1 /*
2 * Copyright (C) 2015 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include <hardware/hardware.h>
18 #include <hardware/gatekeeper.h>
19 #define LOG_TAG "GoldfishGatekeeper"
20 #include <cutils/log.h>
21
22 #include <string.h>
23 #include <errno.h>
24 #include <stdlib.h>
25
26 #include "SoftGateKeeper.h"
27 #include "SoftGateKeeperDevice.h"
28
29 using goldfish::SoftGateKeeperDevice;
30
31 struct goldfish_gatekeeper_device {
32 gatekeeper_device device;
33 SoftGateKeeperDevice *s_gatekeeper;
34 };
35
36 static goldfish_gatekeeper_device s_device;
37
enroll(const struct gatekeeper_device * dev __unused,uint32_t uid,const uint8_t * current_password_handle,uint32_t current_password_handle_length,const uint8_t * current_password,uint32_t current_password_length,const uint8_t * desired_password,uint32_t desired_password_length,uint8_t ** enrolled_password_handle,uint32_t * enrolled_password_handle_length)38 static int enroll(const struct gatekeeper_device *dev __unused, uint32_t uid,
39 const uint8_t *current_password_handle, uint32_t current_password_handle_length,
40 const uint8_t *current_password, uint32_t current_password_length,
41 const uint8_t *desired_password, uint32_t desired_password_length,
42 uint8_t **enrolled_password_handle, uint32_t *enrolled_password_handle_length) {
43
44 SoftGateKeeperDevice *s_gatekeeper = ((goldfish_gatekeeper_device*)(dev))->s_gatekeeper;
45 ALOGE("called %s with gate keeper %p device %p\n", __func__, s_gatekeeper, dev);
46 if (s_gatekeeper == nullptr) {
47 abort();
48 return -EINVAL;
49 }
50
51 return s_gatekeeper->enroll(uid,
52 current_password_handle, current_password_handle_length,
53 current_password, current_password_length,
54 desired_password, desired_password_length,
55 enrolled_password_handle, enrolled_password_handle_length);
56 }
57
verify(const struct gatekeeper_device * dev __unused,uint32_t uid,uint64_t challenge,const uint8_t * enrolled_password_handle,uint32_t enrolled_password_handle_length,const uint8_t * provided_password,uint32_t provided_password_length,uint8_t ** auth_token,uint32_t * auth_token_length,bool * request_reenroll)58 static int verify(const struct gatekeeper_device *dev __unused, uint32_t uid, uint64_t challenge,
59 const uint8_t *enrolled_password_handle, uint32_t enrolled_password_handle_length,
60 const uint8_t *provided_password, uint32_t provided_password_length,
61 uint8_t **auth_token, uint32_t *auth_token_length, bool *request_reenroll) {
62 SoftGateKeeperDevice *s_gatekeeper = ((goldfish_gatekeeper_device*)(dev))->s_gatekeeper;
63 ALOGE("called %s with gate keeper %p device %p\n", __func__, s_gatekeeper, dev);
64 if (s_gatekeeper == nullptr) return -EINVAL;
65 return s_gatekeeper->verify(uid, challenge,
66 enrolled_password_handle, enrolled_password_handle_length,
67 provided_password, provided_password_length,
68 auth_token, auth_token_length, request_reenroll);
69 }
70
close_device(hw_device_t * dev __unused)71 static int close_device(hw_device_t* dev __unused) {
72 SoftGateKeeperDevice *s_gatekeeper = ((goldfish_gatekeeper_device*)(dev))->s_gatekeeper;
73 if (s_gatekeeper == nullptr) return 0;
74 delete s_gatekeeper;
75 s_gatekeeper = nullptr;
76 ALOGE("called %s with gate keeper %p device %p\n", __func__, s_gatekeeper, dev);
77 return 0;
78 }
79
goldfish_gatekeeper_open(const hw_module_t * module,const char * name,hw_device_t ** device)80 static int goldfish_gatekeeper_open(const hw_module_t *module, const char *name,
81 hw_device_t **device) {
82
83 if (strcmp(name, HARDWARE_GATEKEEPER) != 0) {
84 abort();
85 return -EINVAL;
86 }
87
88 memset(&s_device, 0, sizeof(s_device));
89
90 SoftGateKeeperDevice *s_gatekeeper = new SoftGateKeeperDevice();
91 if (s_gatekeeper == nullptr) return -ENOMEM;
92
93 s_device.s_gatekeeper = s_gatekeeper;
94
95 s_device.device.common.tag = HARDWARE_DEVICE_TAG;
96 s_device.device.common.version = 1;
97 s_device.device.common.module = const_cast<hw_module_t *>(module);
98 s_device.device.common.close = close_device;
99
100 s_device.device.enroll = enroll;
101 s_device.device.verify = verify;
102 s_device.device.delete_user = nullptr;
103 s_device.device.delete_all_users = nullptr;
104
105 *device = &s_device.device.common;
106 ALOGE("called %s with gate keeper %p device %p\n", __func__, s_gatekeeper, *device);
107
108 return 0;
109 }
110
111 static struct hw_module_methods_t gatekeeper_module_methods = {
112 .open = goldfish_gatekeeper_open,
113 };
114
115 struct gatekeeper_module HAL_MODULE_INFO_SYM __attribute__((visibility("default"))) = {
116 .common = {
117 .tag = HARDWARE_MODULE_TAG,
118 .module_api_version = GATEKEEPER_MODULE_API_VERSION_0_1,
119 .hal_api_version = HARDWARE_HAL_API_VERSION,
120 .id = GATEKEEPER_HARDWARE_MODULE_ID,
121 .name = "Goldfish GateKeeper HAL",
122 .author = "The Android Open Source Project",
123 .methods = &gatekeeper_module_methods,
124 .dso = 0,
125 .reserved = {}
126 },
127 };
128