Loading core/java/android/service/gatekeeper/GateKeeperResponse.aidl 0 → 100644 +24 −0 Original line number Diff line number Diff line /* * Copyright (C) 2015 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package android.service.gatekeeper; /** * Response object for a GateKeeper verification request. * @hide */ parcelable GateKeeperResponse; core/java/android/service/gatekeeper/GateKeeperResponse.java 0 → 100644 +120 −0 Original line number Diff line number Diff line /* * Copyright (C) 2015 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package android.service.gatekeeper; import android.os.Parcel; import android.os.Parcelable; /** * Response object for a GateKeeper verification request. * @hide */ public final class GateKeeperResponse implements Parcelable { public static final int RESPONSE_ERROR = -1; public static final int RESPONSE_OK = 0; public static final int RESPONSE_RETRY = 1; private final int mResponseCode; private int mTimeout; private byte[] mPayload; private boolean mShouldReEnroll; private GateKeeperResponse(int responseCode) { mResponseCode = responseCode; } private GateKeeperResponse(int responseCode, int timeout) { mResponseCode = responseCode; } @Override public int describeContents() { return 0; } public static final Parcelable.Creator<GateKeeperResponse> CREATOR = new Parcelable.Creator<GateKeeperResponse>() { @Override public GateKeeperResponse createFromParcel(Parcel source) { int responseCode = source.readInt(); GateKeeperResponse response = new GateKeeperResponse(responseCode); if (responseCode == RESPONSE_RETRY) { response.setTimeout(source.readInt()); } else if (responseCode == RESPONSE_OK) { response.setShouldReEnroll(source.readInt() == 1); int size = source.readInt(); if (size > 0) { byte[] payload = new byte[size]; source.readByteArray(payload); response.setPayload(payload); } } return response; } @Override public GateKeeperResponse[] newArray(int size) { return new GateKeeperResponse[size]; } }; @Override public void writeToParcel(Parcel dest, int flags) { dest.writeInt(mResponseCode); if (mResponseCode == RESPONSE_RETRY) { dest.writeInt(mTimeout); } else if (mResponseCode == RESPONSE_OK) { dest.writeInt(mShouldReEnroll ? 1 : 0); if (mPayload != null) { dest.writeInt(mPayload.length); dest.writeByteArray(mPayload); } } } public byte[] getPayload() { return mPayload; } public int getTimeout() { return mTimeout; } public boolean getShouldReEnroll() { return mShouldReEnroll; } public int getResponseCode() { return mResponseCode; } private void setTimeout(int timeout) { mTimeout = timeout; } private void setShouldReEnroll(boolean shouldReEnroll) { mShouldReEnroll = shouldReEnroll; } private void setPayload(byte[] payload) { mPayload = payload; } } core/java/android/service/gatekeeper/IGateKeeperService.aidl +9 −7 Original line number Diff line number Diff line Loading @@ -16,6 +16,8 @@ package android.service.gatekeeper; import android.service.gatekeeper.GateKeeperResponse; /** * Interface for communication with GateKeeper, the * secure password storage daemon. Loading @@ -34,9 +36,9 @@ interface IGateKeeperService { * If provided, must verify against the currentPasswordHandle. * @param desiredPassword The new desired password, for which a handle will be returned * upon success. * @return the handle corresponding to desiredPassword, or null * @return an EnrollResponse or null on failure */ byte[] enroll(int uid, in byte[] currentPasswordHandle, in byte[] currentPassword, GateKeeperResponse enroll(int uid, in byte[] currentPasswordHandle, in byte[] currentPassword, in byte[] desiredPassword); /** Loading @@ -45,10 +47,10 @@ interface IGateKeeperService { * @param enrolledPasswordHandle The handle against which the provided password will be * verified. * @param The plaintext blob to verify against enrolledPassword. * @return True if the authentication was successful * @return a VerifyResponse, or null on failure. */ boolean verify(int uid, in byte[] enrolledPasswordHandle, in byte[] providedPassword); GateKeeperResponse verify(int uid, in byte[] enrolledPasswordHandle, in byte[] providedPassword); /** * Verifies an enrolled handle against a provided, plaintext blob. * @param uid The Android user ID associated to this enrollment Loading @@ -58,9 +60,9 @@ interface IGateKeeperService { * @param enrolledPasswordHandle The handle against which the provided password will be * verified. * @param The plaintext blob to verify against enrolledPassword. * @return an opaque attestation of authentication on success, or null. * @return a VerifyResponse with an attestation, or null on failure. */ byte[] verifyChallenge(int uid, long challenge, in byte[] enrolledPasswordHandle, GateKeeperResponse verifyChallenge(int uid, long challenge, in byte[] enrolledPasswordHandle, in byte[] providedPassword); /** Loading core/java/com/android/internal/widget/ILockSettings.aidl +6 −4 Original line number Diff line number Diff line Loading @@ -16,6 +16,8 @@ package com.android.internal.widget; import com.android.internal.widget.VerifyCredentialResponse; /** {@hide} */ interface ILockSettings { void setBoolean(in String key, in boolean value, in int userId); Loading @@ -25,11 +27,11 @@ interface ILockSettings { long getLong(in String key, in long defaultValue, in int userId); String getString(in String key, in String defaultValue, in int userId); void setLockPattern(in String pattern, in String savedPattern, int userId); boolean checkPattern(in String pattern, int userId); byte[] verifyPattern(in String pattern, long challenge, int userId); VerifyCredentialResponse checkPattern(in String pattern, int userId); VerifyCredentialResponse verifyPattern(in String pattern, long challenge, int userId); void setLockPassword(in String password, in String savedPassword, int userId); boolean checkPassword(in String password, int userId); byte[] verifyPassword(in String password, long challenge, int userId); VerifyCredentialResponse checkPassword(in String password, int userId); VerifyCredentialResponse verifyPassword(in String password, long challenge, int userId); boolean checkVoldPassword(int userId); boolean havePattern(int userId); boolean havePassword(int userId); Loading core/java/com/android/internal/widget/LockPatternChecker.java +44 −10 Original line number Diff line number Diff line Loading @@ -2,6 +2,8 @@ package com.android.internal.widget; import android.os.AsyncTask; import com.android.internal.widget.LockPatternUtils.RequestThrottledException; import java.util.List; /** Loading @@ -16,8 +18,10 @@ public final class LockPatternChecker { * Invoked when a security check is finished. * * @param matched Whether the PIN/Password/Pattern matches the stored one. * @param throttleTimeoutMs The amount of time in ms to wait before reattempting * the call. Only non-0 if matched is false. */ void onChecked(boolean matched); void onChecked(boolean matched, int throttleTimeoutMs); } /** Loading @@ -28,8 +32,10 @@ public final class LockPatternChecker { * Invoked when a security verification is finished. * * @param attestation The attestation that the challenge was verified, or null. * @param throttleTimeoutMs The amount of time in ms to wait before reattempting * the call. Only non-0 if attestation is null. */ void onVerified(byte[] attestation); void onVerified(byte[] attestation, int throttleTimeoutMs); } /** Loading @@ -47,14 +53,21 @@ public final class LockPatternChecker { final int userId, final OnVerifyCallback callback) { AsyncTask<Void, Void, byte[]> task = new AsyncTask<Void, Void, byte[]>() { private int mThrottleTimeout; @Override protected byte[] doInBackground(Void... args) { try { return utils.verifyPattern(pattern, challenge, userId); } catch (RequestThrottledException ex) { mThrottleTimeout = ex.getTimeoutMs(); return null; } } @Override protected void onPostExecute(byte[] result) { callback.onVerified(result); callback.onVerified(result, mThrottleTimeout); } }; task.execute(); Loading @@ -74,14 +87,21 @@ public final class LockPatternChecker { final int userId, final OnCheckCallback callback) { AsyncTask<Void, Void, Boolean> task = new AsyncTask<Void, Void, Boolean>() { private int mThrottleTimeout; @Override protected Boolean doInBackground(Void... args) { try { return utils.checkPattern(pattern, userId); } catch (RequestThrottledException ex) { mThrottleTimeout = ex.getTimeoutMs(); return false; } } @Override protected void onPostExecute(Boolean result) { callback.onChecked(result); callback.onChecked(result, mThrottleTimeout); } }; task.execute(); Loading @@ -103,14 +123,21 @@ public final class LockPatternChecker { final int userId, final OnVerifyCallback callback) { AsyncTask<Void, Void, byte[]> task = new AsyncTask<Void, Void, byte[]>() { private int mThrottleTimeout; @Override protected byte[] doInBackground(Void... args) { try { return utils.verifyPassword(password, challenge, userId); } catch (RequestThrottledException ex) { mThrottleTimeout = ex.getTimeoutMs(); return null; } } @Override protected void onPostExecute(byte[] result) { callback.onVerified(result); callback.onVerified(result, mThrottleTimeout); } }; task.execute(); Loading @@ -130,14 +157,21 @@ public final class LockPatternChecker { final int userId, final OnCheckCallback callback) { AsyncTask<Void, Void, Boolean> task = new AsyncTask<Void, Void, Boolean>() { private int mThrottleTimeout; @Override protected Boolean doInBackground(Void... args) { try { return utils.checkPassword(password, userId); } catch (RequestThrottledException ex) { mThrottleTimeout = ex.getTimeoutMs(); return false; } } @Override protected void onPostExecute(Boolean result) { callback.onChecked(result); callback.onChecked(result, mThrottleTimeout); } }; task.execute(); Loading Loading
