Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / system / core / 851b57c1f81bd3572cf5908611ba029be934c706^! / .
commit851b57c1f81bd3572cf5908611ba029be934c706[log] [tgz]
authorAndres Morales <anmorales@google.com>Thu Apr 09 19:23:48 2015 -0700
committerAndres Morales <anmorales@google.com>Fri Apr 10 19:56:07 2015 -0700
tree783505d76341c9b8af324dce165767de2156f60a
parent9bbd0a5c92ed92c295d2f5ab3befdf3efe490bc9 [diff]
Add challenge to verify call

required for enrolling secondary auth form factors

Change-Id: Ia3e1d47f988bca1bb1a0e713c000886e60b4e839

diff --git a/gatekeeperd/IGateKeeperService.cpp b/gatekeeperd/IGateKeeperService.cpp
index 133df4c..933b975 100644
--- a/gatekeeperd/IGateKeeperService.cpp
+++ b/gatekeeperd/IGateKeeperService.cpp

@@ -68,6 +68,7 @@
         case VERIFY: {
             CHECK_INTERFACE(IGateKeeperService, data, reply);
             uint32_t uid = data.readInt32();
+            uint64_t challenge = data.readInt64();
             ssize_t currentPasswordHandleSize = data.readInt32();
             const uint8_t *currentPasswordHandle =
                     static_cast<const uint8_t *>(data.readInplace(currentPasswordHandleSize));
@@ -78,8 +79,8 @@
                 static_cast<const uint8_t *>(data.readInplace(currentPasswordSize));
             if (!currentPassword) currentPasswordSize = 0;
 
-            status_t ret = verify(uid, (uint8_t *) currentPasswordHandle, currentPasswordHandleSize,
-                    (uint8_t *) currentPassword, currentPasswordSize);
+            status_t ret = verify(uid, challenge, (uint8_t *) currentPasswordHandle,
+                    currentPasswordHandleSize, (uint8_t *) currentPassword, currentPasswordSize);
             reply->writeNoException();
             reply->writeInt32(ret == NO_ERROR ? 1 : 0);
             return NO_ERROR;

diff --git a/gatekeeperd/IGateKeeperService.h b/gatekeeperd/IGateKeeperService.h
index 7d8572c..90d3029 100644
--- a/gatekeeperd/IGateKeeperService.h
+++ b/gatekeeperd/IGateKeeperService.h

@@ -51,7 +51,7 @@
      * Verifies a password previously enrolled with the GateKeeper.
      * Returns 0 on success, negative on failure.
      */
-    virtual status_t verify(uint32_t uid,
+    virtual status_t verify(uint32_t uid, uint64_t challenge,
             const uint8_t *enrolled_password_handle, uint32_t enrolled_password_handle_length,
             const uint8_t *provided_password, uint32_t provided_password_length) = 0;
 };

diff --git a/gatekeeperd/gatekeeperd.cpp b/gatekeeperd/gatekeeperd.cpp
index 4922140..2a435a9 100644
--- a/gatekeeperd/gatekeeperd.cpp
+++ b/gatekeeperd/gatekeeperd.cpp

@@ -71,7 +71,7 @@
         return ret >= 0 ? NO_ERROR : UNKNOWN_ERROR;
     }
 
-    virtual status_t verify(uint32_t uid,
+    virtual status_t verify(uint32_t uid, uint64_t challenge,
             const uint8_t *enrolled_password_handle, uint32_t enrolled_password_handle_length,
             const uint8_t *provided_password, uint32_t provided_password_length) {
         IPCThreadState* ipc = IPCThreadState::self();
@@ -87,7 +87,7 @@
 
         uint8_t *auth_token;
         uint32_t auth_token_length;
-        int ret = device->verify(device, uid,
+        int ret = device->verify(device, uid, challenge,
                 enrolled_password_handle, enrolled_password_handle_length,
                 provided_password, provided_password_length, &auth_token, &auth_token_length);