| /system/gatekeeper/tests/ |
| D | gatekeeper_device_test.cpp | 59 uint8_t *auth_token; in TEST_F() local
71 password_payload, password_len, &auth_token, &auth_token_len, &should_reenroll); in TEST_F()
82 uint8_t *auth_token; in TEST_F() local
94 password_payload, password_len, &auth_token, &auth_token_len, &should_reenroll); in TEST_F()
98 hat = reinterpret_cast<hw_auth_token_t *>(auth_token); in TEST_F()
109 uint8_t *auth_token = NULL; in TEST_F() local
126 password_payload, password_len, &auth_token, &auth_token_len, in TEST_F()
129 ASSERT_EQ(NULL, auth_token); in TEST_F()
143 password_payload, password_len, &auth_token, &auth_token_len, in TEST_F()
154 uint8_t *auth_token = NULL; in TEST_F() local
[all …]
|
| D | gatekeeper_messages_test.cpp | 194 deserialized_password = &deserialized_msg.auth_token; in TEST()
196 ASSERT_EQ(0, memcmp(msg.auth_token.Data<uint8_t>(), deserialized_password->Data<uint8_t>(), in TEST()
|
| /system/keymaster/android_keymaster/ |
| D | keymaster_enforcement.cpp | 286 const hw_auth_token_t* auth_token; in AuthorizeBegin() local
288 if (!GetAndValidateAuthToken(operation_params, &auth_token, &token_auth_type)) { in AuthorizeBegin()
292 uint64_t token_timestamp_millis = ntoh(auth_token->timestamp); in AuthorizeBegin()
451 const hw_auth_token_t** auth_token, in GetAndValidateAuthToken() argument
459 if (auth_token_blob.data_length != sizeof(**auth_token)) { in GetAndValidateAuthToken()
465 *auth_token = reinterpret_cast<const hw_auth_token_t*>(auth_token_blob.data); in GetAndValidateAuthToken()
466 if ((*auth_token)->version != HW_AUTH_TOKEN_VERSION) { in GetAndValidateAuthToken()
468 (*auth_token)->version, HW_AUTH_TOKEN_VERSION); in GetAndValidateAuthToken()
472 if (!ValidateTokenSignature(**auth_token)) { in GetAndValidateAuthToken()
477 *token_auth_type = ntoh((*auth_token)->authenticator_type); in GetAndValidateAuthToken()
[all …]
|
| /system/keymint/ta/src/ |
| D | operation.rs | 159 auth_token: Option<HardwareAuthToken>, in begin_operation()
206 let auth_token = auth_token.ok_or_else(|| { in begin_operation() localVariable
210 auth_token, in begin_operation()
219 } else if let Some(auth_token) = auth_token { in begin_operation()
220 self.check_auth_token(auth_token, auth_info, None, None, None)?; in begin_operation()
426 auth_token: Option<HardwareAuthToken>, in op_update_aad()
429 self.with_authed_operation(op_handle, auth_token, timestamp_token, |op| { in op_update_aad()
444 auth_token: Option<HardwareAuthToken>, in op_update()
453 self.with_authed_operation(op_handle, auth_token, timestamp_token, |op| { in op_update()
508 auth_token: Option<HardwareAuthToken>, in op_finish()
[all …]
|
| D | lib.rs | 759 match self.begin_operation(req.purpose, &req.key_blob, req.params, req.auth_token) { in process_req()
818 req.auth_token, in process_req()
828 req.auth_token, in process_req()
840 req.auth_token, in process_req()
|
| /system/gatekeeper/ |
| D | gatekeeper_messages.cpp | 199 VerifyResponse::VerifyResponse(uint32_t user_id, SizedBuffer auth_token) { in VerifyResponse() argument
201 this->auth_token = move(auth_token); in VerifyResponse()
209 void VerifyResponse::SetVerificationToken(SizedBuffer auth_token) { in SetVerificationToken() argument
