#include <string>
#include <sys/stat.h>
#include <unistd.h>
-#include <hal/hal-security-auth-error.h>
+#include <hal/hal-security-auth-types.h>
#include "util/ipassword.h"
#include "util/log.h"
{
LOGD("hal_backend_security_auth::write_memory_to_file");
if(user_id != m_user)
- return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
+ return HAL_SECURITY_AUTH_ERROR_INPUT_PARAM;
std::string pwdFile = create_dir(RW_DATA_DIR, m_user) + PASSWORD_FILE;
PasswordFileBuffer pwdBuffer;
LOGD(" user: " << m_user << ", max_attempt: " << m_maxAttempt <<
if (chmod(pwdFile.c_str(), FILE_MODE)) {
LOGE(" Failed to chmod for " << pwdFile << " Error: " << errnoToString());
}
- return AUTH_PASSWD_API_SUCCESS;
+ return HAL_SECURITY_AUTH_ERROR_NONE;
}
int hal_backend_security_auth::write_attempt_to_file(uid_t user_id) const
{
LOGD("hal_backend_security_auth::write_attempt_to_file");
if(user_id != m_user)
- return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
+ return HAL_SECURITY_AUTH_ERROR_INPUT_PARAM;
std::string attemptFile = create_dir(RW_DATA_DIR, m_user) + ATTEMPT_FILE;
std::ofstream AttemptFile(attemptFile, std::ofstream::trunc);
LOGE(" Failed to synchronize a file's state.");
AttemptFile.close();
- return AUTH_PASSWD_API_SUCCESS;
+ return HAL_SECURITY_AUTH_ERROR_NONE;
}
int hal_backend_security_auth::set_password(uid_t user_id, const char* password)
{
LOGD("hal_backend_security_auth::set_password");
if(user_id != m_user || password == nullptr)
- return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
+ return HAL_SECURITY_AUTH_ERROR_INPUT_PARAM;
if (password[0] == '\0') {
m_passwordCurrent.reset(new NoPassword());
m_passwordActive = false;
m_passwordActive = true;
}
- return AUTH_PASSWD_API_SUCCESS;
+ LOGD("hal_backend_security_auth::set_password: m_passwordActive=" << m_passwordActive);
+ return HAL_SECURITY_AUTH_ERROR_NONE;
}
int hal_backend_security_auth::check_password(uid_t user_id, const char* password)
{
LOGD("hal_backend_security_auth::check_password");
if(user_id != m_user || password == nullptr)
- return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
- return m_passwordCurrent->match(password) ? AUTH_PASSWD_API_SUCCESS : AUTH_PASSWD_API_ERROR_PASSWORD_MISMATCH;
+ return HAL_SECURITY_AUTH_ERROR_INPUT_PARAM;
+ return m_passwordCurrent->match(password) ? HAL_SECURITY_AUTH_ERROR_NONE : HAL_SECURITY_AUTH_ERROR_PASSWORD_MISMATCH;
}
int hal_backend_security_auth::set_max_history_size(uid_t user_id, unsigned int history_size)
{
LOGD("hal_backend_security_auth::set_max_history_size");
if(user_id != m_user)
- return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
+ return HAL_SECURITY_AUTH_ERROR_INPUT_PARAM;
// put current password in history
if (m_maxHistorySize == 0 && history_size > 0)
m_passwordHistory.push_front(m_passwordCurrent);
while (m_passwordHistory.size() > history_size)
m_passwordHistory.pop_back();
- return AUTH_PASSWD_API_SUCCESS;
+ return HAL_SECURITY_AUTH_ERROR_NONE;
}
int hal_backend_security_auth::get_max_history_size(uid_t user_id, unsigned int *history_size) const
