diff options
-rw-r--r-- | gatekeeper.cpp | 14 | ||||
-rw-r--r-- | gatekeeper_messages.cpp | 3 | ||||
-rw-r--r-- | include/gatekeeper/gatekeeper.h | 16 | ||||
-rw-r--r-- | include/gatekeeper/gatekeeper_messages.h | 40 | ||||
-rw-r--r-- | rules.mk | 2 |
5 files changed, 74 insertions, 1 deletions
diff --git a/gatekeeper.cpp b/gatekeeper.cpp index 9d77947..57be100 100644 --- a/gatekeeper.cpp +++ b/gatekeeper.cpp @@ -163,6 +163,20 @@ void GateKeeper::Verify(const VerifyRequest &request, VerifyResponse *response) } } +void GateKeeper::DeleteUser(const DeleteUserRequest &request, DeleteUserResponse *response) { + if (response == nullptr) return; + + uint32_t uid = request.user_id; + response->error = RemoveUser(uid); +} + +void GateKeeper::DeleteAllUsers(const DeleteAllUsersRequest &/*request*/, + DeleteAllUsersResponse *response) { + if (response == nullptr) return; + + response->error = RemoveAllUsers(); +} + bool GateKeeper::CreatePasswordHandle(SizedBuffer *password_handle_buffer, salt_t salt, secure_id_t user_id, uint64_t flags, uint8_t handle_version, const SizedBuffer & password) { if (password_handle_buffer == nullptr) return false; diff --git a/gatekeeper_messages.cpp b/gatekeeper_messages.cpp index 1e5b1f5..3b78664 100644 --- a/gatekeeper_messages.cpp +++ b/gatekeeper_messages.cpp @@ -296,5 +296,8 @@ gatekeeper_error_t EnrollResponse::nonErrorDeserialize(const uint8_t *payload, c return read_from_buffer(&payload, end, &enrolled_password_handle); } +DeleteUserRequest::DeleteUserRequest(uint32_t user_id) { + this->user_id = user_id; +} }; diff --git a/include/gatekeeper/gatekeeper.h b/include/gatekeeper/gatekeeper.h index 27d4f32..62f0b34 100644 --- a/include/gatekeeper/gatekeeper.h +++ b/include/gatekeeper/gatekeeper.h @@ -44,6 +44,8 @@ public: void Enroll(const EnrollRequest &request, EnrollResponse *response); void Verify(const VerifyRequest &request, VerifyResponse *response); + void DeleteUser(const DeleteUserRequest &request, DeleteUserResponse *response); + void DeleteAllUsers(const DeleteAllUsersRequest &request, DeleteAllUsersResponse *response); protected: @@ -115,6 +117,20 @@ protected: virtual uint64_t GetMillisecondsSinceBoot() const = 0; /** + * Removes all records for the given user. + * + * Returns true if the user's records were successfully deleted. + */ + virtual gatekeeper_error_t RemoveUser(uint32_t /* uid */) { return ERROR_NOT_IMPLEMENTED; } + + /** + * Removes all records. + * + * Returns true if the records were successfully deleted. + */ + virtual gatekeeper_error_t RemoveAllUsers() { return ERROR_NOT_IMPLEMENTED; } + + /** * Returns the value of the current failure record for the user. * * The failure record should be written to hardware-backed secure storage, such as diff --git a/include/gatekeeper/gatekeeper_messages.h b/include/gatekeeper/gatekeeper_messages.h index 82fdbcd..ec33f18 100644 --- a/include/gatekeeper/gatekeeper_messages.h +++ b/include/gatekeeper/gatekeeper_messages.h @@ -36,6 +36,7 @@ typedef enum { ERROR_RETRY = 2, ERROR_UNKNOWN = 3, ERROR_MEMORY_ALLOCATION_FAILED = 4, + ERROR_NOT_IMPLEMENTED = 5, } gatekeeper_error_t; struct SizedBuffer { @@ -231,6 +232,45 @@ public: SizedBuffer enrolled_password_handle; }; + +struct DeleteUserRequest : public GateKeeperMessage { + DeleteUserRequest(uint32_t user_id); + DeleteUserRequest() = default; + + uint32_t nonErrorSerializedSize() const override { return 0; } + void nonErrorSerialize(uint8_t * /*buffer*/) const override {} + gatekeeper_error_t nonErrorDeserialize( + const uint8_t * /*payload*/, const uint8_t * /*end*/) override { return ERROR_NONE; } +}; + +struct DeleteUserResponse : public GateKeeperMessage { + DeleteUserResponse() {} + + uint32_t nonErrorSerializedSize() const override { return 0; } + void nonErrorSerialize(uint8_t * /*buffer*/) const override {} + gatekeeper_error_t nonErrorDeserialize( + const uint8_t * /*payload*/, const uint8_t * /*end*/) override { return ERROR_NONE; } +}; + + +struct DeleteAllUsersRequest : public GateKeeperMessage { + DeleteAllUsersRequest() {}; + + uint32_t nonErrorSerializedSize() const override { return 0; } + void nonErrorSerialize(uint8_t * /*buffer*/) const override {} + gatekeeper_error_t nonErrorDeserialize( + const uint8_t * /*payload*/, const uint8_t * /*end*/) override { return ERROR_NONE; } +}; + +struct DeleteAllUsersResponse : public GateKeeperMessage { + DeleteAllUsersResponse() {} + + uint32_t nonErrorSerializedSize() const override { return 0; } + void nonErrorSerialize(uint8_t * /*buffer*/) const override {} + gatekeeper_error_t nonErrorDeserialize( + const uint8_t * /*payload*/, const uint8_t * /*end*/) override { return ERROR_NONE; } +}; + } #endif // GATEKEEPER_MESSAGES_H_ @@ -8,7 +8,7 @@ MODULE_SRCS := \ GLOBAL_INCLUDES += $(LOCAL_DIR)/include/ -MODULE_CPPFLAGS := -std=c++11 +MODULE_CPPFLAGS := -std=c++11 -Werror -Wunused-parameter MODULE_INCLUDES := \ $(LOCAL_DIR)/../../hardware/libhardware/include |