Chad Brubaker | 7a2c973 | 2015-01-13 17:41:22 -0800 | [diff] [blame] | 1 | /** |
| 2 | * Copyright (c) 2015, The Android Open Source Project |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| 16 | |
| 17 | package android.security; |
| 18 | |
Chad Brubaker | 45ff13e | 2015-01-21 14:00:55 -0800 | [diff] [blame] | 19 | import android.security.keymaster.ExportResult; |
| 20 | import android.security.keymaster.KeyCharacteristics; |
| 21 | import android.security.keymaster.KeymasterArguments; |
Shawn Willden | 8d8c747 | 2016-02-02 08:27:39 -0700 | [diff] [blame] | 22 | import android.security.keymaster.KeymasterCertificateChain; |
Chad Brubaker | 5e73c0e | 2015-03-21 22:46:43 -0700 | [diff] [blame] | 23 | import android.security.keymaster.KeymasterBlob; |
Chad Brubaker | 45ff13e | 2015-01-21 14:00:55 -0800 | [diff] [blame] | 24 | import android.security.keymaster.OperationResult; |
Chad Brubaker | 7a2c973 | 2015-01-13 17:41:22 -0800 | [diff] [blame] | 25 | import android.security.KeystoreArguments; |
| 26 | |
| 27 | /** |
| 28 | * This must be kept manually in sync with system/security/keystore until AIDL |
| 29 | * can generate both Java and C++ bindings. |
| 30 | * |
| 31 | * @hide |
| 32 | */ |
| 33 | interface IKeystoreService { |
Chad Brubaker | d8aacca | 2015-05-12 15:19:52 -0700 | [diff] [blame] | 34 | int getState(int userId); |
Chad Brubaker | 5bbf048 | 2015-09-09 14:53:52 -0700 | [diff] [blame] | 35 | byte[] get(String name, int uid); |
Chad Brubaker | 7a2c973 | 2015-01-13 17:41:22 -0800 | [diff] [blame] | 36 | int insert(String name, in byte[] item, int uid, int flags); |
| 37 | int del(String name, int uid); |
| 38 | int exist(String name, int uid); |
Chad Brubaker | d8aacca | 2015-05-12 15:19:52 -0700 | [diff] [blame] | 39 | String[] list(String namePrefix, int uid); |
Chad Brubaker | 7a2c973 | 2015-01-13 17:41:22 -0800 | [diff] [blame] | 40 | int reset(); |
Chad Brubaker | d88fffa | 2015-05-07 10:02:22 -0700 | [diff] [blame] | 41 | int onUserPasswordChanged(int userId, String newPassword); |
Chad Brubaker | d8aacca | 2015-05-12 15:19:52 -0700 | [diff] [blame] | 42 | int lock(int userId); |
Chad Brubaker | d88fffa | 2015-05-07 10:02:22 -0700 | [diff] [blame] | 43 | int unlock(int userId, String userPassword); |
Chad Brubaker | d8aacca | 2015-05-12 15:19:52 -0700 | [diff] [blame] | 44 | int isEmpty(int userId); |
Chad Brubaker | 7a2c973 | 2015-01-13 17:41:22 -0800 | [diff] [blame] | 45 | int generate(String name, int uid, int keyType, int keySize, int flags, |
| 46 | in KeystoreArguments args); |
| 47 | int import_key(String name, in byte[] data, int uid, int flags); |
| 48 | byte[] sign(String name, in byte[] data); |
| 49 | int verify(String name, in byte[] data, in byte[] signature); |
| 50 | byte[] get_pubkey(String name); |
Janis Danisevskis | b50e9f6 | 2017-06-08 17:53:34 -0700 | [diff] [blame] | 51 | String grant(String name, int granteeUid); |
Chad Brubaker | 7a2c973 | 2015-01-13 17:41:22 -0800 | [diff] [blame] | 52 | int ungrant(String name, int granteeUid); |
Chad Brubaker | 5bbf048 | 2015-09-09 14:53:52 -0700 | [diff] [blame] | 53 | long getmtime(String name, int uid); |
Chad Brubaker | 7a2c973 | 2015-01-13 17:41:22 -0800 | [diff] [blame] | 54 | int is_hardware_backed(String string); |