{
LOGD("hal_backend_security_auth::get_max_history_size");
if(user_id != m_user)
- return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
+ return HAL_SECURITY_AUTH_ERROR_INPUT_PARAM;
*history_size = m_maxHistorySize;
- return AUTH_PASSWD_API_SUCCESS;
+ return HAL_SECURITY_AUTH_ERROR_NONE;
}
int hal_backend_security_auth::get_expire_time(uid_t user_id, unsigned int *expire_time) const
{
LOGD("hal_backend_security_auth::get_expire_time");
if(user_id != m_user)
- return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
+ return HAL_SECURITY_AUTH_ERROR_INPUT_PARAM;
*expire_time = m_expireTime;
LOGE(" *expire_time : "<<m_expireTime);
- return AUTH_PASSWD_API_SUCCESS;
+ return HAL_SECURITY_AUTH_ERROR_NONE;
}
int hal_backend_security_auth::set_expire_time(uid_t user_id, unsigned int expire_time)
{
LOGD("hal_backend_security_auth::set_expire_time m_expireTime: " << m_expireTime);
if(user_id != m_user)
- return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
+ return HAL_SECURITY_AUTH_ERROR_INPUT_PARAM;
m_expireTime = expire_time;
LOGD(" expire_time : "<< m_expireTime);
- return AUTH_PASSWD_API_SUCCESS;
+ return HAL_SECURITY_AUTH_ERROR_NONE;
}
int hal_backend_security_auth::get_attempt(uid_t user_id, unsigned int *attempt) const
{
LOGD("hal_backend_security_auth::get_attempt");
if(user_id != m_user)
- return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
+ return HAL_SECURITY_AUTH_ERROR_INPUT_PARAM;
*attempt = m_attempt;
- return AUTH_PASSWD_API_SUCCESS;
+ return HAL_SECURITY_AUTH_ERROR_NONE;
}
int hal_backend_security_auth::set_expire_time_left(uid_t user_id, unsigned int expire_time_left)
{
LOGD("hal_backend_security_auth::set_expire_time_left");
if(user_id != m_user)
- return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
+ return HAL_SECURITY_AUTH_ERROR_INPUT_PARAM;
m_expireTimeLeft = expire_time_left;
LOGD(" expire_time_left : "<<m_expireTimeLeft);
- return AUTH_PASSWD_API_SUCCESS;
+ return HAL_SECURITY_AUTH_ERROR_NONE;
}
int hal_backend_security_auth::get_expire_time_left(uid_t user_id, unsigned int *expire_time_left) const
LOGD("hal_backend_security_auth::get_expire_time_left");
//calculate left secs by the time of password expiration
if(user_id != m_user)
- return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
+ return HAL_SECURITY_AUTH_ERROR_INPUT_PARAM;
if (m_expireTimeLeft != PASSWORD_INFINITE_EXPIRATION_TIME) {
LOGD(" not eq m_expireTimeLeft : " << m_expireTimeLeft << " PIET : " << PASSWORD_INFINITE_EXPIRATION_TIME);
LOGD(" expire_time_left : " << *expire_time_left);
}
- return AUTH_PASSWD_API_SUCCESS;
+ return HAL_SECURITY_AUTH_ERROR_NONE;
}
int hal_backend_security_auth::reset_attempt(uid_t user_id)
{
LOGD("hal_backend_security_auth::reset_attempt");
if(user_id != m_user)
- return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
+ return HAL_SECURITY_AUTH_ERROR_INPUT_PARAM;
m_attempt = 0;
- return AUTH_PASSWD_API_SUCCESS;
+ return HAL_SECURITY_AUTH_ERROR_NONE;
}
int hal_backend_security_auth::increment_attempt(uid_t user_id)
{
