remove softgatekeeper device
now implemented directly in GateKeeperD
Change-Id: I1afda4a4d32b746bd7ab4079ad96f0dd4d9fdc6e
diff --git a/softgatekeeper/Android.mk b/softgatekeeper/Android.mk
deleted file mode 100644
index 7851ea2..0000000
--- a/softgatekeeper/Android.mk
+++ /dev/null
@@ -1,32 +0,0 @@
-# Copyright (C) 2012 The Android Open Source Project
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-LOCAL_PATH := $(call my-dir)
-
-include $(CLEAR_VARS)
-ifeq ($(USE_32_BIT_KEYSTORE), true)
-LOCAL_MULTILIB := 32
-endif
-LOCAL_MODULE := gatekeeper.default
-LOCAL_MODULE_RELATIVE_PATH := hw
-LOCAL_SRC_FILES := \
- module.cpp \
- soft_gatekeeper_device.cpp
-LOCAL_CFLAGS = -fvisibility=hidden -Wall -Werror
-LOCAL_SHARED_LIBRARIES := libcrypto libgatekeeper
-LOCAL_STATIC_LIBRARIES := libscrypt_static
-LOCAL_C_INCLUDES := external/scrypt/lib/crypto
-LOCAL_MODULE_TAGS := optional
-LOCAL_ADDITIONAL_DEPENDENCIES := $(LOCAL_PATH)/Android.mk
-include $(BUILD_SHARED_LIBRARY)
diff --git a/softgatekeeper/module.cpp b/softgatekeeper/module.cpp
deleted file mode 100644
index 4c0b624..0000000
--- a/softgatekeeper/module.cpp
+++ /dev/null
@@ -1,21 +0,0 @@
-/*
- * Copyright (C) 2012 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-#include "soft_gatekeeper_device.h"
-
-extern struct gatekeeper_module soft_gatekeeper_device_module;
-
-struct gatekeeper_module HAL_MODULE_INFO_SYM __attribute__((visibility("default")))
- = soft_gatekeeper_device_module;
diff --git a/softgatekeeper/soft_gatekeeper_device.cpp b/softgatekeeper/soft_gatekeeper_device.cpp
deleted file mode 100644
index c16b639..0000000
--- a/softgatekeeper/soft_gatekeeper_device.cpp
+++ /dev/null
@@ -1,171 +0,0 @@
-/*
- * Copyright 2015 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include "soft_gatekeeper_device.h"
-
-__attribute__((visibility("default")))
-int softgatekeeper_device_open(const hw_module_t *module, const char *name, hw_device_t **device) {
- if (device == NULL || strcmp(name, HARDWARE_GATEKEEPER) != 0)
- return -EINVAL;
-
- gatekeeper::SoftGateKeeperDevice *dev = new gatekeeper::SoftGateKeeperDevice(module);
- if (dev == NULL)
- return -ENOMEM;
-
- *device = reinterpret_cast<hw_device_t *>(dev);
- return 0;
-}
-
-static struct hw_module_methods_t gatekeeper_module_methods = {
- .open = softgatekeeper_device_open,
-};
-
-__attribute__((visibility("default")))
-struct gatekeeper_module soft_gatekeeper_device_module = {
- .common =
- {
- .tag = HARDWARE_MODULE_TAG,
- .module_api_version = GATEKEEPER_MODULE_API_VERSION_0_1,
- .hal_api_version = HARDWARE_HAL_API_VERSION,
- .id = GATEKEEPER_HARDWARE_MODULE_ID,
- .name = "GateKeeper SCrypt HAL",
- .author = "The Android Open Source Project",
- .methods = &gatekeeper_module_methods,
- .dso = 0,
- .reserved = {},
- },
-};
-
-namespace gatekeeper {
-
-SoftGateKeeperDevice::SoftGateKeeperDevice(const hw_module_t *module)
- : impl_(new SoftGateKeeper()) {
-#if __cplusplus >= 201103L || defined(__GXX_EXPERIMENTAL_CXX0X__)
- static_assert(std::is_standard_layout<SoftGateKeeperDevice>::value,
- "SoftGateKeeperDevice must be standard layout");
- static_assert(offsetof(SoftGateKeeperDevice, device_) == 0,
- "device_ must be the first member of KeymasterOpenSsl");
- static_assert(offsetof(SoftGateKeeperDevice, device_.common) == 0,
- "common must be the first member of keymaster_device");
-#else
