1 /*
2  * Copyright (C) 2022 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 package com.android.rkpdapp;
18 
19 import com.android.rkpdapp.IGetRegistrationCallback;
20 import com.android.rkpdapp.IRegistration;
21 
22 /**
23  * {@link IRemoteProvisioning} is the interface provided to use the remote key
24  * provisioning functionality from the Remote Key Provisioning Daemon (RKPD).
25  * This would be the first service that RKPD clients would interact with. The
26  * intent is for the clients to get the {@link IRegistration} object from this
27  * interface and use it for actual remote provisioning work.
28  *
29  * @hide
30  */
31 oneway interface IRemoteProvisioning {
32     /**
33      * Takes a remotely provisioned component service name and gets a
34      * registration bound to that service and the caller's UID.
35      *
36      * @param callerUid The caller who is requesting a registration. This cannot
37      * be determined via getCallingUid, because calls are routed from the actual
38      * clients (e.g. keystore) through system server. Thus, we rely on system
39      * server to pass the actual caller's UID as a parameter.
40      * @param irpcName The name of the {@code IRemotelyProvisionedComponent}
41      * for which remotely provisioned keys should be managed.
42      * @param callback Receives the result of the call. A callback must only
43      * be used with one {@code getRegistration} call at a time.
44      *
45      * Notes:
46      * - This function will attempt to get the service named by irpcName. This
47      *   implies that a lazy/dynamic aidl service will be instantiated, and this
48      *   function blocks until the service is up. Upon return, any binder tokens
49      *   are dropped, allowing the lazy/dynamic service to shutdown.
50      * - The created registration object is unique per caller. If two different
51      *   UIDs call getRegistration with the same irpcName, they will receive
52      *   different registrations. This prevents two different applications from
53      *   being able to see the same keys.
54      * - This function is idempotent per calling UID. Additional calls to
55      *   getRegistration with the same parameters, from the same caller, will have
56      *   no side effects.
57      *
58      * @see IRegistration#getKey()
59      * @see IRemotelyProvisionedComponent
60      */
getRegistration(int callerUid, String irpcName, IGetRegistrationCallback callback)61     void getRegistration(int callerUid, String irpcName, IGetRegistrationCallback callback);
62 
63     /**
64      * Cancel a getRegistration call. If the call is already completed, this method
65      * is a noop.
66      *
67      * @param callback the callback previously passed to getRegistration, indicating
68      * which call should be cancelled.
69      */
cancelGetRegistration(IGetRegistrationCallback callback)70     void cancelGetRegistration(IGetRegistrationCallback callback);
71 }
72