Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / frameworks / base / ecf0f22e5831832afb48c86abfaa81234c8db619 / . / keystore / java / android / security / IKeyChainService.aidl
blob: 7c7417dfaaac2bb43bf21be76b76d902ca59d3a6 [file] [log] [blame]
Brian Carlstromb9a07c12011-04-11 09:03:51 -0700[diff] [blame]1/*
2 * Copyright (C) 2011 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16package android.security;
17
Robin Leeabaa0692017-02-20 20:54:22 +0000[diff] [blame]18import android.content.pm.StringParceledListSlice;
Eran Messeria1730642017-12-11 17:48:47 +0000[diff] [blame]19import android.security.keymaster.KeymasterCertificateChain;
Eran Messeri852c8f12017-11-15 05:55:52 +0000[diff] [blame]20import android.security.keystore.ParcelableKeyGenParameterSpec;
Zoltan Szatmary-Banf0ae1352014-08-18 10:48:33 +0100[diff] [blame]21
Brian Carlstromb9a07c12011-04-11 09:03:51 -0700[diff] [blame]22/**
23 * Caller is required to ensure that {@link KeyStore#unlock
24 * KeyStore.unlock} was successful.
25 *
26 * @hide
27 */
28interface IKeyChainService {
Brian Carlstrom2627d532011-05-13 12:54:24 -0700[diff] [blame]29 // APIs used by KeyChain
Kenny Root5423e682011-11-14 08:43:13 -0800[diff] [blame]30 String requestPrivateKey(String alias);
Fred Quintanaab8b84a2011-07-13 14:55:39 -0700[diff] [blame]31 byte[] getCertificate(String alias);
Rubin Xub4365912016-03-23 12:13:22 +0000[diff] [blame]32 byte[] getCaCertificates(String alias);
Eran Messeri7039f412017-11-08 01:03:30 +0000[diff] [blame]33 boolean isUserSelectable(String alias);
34 void setUserSelectable(String alias, boolean isUserSelectable);
Brian Carlstrom2627d532011-05-13 12:54:24 -0700[diff] [blame]35
Eran Messeri852c8f12017-11-15 05:55:52 +0000[diff] [blame]36 boolean generateKeyPair(in String algorithm, in ParcelableKeyGenParameterSpec spec);
Eran Messeria1730642017-12-11 17:48:47 +0000[diff] [blame]37 boolean attestKey(in String alias, in byte[] challenge, out KeymasterCertificateChain chain);
Eran Messeriecf0f222017-12-11 12:32:13 +0000[diff] [blame^]38 boolean setKeyPairCertificate(String alias, in byte[] userCert, in byte[] certChain);
Eran Messeri852c8f12017-11-15 05:55:52 +0000[diff] [blame]39
Bartosz Fabianowski05dc9f72017-02-22 23:41:14 +0100[diff] [blame]40 // APIs used by CertInstaller and DevicePolicyManager
41 String installCaCertificate(in byte[] caCertificate);
Brian Carlstrom2627d532011-05-13 12:54:24 -0700[diff] [blame]42
Bernhard Bauer26408cc2014-09-08 14:07:31 +0100[diff] [blame]43 // APIs used by DevicePolicyManager
Rubin Xub4365912016-03-23 12:13:22 +0000[diff] [blame]44 boolean installKeyPair(in byte[] privateKey, in byte[] userCert, in byte[] certChain, String alias);
Robin Leefbc65642015-08-03 16:21:22 +0100[diff] [blame]45 boolean removeKeyPair(String alias);
Bernhard Bauer26408cc2014-09-08 14:07:31 +0100[diff] [blame]46
Brian Carlstrom2627d532011-05-13 12:54:24 -0700[diff] [blame]47 // APIs used by Settings
Brian Carlstrom6da00332011-06-26 21:08:03 -0700[diff] [blame]48 boolean deleteCaCertificate(String alias);
Brian Carlstrom2627d532011-05-13 12:54:24 -0700[diff] [blame]49 boolean reset();
Robin Leeabaa0692017-02-20 20:54:22 +0000[diff] [blame]50 StringParceledListSlice getUserCaAliases();
51 StringParceledListSlice getSystemCaAliases();
Zoltan Szatmary-Banf0ae1352014-08-18 10:48:33 +0100[diff] [blame]52 boolean containsCaAlias(String alias);
53 byte[] getEncodedCaCertificate(String alias, boolean includeDeletedSystem);
54 List<String> getCaCertificateChainAliases(String rootAlias, boolean includeDeletedSystem);
Fred Quintanaab8b84a2011-07-13 14:55:39 -0700[diff] [blame]55
56 // APIs used by KeyChainActivity
57 void setGrant(int uid, String alias, boolean value);
58 boolean hasGrant(int uid, String alias);
Brian Carlstromb9a07c12011-04-11 09:03:51 -0700[diff] [blame]59}