LOGD("hal_backend_security_auth::increment_attempt");
if(user_id != m_user)
- return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
+ return HAL_SECURITY_AUTH_ERROR_INPUT_PARAM;
m_attempt++;
- return AUTH_PASSWD_API_SUCCESS;
+ return HAL_SECURITY_AUTH_ERROR_NONE;
}
int hal_backend_security_auth::get_max_attempt(uid_t user_id, unsigned int *max_attempt) const
LOGD("hal_backend_security_auth::get_max_attempt");
if(user_id != m_user)
- return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
+ return HAL_SECURITY_AUTH_ERROR_INPUT_PARAM;
*max_attempt = m_maxAttempt;
- return AUTH_PASSWD_API_SUCCESS;
+ return HAL_SECURITY_AUTH_ERROR_NONE;
}
int hal_backend_security_auth::set_max_attempt(uid_t user_id, unsigned int max_attempt)
LOGD("hal_backend_security_auth::set_max_attempt");
if(user_id != m_user)
- return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
+ return HAL_SECURITY_AUTH_ERROR_INPUT_PARAM;
m_maxAttempt = max_attempt;
- return AUTH_PASSWD_API_SUCCESS;
+ return HAL_SECURITY_AUTH_ERROR_NONE;
}
int hal_backend_security_auth::is_password_active(uid_t user_id) const
{
LOGD("hal_backend_security_auth::is_password_active");
+ LOGD("hal_backend_security_auth::is_password_active: user_id=" << user_id << ", m_user=" << m_user <<", m_passwordActive=" << m_passwordActive);
if(user_id != m_user)
- return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
- return m_passwordActive ? AUTH_PASSWD_API_SUCCESS : AUTH_PASSWD_API_ERROR_STATUS;
+ return HAL_SECURITY_AUTH_ERROR_INPUT_PARAM;
+ return m_passwordActive ? HAL_SECURITY_AUTH_ERROR_NONE : HAL_SECURITY_AUTH_ERROR_STATUS;
}
int hal_backend_security_auth::is_password_reused(uid_t user_id, const char* password) const
{
LOGD("hal_backend_security_auth::is_password_reused");
if(user_id != m_user)
- return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
+ return HAL_SECURITY_AUTH_ERROR_INPUT_PARAM;
LOGD(" user_id : "<< m_user << " history_size: " <<
m_passwordHistory.size() << ", max_history_size: " << m_maxHistorySize);
return pwd->match(password);
})) {
LOGE(" password match!");
- return AUTH_PASSWD_API_SUCCESS;
+ return HAL_SECURITY_AUTH_ERROR_NONE;
}
LOGE(" Failed isPasswordReused: No passwords match");
- return AUTH_PASSWD_API_ERROR_STATUS;
+ return HAL_SECURITY_AUTH_ERROR_STATUS;
}
int hal_backend_security_auth::check_expiration(uid_t user_id) const
{
LOGD("hal_backend_security_auth::check_expiration");
if(user_id != m_user)
- return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
+ return HAL_SECURITY_AUTH_ERROR_INPUT_PARAM;
LOGD(" m_expireTimeLeft : " << m_expireTimeLeft << " PIET : "<< PASSWORD_INFINITE_EXPIRATION_TIME << " time: " << time(NULL) << " m_eTLeft : " << m_expireTimeLeft);
- return ((m_expireTimeLeft != PASSWORD_INFINITE_EXPIRATION_TIME) && (time(NULL) > m_expireTimeLeft)) ? AUTH_PASSWD_API_ERROR_PASSWORD_EXPIRED : AUTH_PASSWD_API_SUCCESS;
+ return ((m_expireTimeLeft != PASSWORD_INFINITE_EXPIRATION_TIME) && (time(NULL) > m_expireTimeLeft)) ? HAL_SECURITY_AUTH_ERROR_PASSWORD_EXPIRED : HAL_SECURITY_AUTH_ERROR_NONE;
}
