONE,
deserialized_req.error);
ASSERT_EQ(USER_ID, deserialized_req.user_id);
diff --git a/tests/keyguard_test.cpp b/tests/gatekeeper_test.cpp
similarity index 66%
rename from tests/keyguard_test.cpp
rename to tests/gatekeeper_test.cpp
index 02a6c34..2c91295 100644
--- a/tests/keyguard_test.cpp
+++ b/tests/gatekeeper_test.cpp
@@ -18,21 +18,21 @@
#include <UniquePtr.h>
#include <iostream>
-#include <keyguard/soft_keyguard.h>
+#include <gatekeeper/soft_gatekeeper.h>
-using ::keyguard::SizedBuffer;
+using ::gatekeeper::SizedBuffer;
using ::testing::Test;
-using ::keyguard::EnrollRequest;
-using ::keyguard::EnrollResponse;
-using ::keyguard::VerifyRequest;
-using ::keyguard::VerifyResponse;
-using ::keyguard::SoftKeyguard;
-using ::keyguard::AuthToken;
-using ::keyguard::secure_id_t;
+using ::gatekeeper::EnrollRequest;
+using ::gatekeeper::EnrollResponse;
+using ::gatekeeper::VerifyRequest;
+using ::gatekeeper::VerifyResponse;
+using ::gatekeeper::SoftGateKeeper;
+using ::gatekeeper::AuthToken;
+using ::gatekeeper::secure_id_t;
-class TestKeyguardFileIo : public ::keyguard::KeyguardFileIo {
+class TestGateKeeperFileIo : public ::gatekeeper::GateKeeperFileIo {
public:
- TestKeyguardFileIo() {
+ TestGateKeeperFileIo() {
bytes_.length = 0;
}
@@ -56,7 +56,7 @@
SizedBuffer bytes_;
};
-static void do_enroll(SoftKeyguard &keyguard, EnrollResponse *response) {
+static void do_enroll(SoftGateKeeper &gatekeeper, EnrollResponse *response) {
SizedBuffer password;
password.buffer.reset(new uint8_t[16]);
@@ -64,30 +64,30 @@
memset(password.buffer.get(), 0, 16);
EnrollRequest request(0, NULL, &password, NULL);
- keyguard.Enroll(request, response);
+ gatekeeper.Enroll(request, response);
}
-TEST(KeyguardTest, EnrollSuccess) {
- SoftKeyguard keyguard(new TestKeyguardFileIo());
+TEST(GateKeeperTest, EnrollSuccess) {
+ SoftGateKeeper gatekeeper(new TestGateKeeperFileIo());
EnrollResponse response;
- do_enroll(keyguard, &response);
- ASSERT_EQ(::keyguard::keyguard_error_t::KG_ERROR_OK, response.error);
+ do_enroll(gatekeeper, &response);
+ ASSERT_EQ(::gatekeeper::gatekeeper_error_t::ERROR_NONE, response.error);
}
-TEST(KeyguardTest, EnrollBogusData) {
- SoftKeyguard keyguard(new TestKeyguardFileIo());
+TEST(GateKeeperTest, EnrollBogusData) {
+ SoftGateKeeper gatekeeper(new TestGateKeeperFileIo());
SizedBuffer password;
EnrollResponse response;
EnrollRequest request(0, NULL, &password, NULL);
- keyguard.Enroll(request, &response);
+ gatekeeper.Enroll(request, &response);
- ASSERT_EQ(::keyguard::keyguard_error_t::KG_ERROR_INVALID, response.error);
+ ASSERT_EQ(::gatekeeper::gatekeeper_error_t::ERROR_INVALID, response.error);
}
-TEST(KeyguardTest, VerifySuccess) {
- SoftKeyguard keyguard(new TestKeyguardFileIo());
+TEST(GateKeeperTest, VerifySuccess) {
+ SoftGateKeeper gatekeeper(new TestGateKeeperFileIo());
SizedBuffer provided_password;
EnrollResponse enroll_response;
@@ -95,15 +95,15 @@
provided_password.length = 16;
memset(provided_password.buffer.get(), 0, 16);
- do_enroll(keyguard, &enroll_response);
- ASSERT_EQ(::keyguard::keyguard_error_t::KG_ERROR_OK, enroll_response.error);
+ do_enroll(gatekeeper, &enroll_response);
+ ASSERT_EQ(::gatekeeper::gatekeeper_error_t::ERROR_NONE, enroll_response.error);
