| /system/keymaster/android_keymaster/ |
| D | keymaster_enforcement.cpp | 287 const hw_auth_token_t* auth_token; in AuthorizeBegin() local
289 if (!GetAndValidateAuthToken(operation_params, &auth_token, &token_auth_type)) { in AuthorizeBegin()
293 uint64_t token_timestamp_millis = ntoh(auth_token->timestamp); in AuthorizeBegin()
452 const hw_auth_token_t** auth_token, in GetAndValidateAuthToken() argument
460 if (auth_token_blob.data_length != sizeof(**auth_token)) { in GetAndValidateAuthToken()
466 *auth_token = reinterpret_cast<const hw_auth_token_t*>(auth_token_blob.data); in GetAndValidateAuthToken()
467 if ((*auth_token)->version != HW_AUTH_TOKEN_VERSION) { in GetAndValidateAuthToken()
469 (*auth_token)->version, HW_AUTH_TOKEN_VERSION); in GetAndValidateAuthToken()
473 if (!ValidateTokenSignature(**auth_token)) { in GetAndValidateAuthToken()
478 *token_auth_type = ntoh((*auth_token)->authenticator_type); in GetAndValidateAuthToken()
[all …]
|
| /system/keymint/ta/src/ |
| D | operation.rs | 167 auth_token: Option<HardwareAuthToken>, in begin_operation()
214 let auth_token = auth_token.ok_or_else(|| { in begin_operation() localVariable
218 auth_token, in begin_operation()
227 } else if let Some(auth_token) = auth_token { in begin_operation()
228 self.check_auth_token(auth_token, auth_info, None, None, None)?; in begin_operation()
434 auth_token: Option<HardwareAuthToken>, in op_update_aad()
437 self.with_authed_operation(op_handle, auth_token, timestamp_token, |op| { in op_update_aad()
452 auth_token: Option<HardwareAuthToken>, in op_update()
462 self.with_authed_operation(op_handle, auth_token, timestamp_token, |op| { in op_update()
517 auth_token: Option<HardwareAuthToken>, in op_finish()
[all …]
|
| D | lib.rs | 817 match self.begin_operation(req.purpose, &req.key_blob, req.params, req.auth_token) { in process_req()
868 req.auth_token, in process_req()
878 req.auth_token, in process_req()
890 req.auth_token, in process_req()
|
| /system/security/keystore2/src/ |
| D | authorization.rs | 109 fn add_auth_token(&self, auth_token: &HardwareAuthToken) -> Result<()> { in add_auth_token()
116 auth_token.challenge, in add_auth_token()
117 auth_token.userId, in add_auth_token()
118 auth_token.authenticatorId, in add_auth_token()
119 auth_token.authenticatorType.0, in add_auth_token()
120 auth_token.timestamp.milliSeconds, in add_auth_token()
123 ENFORCEMENTS.add_auth_token(auth_token.clone()); in add_auth_token()
218 let (auth_token, ts_token) = in get_auth_tokens_for_credstore()
220 Ok(AuthorizationTokens { authToken: auth_token, timestampToken: ts_token }) in get_auth_tokens_for_credstore()
253 fn addAuthToken(&self, auth_token: &HardwareAuthToken) -> BinderResult<()> { in addAuthToken()
[all …]
|
| D | raw_device.rs | 300 auth_token: Option<&HardwareAuthToken>, in use_key_in_one_step()
309 self.km_dev.begin(purpose, blob, operation_parameters, auth_token) in use_key_in_one_step()
|
| D | km_compat.rs | 303 auth_token: Option<&HardwareAuthToken>, in begin()
306 KeyBlob::Raw(keyblob) => self.real.begin(purpose, keyblob, params, auth_token), in begin()
307 KeyBlob::Wrapped(keyblob) => self.soft.begin(purpose, keyblob, params, auth_token), in begin()
|
| D | enforcements.rs | 626 DeferredAuthState::TimeStampRequired(hat.auth_token().clone()) in authorize_create()
704 Some(hat.auth_token().clone()), in authorize_create()
841 let auth_token = if let Some(auth_token_entry) = result { in get_auth_tokens() localVariable
874 Ok((auth_token, tst)) in get_auth_tokens()
|
| D | super_key.rs | 206 auth_token: &HardwareAuthToken, in decrypt()
230 Some(auth_token), in decrypt()
1013 entry.auth_token().userId == sid || entry.auth_token().authenticatorId == sid in try_unlock_user_with_biometric()
1021 auth_token_entry.auth_token(), in try_unlock_user_with_biometric()
1029 auth_token_entry.auth_token(), in try_unlock_user_with_biometric()
|
| D | database.rs | 835 auth_token: HardwareAuthToken, field
841 fn new(auth_token: HardwareAuthToken, time_received: BootTime) -> Self { in new()
842 AuthTokenEntry { auth_token, time_received } in new()
848 (sid == self.auth_token.userId || sid == self.auth_token.authenticatorId) in satisfies()
849 && ((auth_type.0 & self.auth_token.authenticatorType.0) != 0) in satisfies()
854 pub fn auth_token(&self) -> &HardwareAuthToken { in auth_token() method
855 &self.auth_token in auth_token()
860 self.auth_token in take_auth_token()
870 self.auth_token.challenge in challenge()
2790 pub fn insert_auth_token(&mut self, auth_token: &HardwareAuthToken) { in insert_auth_token()
[all …]
|
| /system/gatekeeper/ |
| D | gatekeeper_messages.cpp | 199 VerifyResponse::VerifyResponse(uint32_t user_id, SizedBuffer auth_token) { in VerifyResponse() argument