int hal_backend_security_auth::check_attempt_exceeded(uid_t user_id) const
LOGD("hal_backend_security_auth::check_attempt_exceeded");
LOGD(" m_maxAttempt : " << m_maxAttempt << " P_I_A_C : " << PASSWORD_INFINITE_ATTEMPT_COUNT << " m_attempt : " << m_attempt);
if(user_id != m_user)
- return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
- return ((m_maxAttempt != PASSWORD_INFINITE_ATTEMPT_COUNT) && (m_attempt > m_maxAttempt)) ? AUTH_PASSWD_API_ERROR_PASSWORD_MAX_ATTEMPTS_EXCEEDED : AUTH_PASSWD_API_SUCCESS;
+ return HAL_SECURITY_AUTH_ERROR_INPUT_PARAM;
+ return ((m_maxAttempt != PASSWORD_INFINITE_ATTEMPT_COUNT) && (m_attempt > m_maxAttempt)) ? HAL_SECURITY_AUTH_ERROR_PASSWORD_MAX_ATTEMPTS_EXCEEDED : HAL_SECURITY_AUTH_ERROR_NONE;
}
int hal_backend_security_auth::is_ignore_period(uid_t user_id) const
{
LOGD("hal_backend_security_auth::is_ignore_period");
if(user_id != m_user)
- return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
+ return HAL_SECURITY_AUTH_ERROR_INPUT_PARAM;
TimePoint retryTimerStop = ClockType::now();
TimeDiff diff = retryTimerStop - m_retryTimerStart;
m_retryTimerStart = retryTimerStop;
- return (diff.count() < RETRY_TIMEOUT) ? AUTH_PASSWD_API_SUCCESS : AUTH_PASSWD_API_ERROR_PASSWORD_RETRY_TIMER;
+ return (diff.count() < RETRY_TIMEOUT) ? HAL_SECURITY_AUTH_ERROR_NONE : HAL_SECURITY_AUTH_ERROR_PASSWORD_RETRY_TIMER;
}
int hal_backend_security_auth::is_history_active(uid_t user_id) const
{
LOGD("hal_backend_security_auth::is_history_active");
if(user_id != m_user)
- return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
- return (m_maxHistorySize != 0) ? AUTH_PASSWD_API_SUCCESS : AUTH_PASSWD_API_ERROR_STATUS;
+ return HAL_SECURITY_AUTH_ERROR_INPUT_PARAM;
+ return (m_maxHistorySize != 0) ? HAL_SECURITY_AUTH_ERROR_NONE : HAL_SECURITY_AUTH_ERROR_STATUS;
}
int hal_backend_security_auth::get_password_type(uid_t user_id,
{
LOGD("hal_backend_security_auth::get_password_type");
if(user_id != m_user)
- return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
+ return HAL_SECURITY_AUTH_ERROR_INPUT_PARAM;
*password_type = m_passwordType;
- return AUTH_PASSWD_API_SUCCESS;
+ return HAL_SECURITY_AUTH_ERROR_NONE;
}
int hal_backend_security_auth::set_password_type(uid_t user_id,
{
LOGD("hal_backend_security_auth::set_password_type");
if(user_id != m_user)
- return AUTH_PASSWD_API_ERROR_INPUT_PARAM;
+ return HAL_SECURITY_AUTH_ERROR_INPUT_PARAM;
m_passwordType = password_type;
- return AUTH_PASSWD_API_SUCCESS;
+ return HAL_SECURITY_AUTH_ERROR_NONE;
}
uid_t hal_backend_security_auth::get_user_id() const
{
LOGD("security_auth_create_password_file");
g_auth_instance = get_hal_backend_security_auth_instance(user_id, password_type);
- return g_auth_instance ? 0: -ENOTSUP;
+ return g_auth_instance ? HAL_SECURITY_AUTH_ERROR_NONE: HAL_SECURITY_AUTH_ERROR_HAL_INIT_FAIL;
}
int security_auth_write_memory_to_file(uid_t user_id)
{
- return g_auth_instance ? g_auth_instance->write_memory_to_file(user_id) : -ENOTSUP;
+ return g_auth_instance ? g_auth_instance->write_memory_to_file(user_id) : HAL_SECURITY_AUTH_ERROR_HAL_INIT_FAIL;