core/java/android/service/gatekeeper/GateKeeperResponse.aidl 0 → 100644 +24 −0 Original line number Diff line number Diff line /* * Copyright (C) 2015 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package android.service.gatekeeper; /** * Response object for a GateKeeper verification request. * @hide */ parcelable GateKeeperResponse;
core/java/android/service/gatekeeper/GateKeeperResponse.java 0 → 100644 +120 −0 Original line number Diff line number Diff line /* * Copyright (C) 2015 The Android Open Source Project * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package android.service.gatekeeper; import android.os.Parcel; import android.os.Parcelable; /** * Response object for a GateKeeper verification request. * @hide */ public final class GateKeeperResponse implements Parcelable { public static final int RESPONSE_ERROR = -1; public static final int RESPONSE_OK = 0; public static final int RESPONSE_RETRY = 1; private final int mResponseCode; private int mTimeout; private byte[] mPayload; private boolean mShouldReEnroll; private GateKeeperResponse(int responseCode) { mResponseCode = responseCode; } private GateKeeperResponse(int responseCode, int timeout) { mResponseCode = responseCode; } @Override public int describeContents() { return 0; } public static final Parcelable.Creator<GateKeeperResponse> CREATOR = new Parcelable.Creator<GateKeeperResponse>() { @Override public GateKeeperResponse createFromParcel(Parcel source) { int responseCode = source.readInt(); GateKeeperResponse response = new GateKeeperResponse(responseCode); if (responseCode == RESPONSE_RETRY) { response.setTimeout(source.readInt()); } else if (responseCode == RESPONSE_OK) { response.setShouldReEnroll(source.readInt() == 1); int size = source.readInt(); if (size > 0) { byte[] payload = new byte[size]; source.readByteArray(payload); response.setPayload(payload); } } return response; } @Override public GateKeeperResponse[] newArray(int size) { return new GateKeeperResponse[size]; } }; @Override public void writeToParcel(Parcel dest, int flags) { dest.writeInt(mResponseCode); if (mResponseCode == RESPONSE_RETRY) { dest.writeInt(mTimeout); } else if (mResponseCode == RESPONSE_OK) { dest.writeInt(mShouldReEnroll ? 1 : 0); if (mPayload != null) { dest.writeInt(mPayload.length); dest.writeByteArray(mPayload); } } } public byte[] getPayload() { return mPayload; } public int getTimeout() { return mTimeout; } public boolean getShouldReEnroll() { return mShouldReEnroll; } public int getResponseCode() { return mResponseCode; } private void setTimeout(int timeout) { mTimeout = timeout; } private void setShouldReEnroll(boolean shouldReEnroll) { mShouldReEnroll = shouldReEnroll; } private void setPayload(byte[] payload) { mPayload = payload; } }
core/java/android/service/gatekeeper/IGateKeeperService.aidl +9 −7 Original line number Diff line number Diff line Loading @@ -16,6 +16,8 @@ package android.service.gatekeeper; import android.service.gatekeeper.GateKeeperResponse; /** * Interface for communication with GateKeeper, the * secure password storage daemon. Loading @@ -34,9 +36,9 @@ interface IGateKeeperService { * If provided, must verify against the currentPasswordHandle. * @param desiredPassword The new desired password, for which a handle will be returned * upon success. * @return the handle corresponding to desiredPassword, or null * @return an EnrollResponse or null on failure */ byte[] enroll(int uid, in byte[] currentPasswordHandle, in byte[] currentPassword, GateKeeperResponse enroll(int uid, in byte[] currentPasswordHandle, in byte[] currentPassword, in byte[] desiredPassword); /** Loading @@ -45,10 +47,10 @@ interface IGateKeeperService { * @param enrolledPasswordHandle The handle against which the provided password will be * verified. * @param The plaintext blob to verify against enrolledPassword. * @return True if the authentication was successful * @return a VerifyResponse, or null on failure. */ boolean verify(int uid, in byte[] enrolledPasswordHandle, in byte[] providedPassword); GateKeeperResponse verify(int uid, in byte[] enrolledPasswordHandle, in byte[] providedPassword); /** * Verifies an enrolled handle against a provided, plaintext blob. * @param uid The Android user ID associated to this enrollment Loading @@ -58,9 +60,9 @@ interface IGateKeeperService { * @param enrolledPasswordHandle The handle against which the provided password will be * verified. * @param The plaintext blob to verify against enrolledPassword. * @return an opaque attestation of authentication on success, or null. * @return a VerifyResponse with an attestation, or null on failure. */ byte[] verifyChallenge(int uid, long challenge, in byte[] enrolledPasswordHandle, GateKeeperResponse verifyChallenge(int uid, long challenge, in byte[] enrolledPasswordHandle, in byte[] providedPassword); /** Loading
