1 /* 2 * Copyright (C) 2012 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package com.android.internal.widget; 18 19 import android.app.PendingIntent; 20 import android.app.trust.IStrongAuthTracker; 21 import android.os.Bundle; 22 import android.security.keystore.recovery.WrappedApplicationKey; 23 import android.security.keystore.recovery.KeyChainSnapshot; 24 import android.security.keystore.recovery.KeyChainProtectionParams; 25 import android.security.keystore.recovery.RecoveryCertPath; 26 import com.android.internal.widget.ICheckCredentialProgressCallback; 27 import com.android.internal.widget.LockscreenCredential; 28 import com.android.internal.widget.VerifyCredentialResponse; 29 30 import java.util.Map; 31 32 /** {@hide} */ 33 interface ILockSettings { 34 @UnsupportedAppUsage setBoolean(in String key, in boolean value, in int userId)35 void setBoolean(in String key, in boolean value, in int userId); 36 @UnsupportedAppUsage setLong(in String key, in long value, in int userId)37 void setLong(in String key, in long value, in int userId); 38 @UnsupportedAppUsage setString(in String key, in String value, in int userId)39 void setString(in String key, in String value, in int userId); 40 @UnsupportedAppUsage getBoolean(in String key, in boolean defaultValue, in int userId)41 boolean getBoolean(in String key, in boolean defaultValue, in int userId); 42 @UnsupportedAppUsage getLong(in String key, in long defaultValue, in int userId)43 long getLong(in String key, in long defaultValue, in int userId); 44 @UnsupportedAppUsage getString(in String key, in String defaultValue, in int userId)45 String getString(in String key, in String defaultValue, in int userId); setLockCredential(in LockscreenCredential credential, in LockscreenCredential savedCredential, int userId)46 boolean setLockCredential(in LockscreenCredential credential, in LockscreenCredential savedCredential, int userId); resetKeyStore(int userId)47 void resetKeyStore(int userId); checkCredential(in LockscreenCredential credential, int userId, in ICheckCredentialProgressCallback progressCallback)48 VerifyCredentialResponse checkCredential(in LockscreenCredential credential, int userId, 49 in ICheckCredentialProgressCallback progressCallback); verifyCredential(in LockscreenCredential credential, long challenge, int userId)50 VerifyCredentialResponse verifyCredential(in LockscreenCredential credential, long challenge, int userId); verifyTiedProfileChallenge(in LockscreenCredential credential, long challenge, int userId)51 VerifyCredentialResponse verifyTiedProfileChallenge(in LockscreenCredential credential, long challenge, int userId); checkVoldPassword(int userId)52 boolean checkVoldPassword(int userId); getCredentialType(int userId)53 int getCredentialType(int userId); getHashFactor(in LockscreenCredential currentCredential, int userId)54 byte[] getHashFactor(in LockscreenCredential currentCredential, int userId); setSeparateProfileChallengeEnabled(int userId, boolean enabled, in LockscreenCredential managedUserPassword)55 void setSeparateProfileChallengeEnabled(int userId, boolean enabled, in LockscreenCredential managedUserPassword); getSeparateProfileChallengeEnabled(int userId)56 boolean getSeparateProfileChallengeEnabled(int userId); registerStrongAuthTracker(in IStrongAuthTracker tracker)57 void registerStrongAuthTracker(in IStrongAuthTracker tracker); unregisterStrongAuthTracker(in IStrongAuthTracker tracker)58 void unregisterStrongAuthTracker(in IStrongAuthTracker tracker); requireStrongAuth(int strongAuthReason, int userId)59 void requireStrongAuth(int strongAuthReason, int userId); reportSuccessfulBiometricUnlock(boolean isStrongBiometric, int userId)60 void reportSuccessfulBiometricUnlock(boolean isStrongBiometric, int userId); scheduleNonStrongBiometricIdleTimeout(int userId)61 void scheduleNonStrongBiometricIdleTimeout(int userId); systemReady()62 void systemReady(); userPresent(int userId)63 void userPresent(int userId); getStrongAuthForUser(int userId)64 int getStrongAuthForUser(int userId); hasPendingEscrowToken(int userId)65 boolean hasPendingEscrowToken(int userId); 66 67 // Keystore RecoveryController methods. 68 // {@code ServiceSpecificException} may be thrown to signal an error, which caller can 69 // convert to {@code RecoveryManagerException}. initRecoveryServiceWithSigFile(in String rootCertificateAlias, in byte[] recoveryServiceCertFile, in byte[] recoveryServiceSigFile)70 void initRecoveryServiceWithSigFile(in String rootCertificateAlias, 71 in byte[] recoveryServiceCertFile, in byte[] recoveryServiceSigFile); getKeyChainSnapshot()72 KeyChainSnapshot getKeyChainSnapshot(); generateKey(String alias)73 String generateKey(String alias); generateKeyWithMetadata(String alias, in byte[] metadata)74 String generateKeyWithMetadata(String alias, in byte[] metadata); importKey(String alias, in byte[] keyBytes)75 String importKey(String alias, in byte[] keyBytes); importKeyWithMetadata(String alias, in byte[] keyBytes, in byte[] metadata)76 String importKeyWithMetadata(String alias, in byte[] keyBytes, in byte[] metadata); getKey(String alias)77 String getKey(String alias); removeKey(String alias)78 void removeKey(String alias); setSnapshotCreatedPendingIntent(in PendingIntent intent)79 void setSnapshotCreatedPendingIntent(in PendingIntent intent); setServerParams(in byte[] serverParams)80 void setServerParams(in byte[] serverParams); setRecoveryStatus(in String alias, int status)81 void setRecoveryStatus(in String alias, int status); getRecoveryStatus()82 Map getRecoveryStatus(); setRecoverySecretTypes(in int[] secretTypes)83 void setRecoverySecretTypes(in int[] secretTypes); getRecoverySecretTypes()84 int[] getRecoverySecretTypes(); startRecoverySessionWithCertPath(in String sessionId, in String rootCertificateAlias, in RecoveryCertPath verifierCertPath, in byte[] vaultParams, in byte[] vaultChallenge, in List<KeyChainProtectionParams> secrets)85 byte[] startRecoverySessionWithCertPath(in String sessionId, in String rootCertificateAlias, 86 in RecoveryCertPath verifierCertPath, in byte[] vaultParams, in byte[] vaultChallenge, 87 in List<KeyChainProtectionParams> secrets); recoverKeyChainSnapshot( in String sessionId, in byte[] recoveryKeyBlob, in List<WrappedApplicationKey> applicationKeys)88 Map/*<String, String>*/ recoverKeyChainSnapshot( 89 in String sessionId, 90 in byte[] recoveryKeyBlob, 91 in List<WrappedApplicationKey> applicationKeys); closeSession(in String sessionId)92 void closeSession(in String sessionId); hasSecureLockScreen()93 boolean hasSecureLockScreen(); tryUnlockWithCachedUnifiedChallenge(int userId)94 boolean tryUnlockWithCachedUnifiedChallenge(int userId); removeCachedUnifiedChallenge(int userId)95 void removeCachedUnifiedChallenge(int userId); 96 } 97