- assert(reinterpret_cast<gatekeeper_device*>(this) == &device_);
- assert(reinterpret_cast<hw_device_t*>(this) == &(device_.common));
-#endif
-
- memset(&device_, 0, sizeof(device_));
- device_.common.tag = HARDWARE_DEVICE_TAG;
- device_.common.version = 1;
- device_.common.module = const_cast<hw_module_t *>(module);
- device_.common.close = close_device;
-
- device_.verify = Verify;
- device_.enroll = Enroll;
-}
-
-hw_device_t *SoftGateKeeperDevice::hw_device() {
- return &device_.common;
-}
-
-static inline SoftGateKeeperDevice *convert_device(const struct gatekeeper_device *dev) {
- return reinterpret_cast<SoftGateKeeperDevice *>(const_cast<gatekeeper_device *>(dev));
-}
-
-/* static */
-int SoftGateKeeperDevice::close_device(hw_device_t* dev) {
- delete reinterpret_cast<SoftGateKeeperDevice *>(dev);
- return 0;
-}
-
-int SoftGateKeeperDevice::Enroll(const struct gatekeeper_device *dev, uint32_t uid,
- const uint8_t *current_password_handle, uint32_t current_password_handle_length,
- const uint8_t *current_password, uint32_t current_password_length,
- const uint8_t *desired_password, uint32_t desired_password_length,
- uint8_t **enrolled_password_handle, uint32_t *enrolled_password_handle_length) {
-
- if (dev == NULL ||
- enrolled_password_handle == NULL || enrolled_password_handle_length == NULL ||
- desired_password == NULL || desired_password_length == 0)
- return -EINVAL;
-
- // Current password and current password handle go together
- if (current_password_handle == NULL || current_password_handle_length == 0 ||
- current_password == NULL || current_password_length == 0) {
- current_password_handle = NULL;
- current_password_handle_length = 0;
- current_password = NULL;
- current_password_length = 0;
- }
-
- SizedBuffer desired_password_buffer(desired_password_length);
- memcpy(desired_password_buffer.buffer.get(), desired_password, desired_password_length);
-
- SizedBuffer current_password_handle_buffer(current_password_handle_length);
- if (current_password_handle) {
- memcpy(current_password_handle_buffer.buffer.get(), current_password_handle,
- current_password_handle_length);
- }
-
- SizedBuffer current_password_buffer(current_password_length);
- if (current_password) {
- memcpy(current_password_buffer.buffer.get(), current_password, current_password_length);
- }
-
- EnrollRequest request(uid, ¤t_password_handle_buffer, &desired_password_buffer,
- ¤t_password_buffer);
- EnrollResponse response;
-
- convert_device(dev)->impl_->Enroll(request, &response);
-
- if (response.error != ERROR_NONE)
- return -EINVAL;
-
- *enrolled_password_handle = response.enrolled_password_handle.buffer.release();
- *enrolled_password_handle_length = response.enrolled_password_handle.length;
- return 0;
-}
-
-int SoftGateKeeperDevice::Verify(const struct gatekeeper_device *dev, uint32_t uid,
- uint64_t challenge, const uint8_t *enrolled_password_handle,
- uint32_t enrolled_password_handle_length, const uint8_t *provided_password,
- uint32_t provided_password_length, uint8_t **auth_token, uint32_t *auth_token_length) {
-
- if (dev == NULL || enrolled_password_handle == NULL ||
- provided_password == NULL) {
- return -EINVAL;
- }
-
- SizedBuffer password_handle_buffer(enrolled_password_handle_length);
- memcpy(password_handle_buffer.buffer.get(), enrolled_password_handle,
- enrolled_password_handle_length);
- SizedBuffer provided_password_buffer(provided_password_length);
