You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
44 lines
1.5 KiB
44 lines
1.5 KiB
#include "AuthSecret.h"
|
|
|
|
namespace android {
|
|
namespace hardware {
|
|
namespace authsecret {
|
|
namespace V1_0 {
|
|
namespace implementation {
|
|
|
|
// Methods from ::android::hardware::authsecret::V1_0::IAuthSecret follow.
|
|
Return<void> AuthSecret::primaryUserCredential(const hidl_vec<uint8_t>& secret) {
|
|
(void)secret;
|
|
|
|
// To create a dependency on the credential, it is recommended to derive a
|
|
// different value from the provided secret for each purpose e.g.
|
|
//
|
|
// purpose1_secret = hash( "purpose1" || secret )
|
|
// purpose2_secret = hash( "purpose2" || secret )
|
|
//
|
|
// The derived values can then be used as cryptographic keys or stored
|
|
// securely for comparison in a future call.
|
|
//
|
|
// For example, a security module might require that the credential has been
|
|
// entered before it applies any updates. This can be achieved by storing a
|
|
// derived value in the module and only applying updates when the same
|
|
// derived value is presented again.
|
|
//
|
|
// This implementation does nothing.
|
|
|
|
return Void();
|
|
}
|
|
|
|
// Note: on factory reset, clear all dependency on the secret.
|
|
//
|
|
// With the example of updating a security module, the stored value must be
|
|
// cleared so that the new primary user enrolled as the approver of updates.
|
|
//
|
|
// This implementation does nothing as there is no dependence on the secret.
|
|
|
|
} // namespace implementation
|
|
} // namespace V1_0
|
|
} // namespace authsecret
|
|
} // namespace hardware
|
|
} // namespace android
|