}
int security_auth_write_attempt_to_file(uid_t user_id)
{
- return g_auth_instance ? g_auth_instance->write_attempt_to_file(user_id) : -ENOTSUP;
+ return g_auth_instance ? g_auth_instance->write_attempt_to_file(user_id) : HAL_SECURITY_AUTH_ERROR_HAL_INIT_FAIL;
}
int security_auth_set_password(uid_t user_id, const char* password)
{
- return g_auth_instance ? g_auth_instance->set_password(user_id, password) : -ENOTSUP;
+ return g_auth_instance ? g_auth_instance->set_password(user_id, password) : HAL_SECURITY_AUTH_ERROR_HAL_INIT_FAIL;
}
int security_auth_check_password(uid_t user_id, const char* password)
{
- return g_auth_instance ? g_auth_instance->check_password(user_id, password) : -ENOTSUP;
+ return g_auth_instance ? g_auth_instance->check_password(user_id, password) : HAL_SECURITY_AUTH_ERROR_HAL_INIT_FAIL;
}
int security_auth_set_max_history_size(uid_t user_id, unsigned int history_size)
{
- return g_auth_instance ? g_auth_instance->set_max_history_size(user_id, history_size) : -ENOTSUP;
+ return g_auth_instance ? g_auth_instance->set_max_history_size(user_id, history_size) : HAL_SECURITY_AUTH_ERROR_HAL_INIT_FAIL;
}
int security_auth_get_max_history_size(uid_t user_id, unsigned int *history_size)
{
- return g_auth_instance ? g_auth_instance->get_max_history_size(user_id, history_size) : -ENOTSUP;
+ return g_auth_instance ? g_auth_instance->get_max_history_size(user_id, history_size) : HAL_SECURITY_AUTH_ERROR_HAL_INIT_FAIL;
}
int security_auth_get_expire_time(uid_t user_id, unsigned int *expire_time)
{
- return g_auth_instance ? g_auth_instance->get_expire_time(user_id, expire_time) : -ENOTSUP;
+ return g_auth_instance ? g_auth_instance->get_expire_time(user_id, expire_time) : HAL_SECURITY_AUTH_ERROR_HAL_INIT_FAIL;
}
int security_auth_set_expire_time(uid_t user_id, unsigned int expire_time)
{
- return g_auth_instance ? g_auth_instance->set_expire_time(user_id, expire_time) : -ENOTSUP;
+ return g_auth_instance ? g_auth_instance->set_expire_time(user_id, expire_time) : HAL_SECURITY_AUTH_ERROR_HAL_INIT_FAIL;
}
int security_auth_get_attempt(uid_t user_id, unsigned int *attempt)
{
- return g_auth_instance ? g_auth_instance->get_attempt(user_id, attempt) : -ENOTSUP;
+ return g_auth_instance ? g_auth_instance->get_attempt(user_id, attempt) : HAL_SECURITY_AUTH_ERROR_HAL_INIT_FAIL;
}
int security_auth_reset_attempt(uid_t user_id)
{
- return g_auth_instance ? g_auth_instance->reset_attempt(user_id) : -ENOTSUP;
+ return g_auth_instance ? g_auth_instance->reset_attempt(user_id) : HAL_SECURITY_AUTH_ERROR_HAL_INIT_FAIL;
}
int security_auth_increment_attempt(uid_t user_id)
{
- return g_auth_instance ? g_auth_instance->increment_attempt(user_id) : -ENOTSUP;
+ return g_auth_instance ? g_auth_instance->increment_attempt(user_id) : HAL_SECURITY_AUTH_ERROR_HAL_INIT_FAIL;
}
int security_auth_get_max_attempt(uid_t user_id, unsigned int *max_attempt)
{
- return g_auth_instance ? g_auth_instance->get_max_attempt(user_id, max_attempt) : -ENOTSUP;
