1 /**
2  * Copyright (c) 2015, The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *     http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 package android.security;
18 
19 import android.security.keymaster.ExportResult;
20 import android.security.keymaster.KeyCharacteristics;
21 import android.security.keymaster.KeymasterArguments;
22 import android.security.keymaster.KeymasterCertificateChain;
23 import android.security.keymaster.KeymasterBlob;
24 import android.security.keymaster.OperationResult;
25 import android.security.KeystoreArguments;
26 
27 /**
28  * This must be kept manually in sync with system/security/keystore until AIDL
29  * can generate both Java and C++ bindings.
30  *
31  * @hide
32  */
33 interface IKeystoreService {
getState(int userId)34     int getState(int userId);
get(String name, int uid)35     byte[] get(String name, int uid);
insert(String name, in byte[] item, int uid, int flags)36     int insert(String name, in byte[] item, int uid, int flags);
del(String name, int uid)37     int del(String name, int uid);
exist(String name, int uid)38     int exist(String name, int uid);
list(String namePrefix, int uid)39     String[] list(String namePrefix, int uid);
reset()40     int reset();
onUserPasswordChanged(int userId, String newPassword)41     int onUserPasswordChanged(int userId, String newPassword);
lock(int userId)42     int lock(int userId);
unlock(int userId, String userPassword)43     int unlock(int userId, String userPassword);
isEmpty(int userId)44     int isEmpty(int userId);
generate(String name, int uid, int keyType, int keySize, int flags, in KeystoreArguments args)45     int generate(String name, int uid, int keyType, int keySize, int flags,
46         in KeystoreArguments args);
import_key(String name, in byte[] data, int uid, int flags)47     int import_key(String name, in byte[] data, int uid, int flags);
sign(String name, in byte[] data)48     byte[] sign(String name, in byte[] data);
verify(String name, in byte[] data, in byte[] signature)49     int verify(String name, in byte[] data, in byte[] signature);
get_pubkey(String name)50     byte[] get_pubkey(String name);
grant(String name, int granteeUid)51     int grant(String name, int granteeUid);
ungrant(String name, int granteeUid)52     int ungrant(String name, int granteeUid);
getmtime(String name, int uid)53     long getmtime(String name, int uid);
duplicate(String srcKey, int srcUid, String destKey, int destUid)54     int duplicate(String srcKey, int srcUid, String destKey, int destUid);
is_hardware_backed(String string)55     int is_hardware_backed(String string);
clear_uid(long uid)56     int clear_uid(long uid);
57 
58     // Keymaster 0.4 methods
addRngEntropy(in byte[] data)59     int addRngEntropy(in byte[] data);
generateKey(String alias, in KeymasterArguments arguments, in byte[] entropy, int uid, int flags, out KeyCharacteristics characteristics)60     int generateKey(String alias, in KeymasterArguments arguments, in byte[] entropy, int uid,
61         int flags, out KeyCharacteristics characteristics);
getKeyCharacteristics(String alias, in KeymasterBlob clientId, in KeymasterBlob appId, int uid, out KeyCharacteristics characteristics)62     int getKeyCharacteristics(String alias, in KeymasterBlob clientId, in KeymasterBlob appId,
63         int uid, out KeyCharacteristics characteristics);
importKey(String alias, in KeymasterArguments arguments, int format, in byte[] keyData, int uid, int flags, out KeyCharacteristics characteristics)64     int importKey(String alias, in KeymasterArguments arguments, int format,
65         in byte[] keyData, int uid, int flags, out KeyCharacteristics characteristics);
exportKey(String alias, int format, in KeymasterBlob clientId, in KeymasterBlob appId, int uid)66     ExportResult exportKey(String alias, int format, in KeymasterBlob clientId,
67         in KeymasterBlob appId, int uid);
begin(IBinder appToken, String alias, int purpose, boolean pruneable, in KeymasterArguments params, in byte[] entropy, int uid)68     OperationResult begin(IBinder appToken, String alias, int purpose, boolean pruneable,
69         in KeymasterArguments params, in byte[] entropy, int uid);
update(IBinder token, in KeymasterArguments params, in byte[] input)70     OperationResult update(IBinder token, in KeymasterArguments params, in byte[] input);
finish(IBinder token, in KeymasterArguments params, in byte[] signature, in byte[] entropy)71     OperationResult finish(IBinder token, in KeymasterArguments params, in byte[] signature,
72         in byte[] entropy);
abort(IBinder handle)73     int abort(IBinder handle);
isOperationAuthorized(IBinder token)74     boolean isOperationAuthorized(IBinder token);
addAuthToken(in byte[] authToken)75     int addAuthToken(in byte[] authToken);
onUserAdded(int userId, int parentId)76     int onUserAdded(int userId, int parentId);
onUserRemoved(int userId)77     int onUserRemoved(int userId);
attestKey(String alias, in KeymasterArguments params, out KeymasterCertificateChain chain)78     int attestKey(String alias, in KeymasterArguments params, out KeymasterCertificateChain chain);
79 }
80