VerifyRequest request(0, &enroll_response.enrolled_password_handle,
&provided_password);
VerifyResponse response;
- keyguard.Verify(request, &response);
+ gatekeeper.Verify(request, &response);
- ASSERT_EQ(::keyguard::keyguard_error_t::KG_ERROR_OK, response.error);
+ ASSERT_EQ(::gatekeeper::gatekeeper_error_t::ERROR_NONE, response.error);
AuthToken *auth_token =
reinterpret_cast<AuthToken *>(response.auth_token.buffer.get());
@@ -114,24 +114,24 @@
ASSERT_NE((uint64_t) 0, auth_token->auxiliary_secure_user_id);
}
-TEST(KeyguardTest, VerifyBadPwFile) {
- TestKeyguardFileIo *fw = new TestKeyguardFileIo();
- SoftKeyguard keyguard(fw);
+TEST(GateKeeperTest, VerifyBadPwFile) {
+ TestGateKeeperFileIo *fw = new TestGateKeeperFileIo();
+ SoftGateKeeper gatekeeper(fw);
SizedBuffer provided_password;
EnrollResponse enroll_response;
provided_password.buffer.reset(new uint8_t[16]);
provided_password.length = 16;
memset(provided_password.buffer.get(), 0, 16);
- do_enroll(keyguard, &enroll_response);
- ASSERT_EQ(::keyguard::keyguard_error_t::KG_ERROR_OK, enroll_response.error);
+ do_enroll(gatekeeper, &enroll_response);
+ ASSERT_EQ(::gatekeeper::gatekeeper_error_t::ERROR_NONE, enroll_response.error);
VerifyRequest request(0, &enroll_response.enrolled_password_handle,
&provided_password);
VerifyResponse response;
fw->bytes_.buffer.reset();
- keyguard.Verify(request, &response);
- ASSERT_EQ(::keyguard::keyguard_error_t::KG_ERROR_OK, response.error);
+ gatekeeper.Verify(request, &response);
+ ASSERT_EQ(::gatekeeper::gatekeeper_error_t::ERROR_NONE, response.error);
AuthToken *auth_token =
reinterpret_cast<AuthToken *>(response.auth_token.buffer.get());
@@ -142,8 +142,8 @@
ASSERT_EQ((uint64_t) 0, auth_token->auxiliary_secure_user_id);
}
-TEST(KeyguardTest, TrustedReEnroll) {
- SoftKeyguard keyguard(new TestKeyguardFileIo());
+TEST(GateKeeperTest, TrustedReEnroll) {
+ SoftGateKeeper gatekeeper(new TestGateKeeperFileIo());
SizedBuffer provided_password;
EnrollResponse enroll_response;
SizedBuffer password_handle;
@@ -152,8 +152,8 @@
provided_password.buffer.reset(new uint8_t[16]);
provided_password.length = 16;
memset(provided_password.buffer.get(), 0, 16);
- do_enroll(keyguard, &enroll_response);
- ASSERT_EQ(::keyguard::keyguard_error_t::KG_ERROR_OK, enroll_response.error);
+ do_enroll(gatekeeper, &enroll_response);
+ ASSERT_EQ(::gatekeeper::gatekeeper_error_t::ERROR_NONE, enroll_response.error);
// keep a copy of the handle
password_handle.buffer.reset(new uint8_t[enroll_response.enrolled_password_handle.length]);
@@ -165,8 +165,8 @@
VerifyRequest request(0, &enroll_response.enrolled_password_handle,
&provided_password);
VerifyResponse response;
- keyguard.Verify(request, &response);
- ASSERT_EQ(::keyguard::keyguard_error_t::KG_ERROR_OK, response.error);
+ gatekeeper.Verify(request, &response);
+ ASSERT_EQ(::gatekeeper::gatekeeper_error_t::ERROR_NONE, response.error);
AuthToken *auth_token =
reinterpret_cast<AuthToken *>(response.auth_token.buffer.get());
@@ -181,8 +181,8 @@
memset(password.buffer.get(), 1, 16);
password.length = 16;
EnrollRequest enroll_request(0, &password_handle, &password, &provided_password);
- keyguard.Enroll(enroll_request, &enroll_response);
- ASSERT_EQ(::keyguard::keyguard_error_t::KG_ERROR_OK, enroll_response.error);