201 this->auth_token = move(auth_token); in VerifyResponse()
209 void VerifyResponse::SetVerificationToken(SizedBuffer auth_token) { in SetVerificationToken() argument
210 this->auth_token = move(auth_token); in SetVerificationToken()
214 return serialized_buffer_size(auth_token) + sizeof(request_reenroll); in nonErrorSerializedSize()
218 append_to_buffer(&buffer, auth_token); in nonErrorSerialize()
224 auth_token = {}; in nonErrorDeserialize()
226 gatekeeper_error_t err = read_from_buffer(&payload, end, &auth_token); in nonErrorDeserialize()
|
| D | gatekeeper.cpp | 161 SizedBuffer auth_token; in Verify() local
162 response->error = MintAuthToken(&auth_token, timestamp, in Verify()
167 response->SetVerificationToken(move(auth_token)); in Verify()
253 gatekeeper_error_t GateKeeper::MintAuthToken(SizedBuffer *auth_token, in MintAuthToken() argument
256 if (auth_token == nullptr) return ERROR_INVALID; in MintAuthToken()
291 *auth_token = { token_buffer, sizeof(hw_auth_token_t) }; in MintAuthToken()
|
| /system/security/keystore2/src/database/ |
| D | perboot.rs | 51 AuthTokenId::from_auth_token(&self.0.auth_token).hash(state) in hash()
57 AuthTokenId::from_auth_token(&self.0.auth_token) in eq()
58 == AuthTokenId::from_auth_token(&other.0.auth_token) in eq()
|
| /system/core/trusty/keymaster/4.0/ |
| D | TrustyKeymaster4Device.cpp | 110 hw_auth_token_t* auth_token = reinterpret_cast<hw_auth_token_t*>(p.blob.data()); in injectAuthToken() local
111 auth_token->version = 0; in injectAuthToken()
112 auth_token->challenge = authToken.challenge; in injectAuthToken()
113 auth_token->user_id = authToken.userId; in injectAuthToken()
114 auth_token->authenticator_id = authToken.authenticatorId; in injectAuthToken()
115 auth_token->authenticator_type = in injectAuthToken()
117 auth_token->timestamp = htobe64(authToken.timestamp); in injectAuthToken()
118 static_assert(mac_len == sizeof(auth_token->hmac)); in injectAuthToken()
119 memcpy(auth_token->hmac, authToken.mac.data(), mac_len); in injectAuthToken()
316 request.auth_token.challenge = authToken.challenge; in verifyAuthorization()
[all …]
|
| /system/keymint/hal/src/ |
| D | keymint.rs | 213 auth_token: match authToken { in begin()
373 auth_token: match authToken { in updateAad()
401 auth_token: match authToken { in update()
430 let auth_token = match authToken { in finish() localVariable
444 auth_token: auth_token.clone(), in finish()
459 auth_token, in finish()
468 auth_token, in finish()
|
| D | tests.rs | 118 auth_token: Some(HardwareAuthToken { in test_overhead_size()
|
| /system/gatekeeper/include/gatekeeper/ |
| D | gatekeeper_messages.h | 187 VerifyResponse(uint32_t user_id, SizedBuffer auth_token);
190 void SetVerificationToken(SizedBuffer auth_token);
196 SizedBuffer auth_token; member
|
| D | gatekeeper.h | 195 gatekeeper_error_t MintAuthToken(SizedBuffer *auth_token, uint64_t timestamp,
|
| /system/keymint/common/ |
| D | generated.cddl | 464 auth_token: [? HardwareAuthToken],
490 auth_token: [? HardwareAuthToken],
497 auth_token: [? HardwareAuthToken],
507 auth_token: [? HardwareAuthToken],
|
| /system/keymaster/ng/ |
| D | AndroidKeymaster4Device.cpp | 290 request.auth_token.challenge = authToken.challenge; in verifyAuthorization()
291 request.auth_token.user_id = authToken.userId; in verifyAuthorization()
292 request.auth_token.authenticator_id = authToken.authenticatorId; in verifyAuthorization()
293 request.auth_token.authenticator_type = legacy_enum_conversion(authToken.authenticatorType); in verifyAuthorization()
294 request.auth_token.timestamp = authToken.timestamp; in verifyAuthorization()
296 request.auth_token.mac = mac; in verifyAuthorization()
|
| /system/keymint/wire/src/ |
| D | types.rs | 182 pub auth_token: Option<HardwareAuthToken>, field
245 pub auth_token: Option<HardwareAuthToken>, field
254 pub auth_token: Option<HardwareAuthToken>, field
266 pub auth_token: Option<HardwareAuthToken>, field
|
| /system/gatekeeper/tests/ |
| D | gatekeeper_messages_test.cpp | 194 deserialized_password = &deserialized_msg.auth_token; in TEST()
196 ASSERT_EQ(0, memcmp(msg.auth_token.Data<uint8_t>(), deserialized_password->Data<uint8_t>(), in TEST()
|
| /system/core/trusty/gatekeeper/ |
| D | trusty_gatekeeper.cpp | 142 sizedBuffer2AidlHWToken(response.auth_token, &rsp->hardwareAuthToken); in verify()
|
| /system/keymaster/include/keymaster/ |
| D | android_keymaster_messages.h | 985 auth_token.SerializedSize(); in SerializedSize()
991 return auth_token.Serialize(buf, end); in Serialize()
997 auth_token.Deserialize(buf_ptr, end)); in Deserialize()
1002 HardwareAuthToken auth_token; member
|