210 this->auth_token = move(auth_token); in SetVerificationToken()
214 return serialized_buffer_size(auth_token) + sizeof(request_reenroll); in nonErrorSerializedSize()
218 append_to_buffer(&buffer, auth_token); in nonErrorSerialize()
224 auth_token = {}; in nonErrorDeserialize()
226 gatekeeper_error_t err = read_from_buffer(&payload, end, &auth_token); in nonErrorDeserialize()
|
| D | gatekeeper.cpp | 161 SizedBuffer auth_token; in Verify() local
162 response->error = MintAuthToken(&auth_token, timestamp, in Verify()
167 response->SetVerificationToken(move(auth_token)); in Verify()
253 gatekeeper_error_t GateKeeper::MintAuthToken(SizedBuffer *auth_token, in MintAuthToken() argument
256 if (auth_token == nullptr) return ERROR_INVALID; in MintAuthToken()
291 *auth_token = { token_buffer, sizeof(hw_auth_token_t) }; in MintAuthToken()
|
| /system/security/keystore2/src/ |
| D | authorization.rs | 128 fn add_auth_token(&self, auth_token: &HardwareAuthToken) -> Result<()> { in add_auth_token()
132 ENFORCEMENTS.add_auth_token(auth_token.clone()); in add_auth_token()
234 let (auth_token, ts_token) = in get_auth_tokens_for_credstore()
236 Ok(AuthorizationTokens { authToken: auth_token, timestampToken: ts_token }) in get_auth_tokens_for_credstore()
243 fn addAuthToken(&self, auth_token: &HardwareAuthToken) -> BinderResult<()> { in addAuthToken()
245 map_or_log_err(self.add_auth_token(auth_token), Ok) in addAuthToken()
|
| D | raw_device.rs | 307 auth_token: Option<&HardwareAuthToken>, in use_key_in_one_step()
316 self.km_dev.begin(purpose, blob, operation_parameters, auth_token) in use_key_in_one_step()
|
| D | super_key.rs | 197 auth_token: &HardwareAuthToken, in decrypt()
221 Some(auth_token), in decrypt()
1022 entry.auth_token().userId == *sid || entry.auth_token().authenticatorId == *sid in try_unlock_user_with_biometric()
1030 auth_token_entry.auth_token(), in try_unlock_user_with_biometric()
1038 auth_token_entry.auth_token(), in try_unlock_user_with_biometric()
|
| D | km_compat.rs | 284 auth_token: Option<&HardwareAuthToken>, in begin()
287 KeyBlob::Raw(keyblob) => self.real.begin(purpose, keyblob, params, auth_token), in begin()
288 KeyBlob::Wrapped(keyblob) => self.soft.begin(purpose, keyblob, params, auth_token), in begin()
|
| D | enforcements.rs | 671 Some(hat.auth_token().clone()), in authorize_create()
808 let auth_token = if let Some((auth_token_entry, _)) = result { in get_auth_tokens() localVariable
841 Ok((auth_token, tst)) in get_auth_tokens()
|
| D | database.rs | 815 auth_token: HardwareAuthToken, field
821 fn new(auth_token: HardwareAuthToken, time_received: MonotonicRawTime) -> Self { in new()
822 AuthTokenEntry { auth_token, time_received } in new()
828 (sid == self.auth_token.userId || sid == self.auth_token.authenticatorId) in satisfies()
829 && ((auth_type.0 & self.auth_token.authenticatorType.0) != 0) in satisfies()
834 pub fn auth_token(&self) -> &HardwareAuthToken { in auth_token() method
835 &self.auth_token in auth_token()
840 self.auth_token in take_auth_token()
850 self.auth_token.challenge in challenge()
3208 pub fn insert_auth_token(&mut self, auth_token: &HardwareAuthToken) { in insert_auth_token()
[all …]
|
| /system/security/keystore2/src/database/ |