+ gatekeeper.Enroll(enroll_request, &enroll_response);
+ ASSERT_EQ(::gatekeeper::gatekeeper_error_t::ERROR_NONE, enroll_response.error);
// verify new password
password.buffer.reset(new uint8_t[16]);
@@ -190,15 +190,15 @@
password.length = 16;
VerifyRequest new_request(0, &enroll_response.enrolled_password_handle,
&password);
- keyguard.Verify(new_request, &response);
- ASSERT_EQ(::keyguard::keyguard_error_t::KG_ERROR_OK, response.error);
+ gatekeeper.Verify(new_request, &response);
+ ASSERT_EQ(::gatekeeper::gatekeeper_error_t::ERROR_NONE, response.error);
ASSERT_EQ(secure_id,
reinterpret_cast<AuthToken *>(response.auth_token.buffer.get())->root_secure_user_id);
}
-TEST(KeyguardTest, UntrustedReEnroll) {
- SoftKeyguard keyguard(new TestKeyguardFileIo());
+TEST(GateKeeperTest, UntrustedReEnroll) {
+ SoftGateKeeper gatekeeper(new TestGateKeeperFileIo());
SizedBuffer provided_password;
EnrollResponse enroll_response;
@@ -206,15 +206,15 @@
provided_password.buffer.reset(new uint8_t[16]);
provided_password.length = 16;
memset(provided_password.buffer.get(), 0, 16);
- do_enroll(keyguard, &enroll_response);
- ASSERT_EQ(::keyguard::keyguard_error_t::KG_ERROR_OK, enroll_response.error);
+ do_enroll(gatekeeper, &enroll_response);
+ ASSERT_EQ(::gatekeeper::gatekeeper_error_t::ERROR_NONE, enroll_response.error);
// verify first password
VerifyRequest request(0, &enroll_response.enrolled_password_handle,
&provided_password);
VerifyResponse response;
- keyguard.Verify(request, &response);
- ASSERT_EQ(::keyguard::keyguard_error_t::KG_ERROR_OK, response.error);
+ gatekeeper.Verify(request, &response);
+ ASSERT_EQ(::gatekeeper::gatekeeper_error_t::ERROR_NONE, response.error);
AuthToken *auth_token =
reinterpret_cast<AuthToken *>(response.auth_token.buffer.get());
@@ -226,8 +226,8 @@
memset(password.buffer.get(), 1, 16);
password.length = 16;
EnrollRequest enroll_request(0, NULL, &password, NULL);
- keyguard.Enroll(enroll_request, &enroll_response);
- ASSERT_EQ(::keyguard::keyguard_error_t::KG_ERROR_OK, enroll_response.error);
+ gatekeeper.Enroll(enroll_request, &enroll_response);
+ ASSERT_EQ(::gatekeeper::gatekeeper_error_t::ERROR_NONE, enroll_response.error);
// verify new password
password.buffer.reset(new uint8_t[16]);
@@ -235,22 +235,22 @@
password.length = 16;
VerifyRequest new_request(0, &enroll_response.enrolled_password_handle,
&password);
- keyguard.Verify(new_request, &response);
- ASSERT_EQ(::keyguard::keyguard_error_t::KG_ERROR_OK, response.error);
+ gatekeeper.Verify(new_request, &response);
+ ASSERT_EQ(::gatekeeper::gatekeeper_error_t::ERROR_NONE, response.error);
ASSERT_NE(secure_id,
reinterpret_cast<AuthToken *>(response.auth_token.buffer.get())->root_secure_user_id);
}
-TEST(KeyguardTest, VerifyBogusData) {
- SoftKeyguard keyguard(new TestKeyguardFileIo());
+TEST(GateKeeperTest, VerifyBogusData) {
+ SoftGateKeeper gatekeeper(new TestGateKeeperFileIo());
SizedBuffer provided_password;
SizedBuffer password_handle;
VerifyResponse response;
VerifyRequest request(0, &provided_password, &password_handle);
- keyguard.Verify(request, &response);
+ gatekeeper.Verify(request, &response);
- ASSERT_EQ(::keyguard::keyguard_error_t::KG_ERROR_INVALID, response.error);
+ ASSERT_EQ(::gatekeeper::gatekeeper_error_t::ERROR_INVALID, response.error);
}