+ return g_auth_instance ? g_auth_instance->get_max_attempt(user_id, max_attempt) : HAL_SECURITY_AUTH_ERROR_HAL_INIT_FAIL;
}
int security_auth_set_max_attempt(uid_t user_id, unsigned int max_attempt)
{
- return g_auth_instance ? g_auth_instance->set_max_attempt(user_id, max_attempt) : -ENOTSUP;
+ return g_auth_instance ? g_auth_instance->set_max_attempt(user_id, max_attempt) : HAL_SECURITY_AUTH_ERROR_HAL_INIT_FAIL;
}
int security_auth_get_expire_time_left(uid_t user_id, unsigned int *expire_time_left)
{
- return g_auth_instance ? g_auth_instance->get_expire_time_left(user_id, expire_time_left) : -ENOTSUP;
+ return g_auth_instance ? g_auth_instance->get_expire_time_left(user_id, expire_time_left) : HAL_SECURITY_AUTH_ERROR_HAL_INIT_FAIL;
}
int security_auth_set_expire_time_left(uid_t user_id, unsigned int expire_time_left)
{
- return g_auth_instance ? g_auth_instance->set_expire_time_left(user_id, expire_time_left) : -ENOTSUP;
+ return g_auth_instance ? g_auth_instance->set_expire_time_left(user_id, expire_time_left) : HAL_SECURITY_AUTH_ERROR_HAL_INIT_FAIL;
}
int security_auth_is_password_active(uid_t user_id)
{
- return g_auth_instance ? g_auth_instance->is_password_active(user_id) : -ENOTSUP;
+ return g_auth_instance ? g_auth_instance->is_password_active(user_id) : HAL_SECURITY_AUTH_ERROR_HAL_INIT_FAIL;
}
int security_auth_is_password_reused(uid_t user_id, const char* password)
{
- return g_auth_instance ? g_auth_instance->is_password_reused(user_id, password) : -ENOTSUP;
+ return g_auth_instance ? g_auth_instance->is_password_reused(user_id, password) : HAL_SECURITY_AUTH_ERROR_HAL_INIT_FAIL;
}
int security_auth_check_expiration(uid_t user_id)
{
- return g_auth_instance ? g_auth_instance->check_expiration(user_id) : -ENOTSUP;
+ return g_auth_instance ? g_auth_instance->check_expiration(user_id) : HAL_SECURITY_AUTH_ERROR_HAL_INIT_FAIL;
}
int security_auth_check_attempt_exceeded(uid_t user_id)
{
- return g_auth_instance ? g_auth_instance->check_attempt_exceeded(user_id) : -ENOTSUP;
+ return g_auth_instance ? g_auth_instance->check_attempt_exceeded(user_id) : HAL_SECURITY_AUTH_ERROR_HAL_INIT_FAIL;
}
int security_auth_is_ignore_period(uid_t user_id)
{
- return g_auth_instance ? g_auth_instance->is_ignore_period(user_id) : -ENOTSUP;
+ return g_auth_instance ? g_auth_instance->is_ignore_period(user_id) : HAL_SECURITY_AUTH_ERROR_HAL_INIT_FAIL;
}
int security_auth_is_history_active(uid_t user_id)
{
- return g_auth_instance ? g_auth_instance->is_history_active(user_id) : -ENOTSUP;
+ return g_auth_instance ? g_auth_instance->is_history_active(user_id) : HAL_SECURITY_AUTH_ERROR_HAL_INIT_FAIL;
}
int security_auth_get_password_type(uid_t user_id,
hal_security_auth_password_type_e *password_type)
{
- return g_auth_instance ? g_auth_instance->get_password_type(user_id, password_type) : -ENOTSUP;
+ return g_auth_instance ? g_auth_instance->get_password_type(user_id, password_type) : HAL_SECURITY_AUTH_ERROR_HAL_INIT_FAIL;
}
static int security_auth_backend_init(void **data)
projects / platform / hal / backend / emulator / security-auth.git / commitdiff