1 /** 2 * Copyright (c) 2015, The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package android.security; 18 19 import android.security.keymaster.ExportResult; 20 import android.security.keymaster.KeyCharacteristics; 21 import android.security.keymaster.KeymasterArguments; 22 import android.security.keymaster.KeymasterBlob; 23 import android.security.keymaster.OperationResult; 24 import android.security.KeystoreArguments; 25 26 /** 27 * This must be kept manually in sync with system/security/keystore until AIDL 28 * can generate both Java and C++ bindings. 29 * 30 * @hide 31 */ 32 interface IKeystoreService { getState(int userId)33 int getState(int userId); get(String name)34 byte[] get(String name); insert(String name, in byte[] item, int uid, int flags)35 int insert(String name, in byte[] item, int uid, int flags); del(String name, int uid)36 int del(String name, int uid); exist(String name, int uid)37 int exist(String name, int uid); list(String namePrefix, int uid)38 String[] list(String namePrefix, int uid); reset()39 int reset(); onUserPasswordChanged(int userId, String newPassword)40 int onUserPasswordChanged(int userId, String newPassword); lock(int userId)41 int lock(int userId); unlock(int userId, String userPassword)42 int unlock(int userId, String userPassword); isEmpty(int userId)43 int isEmpty(int userId); generate(String name, int uid, int keyType, int keySize, int flags, in KeystoreArguments args)44 int generate(String name, int uid, int keyType, int keySize, int flags, 45 in KeystoreArguments args); import_key(String name, in byte[] data, int uid, int flags)46 int import_key(String name, in byte[] data, int uid, int flags); sign(String name, in byte[] data)47 byte[] sign(String name, in byte[] data); verify(String name, in byte[] data, in byte[] signature)48 int verify(String name, in byte[] data, in byte[] signature); get_pubkey(String name)49 byte[] get_pubkey(String name); grant(String name, int granteeUid)50 int grant(String name, int granteeUid); ungrant(String name, int granteeUid)51 int ungrant(String name, int granteeUid); getmtime(String name)52 long getmtime(String name); duplicate(String srcKey, int srcUid, String destKey, int destUid)53 int duplicate(String srcKey, int srcUid, String destKey, int destUid); is_hardware_backed(String string)54 int is_hardware_backed(String string); clear_uid(long uid)55 int clear_uid(long uid); 56 57 // Keymaster 0.4 methods addRngEntropy(in byte[] data)58 int addRngEntropy(in byte[] data); generateKey(String alias, in KeymasterArguments arguments, in byte[] entropy, int uid, int flags, out KeyCharacteristics characteristics)59 int generateKey(String alias, in KeymasterArguments arguments, in byte[] entropy, int uid, 60 int flags, out KeyCharacteristics characteristics); getKeyCharacteristics(String alias, in KeymasterBlob clientId, in KeymasterBlob appId, out KeyCharacteristics characteristics)61 int getKeyCharacteristics(String alias, in KeymasterBlob clientId, in KeymasterBlob appId, 62 out KeyCharacteristics characteristics); importKey(String alias, in KeymasterArguments arguments, int format, in byte[] keyData, int uid, int flags, out KeyCharacteristics characteristics)63 int importKey(String alias, in KeymasterArguments arguments, int format, 64 in byte[] keyData, int uid, int flags, out KeyCharacteristics characteristics); exportKey(String alias, int format, in KeymasterBlob clientId, in KeymasterBlob appId)65 ExportResult exportKey(String alias, int format, in KeymasterBlob clientId, 66 in KeymasterBlob appId); begin(IBinder appToken, String alias, int purpose, boolean pruneable, in KeymasterArguments params, in byte[] entropy)67 OperationResult begin(IBinder appToken, String alias, int purpose, boolean pruneable, 68 in KeymasterArguments params, in byte[] entropy); update(IBinder token, in KeymasterArguments params, in byte[] input)69 OperationResult update(IBinder token, in KeymasterArguments params, in byte[] input); finish(IBinder token, in KeymasterArguments params, in byte[] signature, in byte[] entropy)70 OperationResult finish(IBinder token, in KeymasterArguments params, in byte[] signature, 71 in byte[] entropy); abort(IBinder handle)72 int abort(IBinder handle); isOperationAuthorized(IBinder token)73 boolean isOperationAuthorized(IBinder token); addAuthToken(in byte[] authToken)74 int addAuthToken(in byte[] authToken); onUserAdded(int userId, int parentId)75 int onUserAdded(int userId, int parentId); onUserRemoved(int userId)76 int onUserRemoved(int userId); 77 } 78