Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / frameworks / base / 298f5dce7769d688f0e3508622f1de38d423fd0f / . / keystore / java / android / security / IKeyChainService.aidl
blob: 5a8fa07003286ad5e92cfd4ce019376b11c441d4 [file] [log] [blame]
Brian Carlstromb9a07c12011-04-11 09:03:51 -0700[diff] [blame]1/*
2 * Copyright (C) 2011 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16package android.security;
17
Robin Leeabaa0692017-02-20 20:54:22 +0000[diff] [blame]18import android.content.pm.StringParceledListSlice;
Eran Messeria1730642017-12-11 17:48:47 +0000[diff] [blame]19import android.security.keymaster.KeymasterCertificateChain;
Eran Messeri852c8f12017-11-15 05:55:52 +0000[diff] [blame]20import android.security.keystore.ParcelableKeyGenParameterSpec;
Zoltan Szatmary-Banf0ae1352014-08-18 10:48:33 +0100[diff] [blame]21
Brian Carlstromb9a07c12011-04-11 09:03:51 -0700[diff] [blame]22/**
23 * Caller is required to ensure that {@link KeyStore#unlock
24 * KeyStore.unlock} was successful.
25 *
26 * @hide
27 */
28interface IKeyChainService {
Brian Carlstrom2627d532011-05-13 12:54:24 -0700[diff] [blame]29 // APIs used by KeyChain
Kenny Root5423e682011-11-14 08:43:13 -0800[diff] [blame]30 String requestPrivateKey(String alias);
Fred Quintanaab8b84a2011-07-13 14:55:39 -0700[diff] [blame]31 byte[] getCertificate(String alias);
Rubin Xub4365912016-03-23 12:13:22 +0000[diff] [blame]32 byte[] getCaCertificates(String alias);
Eran Messeri7039f412017-11-08 01:03:30 +0000[diff] [blame]33 boolean isUserSelectable(String alias);
34 void setUserSelectable(String alias, boolean isUserSelectable);
Brian Carlstrom2627d532011-05-13 12:54:24 -0700[diff] [blame]35
Eran Messeri852c8f12017-11-15 05:55:52 +0000[diff] [blame]36 boolean generateKeyPair(in String algorithm, in ParcelableKeyGenParameterSpec spec);
Eran Messeri94d56762017-12-21 20:50:54 +0000[diff] [blame]37 boolean attestKey(in String alias, in byte[] challenge, in int[] idAttestationFlags,
38 out KeymasterCertificateChain chain);
Eran Messeriecf0f222017-12-11 12:32:13 +0000[diff] [blame]39 boolean setKeyPairCertificate(String alias, in byte[] userCert, in byte[] certChain);
Eran Messeri852c8f12017-11-15 05:55:52 +0000[diff] [blame]40
Bartosz Fabianowski05dc9f72017-02-22 23:41:14 +0100[diff] [blame]41 // APIs used by CertInstaller and DevicePolicyManager
42 String installCaCertificate(in byte[] caCertificate);
Brian Carlstrom2627d532011-05-13 12:54:24 -0700[diff] [blame]43
Bernhard Bauer26408cc2014-09-08 14:07:31 +0100[diff] [blame]44 // APIs used by DevicePolicyManager
Rubin Xub4365912016-03-23 12:13:22 +0000[diff] [blame]45 boolean installKeyPair(in byte[] privateKey, in byte[] userCert, in byte[] certChain, String alias);
Robin Leefbc65642015-08-03 16:21:22 +0100[diff] [blame]46 boolean removeKeyPair(String alias);
Bernhard Bauer26408cc2014-09-08 14:07:31 +0100[diff] [blame]47
Brian Carlstrom2627d532011-05-13 12:54:24 -0700[diff] [blame]48 // APIs used by Settings
Brian Carlstrom6da00332011-06-26 21:08:03 -0700[diff] [blame]49 boolean deleteCaCertificate(String alias);
Brian Carlstrom2627d532011-05-13 12:54:24 -0700[diff] [blame]50 boolean reset();
Robin Leeabaa0692017-02-20 20:54:22 +0000[diff] [blame]51 StringParceledListSlice getUserCaAliases();
52 StringParceledListSlice getSystemCaAliases();
Zoltan Szatmary-Banf0ae1352014-08-18 10:48:33 +0100[diff] [blame]53 boolean containsCaAlias(String alias);
54 byte[] getEncodedCaCertificate(String alias, boolean includeDeletedSystem);
55 List<String> getCaCertificateChainAliases(String rootAlias, boolean includeDeletedSystem);
Fred Quintanaab8b84a2011-07-13 14:55:39 -0700[diff] [blame]56
57 // APIs used by KeyChainActivity
58 void setGrant(int uid, String alias, boolean value);
59 boolean hasGrant(int uid, String alias);
Brian Carlstromb9a07c12011-04-11 09:03:51 -0700[diff] [blame]60}