| D | perboot.rs | 52 AuthTokenId::from_auth_token(&self.0.auth_token).hash(state) in hash()
58 AuthTokenId::from_auth_token(&self.0.auth_token) in eq()
59 == AuthTokenId::from_auth_token(&other.0.auth_token) in eq()
|
| /system/core/trusty/keymaster/4.0/ |
| D | TrustyKeymaster4Device.cpp | 110 hw_auth_token_t* auth_token = reinterpret_cast<hw_auth_token_t*>(p.blob.data()); in injectAuthToken() local
111 auth_token->version = 0; in injectAuthToken()
112 auth_token->challenge = authToken.challenge; in injectAuthToken()
113 auth_token->user_id = authToken.userId; in injectAuthToken()
114 auth_token->authenticator_id = authToken.authenticatorId; in injectAuthToken()
115 auth_token->authenticator_type = in injectAuthToken()
117 auth_token->timestamp = htobe64(authToken.timestamp); in injectAuthToken()
118 static_assert(mac_len == sizeof(auth_token->hmac)); in injectAuthToken()
119 memcpy(auth_token->hmac, authToken.mac.data(), mac_len); in injectAuthToken()
316 request.auth_token.challenge = authToken.challenge; in verifyAuthorization()
[all …]
|
| /system/keymint/hal/src/ |
| D | keymint.rs | 198 auth_token: match authToken { in begin()
354 auth_token: match authToken { in updateAad()
382 auth_token: match authToken { in update()
411 let auth_token = match authToken { in finish() localVariable
425 auth_token: auth_token.clone(), in finish()
440 auth_token, in finish()
449 auth_token, in finish()
|
| /system/gatekeeper/include/gatekeeper/ |
| D | gatekeeper_messages.h | 187 VerifyResponse(uint32_t user_id, SizedBuffer auth_token);
190 void SetVerificationToken(SizedBuffer auth_token);
196 SizedBuffer auth_token; member
|
| D | gatekeeper.h | 195 gatekeeper_error_t MintAuthToken(SizedBuffer *auth_token, uint64_t timestamp,
|
| /system/keymint/common/ |
| D | generated.cddl | 462 auth_token: [? HardwareAuthToken],
493 auth_token: [? HardwareAuthToken],
500 auth_token: [? HardwareAuthToken],
510 auth_token: [? HardwareAuthToken],
|
| /system/keymaster/ng/ |
| D | AndroidKeymaster4Device.cpp | 290 request.auth_token.challenge = authToken.challenge; in verifyAuthorization()
291 request.auth_token.user_id = authToken.userId; in verifyAuthorization()
292 request.auth_token.authenticator_id = authToken.authenticatorId; in verifyAuthorization()
293 request.auth_token.authenticator_type = legacy_enum_conversion(authToken.authenticatorType); in verifyAuthorization()
294 request.auth_token.timestamp = authToken.timestamp; in verifyAuthorization()
296 request.auth_token.mac = mac; in verifyAuthorization()
|
| /system/keymint/wire/src/ |
| D | types.rs | 143 pub auth_token: Option<HardwareAuthToken>, field
213 pub auth_token: Option<HardwareAuthToken>, field
222 pub auth_token: Option<HardwareAuthToken>, field
234 pub auth_token: Option<HardwareAuthToken>, field
|
| /system/core/trusty/gatekeeper/ |
| D | trusty_gatekeeper.cpp | 142 sizedBuffer2AidlHWToken(response.auth_token, &rsp->hardwareAuthToken); in verify()
|
| /system/keymaster/include/keymaster/ |
| D | android_keymaster_messages.h | 979 auth_token.SerializedSize(); in SerializedSize()
985 return auth_token.Serialize(buf, end); in Serialize()
991 auth_token.Deserialize(buf_ptr, end)); in Deserialize()
996 HardwareAuthToken auth_token; member
|