- memcpy(provided_password_buffer.buffer.get(), provided_password, provided_password_length);
-
- VerifyRequest request(uid, challenge, &password_handle_buffer, &provided_password_buffer);
- VerifyResponse response;
-
- convert_device(dev)->impl_->Verify(request, &response);
-
- if (response.error != ERROR_NONE)
- return -EINVAL;
-
- if (auth_token != NULL && auth_token_length != NULL) {
- *auth_token = response.auth_token.buffer.release();
- *auth_token_length = response.auth_token.length;
- }
-
- return 0;
-}
-};
diff --git a/softgatekeeper/soft_gatekeeper_device.h b/softgatekeeper/soft_gatekeeper_device.h
deleted file mode 100644
index 0b8a8aa..0000000
--- a/softgatekeeper/soft_gatekeeper_device.h
+++ /dev/null
@@ -1,82 +0,0 @@
-/*
- * Copyright 2015 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef SOFT_GATEKEEPER_DEVICE_H_
-#define SOFT_GATEKEEPER_DEVICE_H_
-
-#include <gatekeeper/soft_gatekeeper.h>
-#include <hardware/gatekeeper.h>
-#include <UniquePtr.h>
-
-namespace gatekeeper {
-
-/**
- * Software based GateKeeper implementation
- *
- * IMPORTANT MAINTAINER NOTE: Pointers to instances of this class must be castable to hw_device_t
- * and gatekeeper. This means it must remain a standard layout class (no virtual functions and
- * no data members which aren't standard layout), and device_ must be the first data member.
- * Assertions in the constructor validate compliance with those constraints.
- */
-class SoftGateKeeperDevice {
-public:
- SoftGateKeeperDevice(const hw_module_t *module);
-
- hw_device_t *hw_device();
-
-private:
- static int close_device(hw_device_t* dev);
-
- // Wrappers to translate the gatekeeper HAL API to the Kegyuard Messages API.
-
- /**
- * Enrolls password_payload, which should be derived from a user selected pin or password,
- * with the authentication factor private key used only for enrolling authentication
- * factor data.
- *
- * Returns: 0 on success or an error code less than 0 on error.
- * On error, enrolled_password_handle will not be allocated.
- */
- static int Enroll(const struct gatekeeper_device *dev, uint32_t uid,
- const uint8_t *current_password_handle, uint32_t current_password_handle_length,
- const uint8_t *current_password, uint32_t current_password_length,
- const uint8_t *desired_password, uint32_t desired_password_length,
- uint8_t **enrolled_password_handle, uint32_t *enrolled_password_handle_length);
- /**
- * Verifies provided_password matches enrolled_password_handle.
- *
- * Implementations of this module may retain the result of this call
- * to attest to the recency of authentication.
- *
- * On success, writes the address of a verification token to auth_token,
- * usable to attest password verification to other trusted services. Clients
- * may pass NULL for this value.
- *
- * Returns: 0 on success or an error code less than 0 on error
- * On error, verification token will not be allocated
- */
- static int Verify(const struct gatekeeper_device *dev, uint32_t uid, uint64_t challenge,
- const uint8_t *enrolled_password_handle, uint32_t enrolled_password_handle_length,
- const uint8_t *provided_password, uint32_t provided_password_length,
- uint8_t **auth_token, uint32_t *auth_token_length);
-
- gatekeeper_device device_;
- UniquePtr<GateKeeper> impl_;
-};
-
-} // namespace gatekeeper
-
-#endif //SOFT_GATEKEEPER_DEVICE_H_