| 55 | int clear_uid(long uid); |
Chad Brubaker | 45ff13e | 2015-01-21 14:00:55 -0800 | [diff] [blame] | 56 | |
| 57 | // Keymaster 0.4 methods |
Janis Danisevskis | 0aadf93 | 2017-12-18 17:28:52 -0800 | [diff] [blame] | 58 | int addRngEntropy(in byte[] data, int flags); |
Chad Brubaker | dae79e5 | 2015-03-27 14:28:35 -0700 | [diff] [blame] | 59 | int generateKey(String alias, in KeymasterArguments arguments, in byte[] entropy, int uid, |
| 60 | int flags, out KeyCharacteristics characteristics); |
Chad Brubaker | 5e73c0e | 2015-03-21 22:46:43 -0700 | [diff] [blame] | 61 | int getKeyCharacteristics(String alias, in KeymasterBlob clientId, in KeymasterBlob appId, |
Chad Brubaker | 5bbf048 | 2015-09-09 14:53:52 -0700 | [diff] [blame] | 62 | int uid, out KeyCharacteristics characteristics); |
Chad Brubaker | 45ff13e | 2015-01-21 14:00:55 -0800 | [diff] [blame] | 63 | int importKey(String alias, in KeymasterArguments arguments, int format, |
| 64 | in byte[] keyData, int uid, int flags, out KeyCharacteristics characteristics); |
Chad Brubaker | 5e73c0e | 2015-03-21 22:46:43 -0700 | [diff] [blame] | 65 | ExportResult exportKey(String alias, int format, in KeymasterBlob clientId, |
Chad Brubaker | 5bbf048 | 2015-09-09 14:53:52 -0700 | [diff] [blame] | 66 | in KeymasterBlob appId, int uid); |
Chad Brubaker | 45ff13e | 2015-01-21 14:00:55 -0800 | [diff] [blame] | 67 | OperationResult begin(IBinder appToken, String alias, int purpose, boolean pruneable, |
Chad Brubaker | 5bbf048 | 2015-09-09 14:53:52 -0700 | [diff] [blame] | 68 | in KeymasterArguments params, in byte[] entropy, int uid); |
Chad Brubaker | 45ff13e | 2015-01-21 14:00:55 -0800 | [diff] [blame] | 69 | OperationResult update(IBinder token, in KeymasterArguments params, in byte[] input); |
Chad Brubaker | 9ce3062 | 2015-05-29 12:32:51 -0700 | [diff] [blame] | 70 | OperationResult finish(IBinder token, in KeymasterArguments params, in byte[] signature, |
| 71 | in byte[] entropy); |
Chad Brubaker | 45ff13e | 2015-01-21 14:00:55 -0800 | [diff] [blame] | 72 | int abort(IBinder handle); |
Chad Brubaker | 5654b36 | 2015-03-17 16:59:52 -0700 | [diff] [blame] | 73 | boolean isOperationAuthorized(IBinder token); |
| 74 | int addAuthToken(in byte[] authToken); |
Chad Brubaker | 31c2897 | 2015-05-12 13:00:02 -0700 | [diff] [blame] | 75 | int onUserAdded(int userId, int parentId); |
| 76 | int onUserRemoved(int userId); |
Shawn Willden | 8d8c747 | 2016-02-02 08:27:39 -0700 | [diff] [blame] | 77 | int attestKey(String alias, in KeymasterArguments params, out KeymasterCertificateChain chain); |
Bartosz Fabianowski | 237f4b36 | 2017-04-24 13:57:46 +0200 | [diff] [blame] | 78 | int attestDeviceIds(in KeymasterArguments params, out KeymasterCertificateChain chain); |
Tucker Sylvestro | b32aae2 | 2016-06-23 17:23:33 -0400 | [diff] [blame] | 79 | int onDeviceOffBody(); |
Janis Danisevskis | 03dd827 | 2017-12-19 16:29:45 -0800 | [diff] [blame] | 80 | int importWrappedKey(in String wrappedKeyAlias, in byte[] wrappedKey, |
| 81 | in String wrappingKeyAlias, in byte[] maskingKey, in KeymasterArguments arguments, |
| 82 | in long rootSid, in long fingerprintSid, |
| 83 | out KeyCharacteristics characteristics); |
Chad Brubaker | 7a2c973 | 2015-01-13 17:41:22 -0800 | [diff] [blame] | 84 | } |