core/java/com/android/internal/widget/ILockSettings.aidl +6 −4 Original line number Diff line number Diff line Loading @@ -16,6 +16,8 @@ package com.android.internal.widget; import com.android.internal.widget.VerifyCredentialResponse; /** {@hide} */ interface ILockSettings { void setBoolean(in String key, in boolean value, in int userId); Loading @@ -25,11 +27,11 @@ interface ILockSettings { long getLong(in String key, in long defaultValue, in int userId); String getString(in String key, in String defaultValue, in int userId); void setLockPattern(in String pattern, in String savedPattern, int userId); boolean checkPattern(in String pattern, int userId); byte[] verifyPattern(in String pattern, long challenge, int userId); VerifyCredentialResponse checkPattern(in String pattern, int userId); VerifyCredentialResponse verifyPattern(in String pattern, long challenge, int userId); void setLockPassword(in String password, in String savedPassword, int userId); boolean checkPassword(in String password, int userId); byte[] verifyPassword(in String password, long challenge, int userId); VerifyCredentialResponse checkPassword(in String password, int userId); VerifyCredentialResponse verifyPassword(in String password, long challenge, int userId); boolean checkVoldPassword(int userId); boolean havePattern(int userId); boolean havePassword(int userId); Loading
core/java/com/android/internal/widget/LockPatternChecker.java +44 −10 Original line number Diff line number Diff line Loading @@ -2,6 +2,8 @@ package com.android.internal.widget; import android.os.AsyncTask; import com.android.internal.widget.LockPatternUtils.RequestThrottledException; import java.util.List; /** Loading @@ -16,8 +18,10 @@ public final class LockPatternChecker { * Invoked when a security check is finished. * * @param matched Whether the PIN/Password/Pattern matches the stored one. * @param throttleTimeoutMs The amount of time in ms to wait before reattempting * the call. Only non-0 if matched is false. */ void onChecked(boolean matched); void onChecked(boolean matched, int throttleTimeoutMs); } /** Loading @@ -28,8 +32,10 @@ public final class LockPatternChecker { * Invoked when a security verification is finished. * * @param attestation The attestation that the challenge was verified, or null. * @param throttleTimeoutMs The amount of time in ms to wait before reattempting * the call. Only non-0 if attestation is null. */ void onVerified(byte[] attestation); void onVerified(byte[] attestation, int throttleTimeoutMs); } /** Loading @@ -47,14 +53,21 @@ public final class LockPatternChecker { final int userId, final OnVerifyCallback callback) { AsyncTask<Void, Void, byte[]> task = new AsyncTask<Void, Void, byte[]>() { private int mThrottleTimeout; @Override protected byte[] doInBackground(Void... args) { try { return utils.verifyPattern(pattern, challenge, userId); } catch (RequestThrottledException ex) { mThrottleTimeout = ex.getTimeoutMs(); return null; } } @Override protected void onPostExecute(byte[] result) { callback.onVerified(result); callback.onVerified(result, mThrottleTimeout); } }; task.execute(); Loading @@ -74,14 +87,21 @@ public final class LockPatternChecker { final int userId, final OnCheckCallback callback) { AsyncTask<Void, Void, Boolean> task = new AsyncTask<Void, Void, Boolean>() { private int mThrottleTimeout; @Override protected Boolean doInBackground(Void... args) { try { return utils.checkPattern(pattern, userId); } catch (RequestThrottledException ex) { mThrottleTimeout = ex.getTimeoutMs(); return false; } } @Override protected void onPostExecute(Boolean result) { callback.onChecked(result); callback.onChecked(result, mThrottleTimeout); } }; task.execute(); Loading @@ -103,14 +123,21 @@ public final class LockPatternChecker { final int userId, final OnVerifyCallback callback) { AsyncTask<Void, Void, byte[]> task = new AsyncTask<Void, Void, byte[]>() { private int mThrottleTimeout; @Override protected byte[] doInBackground(Void... args) { try { return utils.verifyPassword(password, challenge, userId); } catch (RequestThrottledException ex) { mThrottleTimeout = ex.getTimeoutMs(); return null; } } @Override protected void onPostExecute(byte[] result) { callback.onVerified(result); callback.onVerified(result, mThrottleTimeout); } }; task.execute(); Loading @@ -130,14 +157,21 @@ public final class LockPatternChecker { final int userId, final OnCheckCallback callback) { AsyncTask<Void, Void, Boolean> task = new AsyncTask<Void, Void, Boolean>() { private int mThrottleTimeout; @Override protected Boolean doInBackground(Void... args) { try { return utils.checkPassword(password, userId); } catch (RequestThrottledException ex) { mThrottleTimeout = ex.getTimeoutMs(); return false; } } @Override protected void onPostExecute(Boolean result) { callback.onChecked(result); callback.onChecked(result, mThrottleTimeout); } }; task.execute(); Loading
