1 /** 2 * Copyright (c) 2018, The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package android.security.keystore; 18 19 import android.security.keymaster.KeymasterArguments; 20 import android.security.keymaster.KeymasterBlob; 21 import android.security.keymaster.OperationResult; 22 import android.security.keystore.IKeystoreResponseCallback; 23 import android.security.keystore.IKeystoreKeyCharacteristicsCallback; 24 import android.security.keystore.IKeystoreExportKeyCallback; 25 import android.security.keystore.IKeystoreOperationResultCallback; 26 import android.security.keystore.IKeystoreCertificateChainCallback; 27 28 /** 29 * @hide 30 */ 31 interface IKeystoreService { getState(int userId)32 int getState(int userId); get(String name, int uid)33 byte[] get(String name, int uid); insert(String name, in byte[] item, int uid, int flags)34 int insert(String name, in byte[] item, int uid, int flags); del(String name, int uid)35 int del(String name, int uid); exist(String name, int uid)36 int exist(String name, int uid); list(String namePrefix, int uid)37 String[] list(String namePrefix, int uid); reset()38 int reset(); onUserPasswordChanged(int userId, String newPassword)39 int onUserPasswordChanged(int userId, String newPassword); lock(int userId)40 int lock(int userId); unlock(int userId, String userPassword)41 int unlock(int userId, String userPassword); isEmpty(int userId)42 int isEmpty(int userId); grant(String name, int granteeUid)43 String grant(String name, int granteeUid); ungrant(String name, int granteeUid)44 int ungrant(String name, int granteeUid); getmtime(String name, int uid)45 long getmtime(String name, int uid); is_hardware_backed(String string)46 int is_hardware_backed(String string); clear_uid(long uid)47 int clear_uid(long uid); 48 addRngEntropy(IKeystoreResponseCallback cb, in byte[] data, int flags)49 int addRngEntropy(IKeystoreResponseCallback cb, in byte[] data, int flags); generateKey(IKeystoreKeyCharacteristicsCallback cb, String alias, in KeymasterArguments arguments, in byte[] entropy, int uid, int flags)50 int generateKey(IKeystoreKeyCharacteristicsCallback cb, String alias, in KeymasterArguments arguments, in byte[] entropy, int uid, 51 int flags); getKeyCharacteristics(IKeystoreKeyCharacteristicsCallback cb, String alias, in KeymasterBlob clientId, in KeymasterBlob appData, int uid)52 int getKeyCharacteristics (IKeystoreKeyCharacteristicsCallback cb, String alias, in KeymasterBlob clientId, in KeymasterBlob appData, 53 int uid); importKey(IKeystoreKeyCharacteristicsCallback cb, String alias, in KeymasterArguments arguments, int format, in byte[] keyData, int uid, int flags)54 int importKey(IKeystoreKeyCharacteristicsCallback cb, String alias, in KeymasterArguments arguments, int format, 55 in byte[] keyData, int uid, int flags); exportKey(IKeystoreExportKeyCallback cb, String alias, int format, in KeymasterBlob clientId, in KeymasterBlob appData, int uid)56 int exportKey(IKeystoreExportKeyCallback cb, String alias, int format, in KeymasterBlob clientId, 57 in KeymasterBlob appData, int uid); begin(in IKeystoreOperationResultCallback cb, IBinder appToken, String alias, int purpose, boolean pruneable, in KeymasterArguments params, in byte[] entropy, int uid)58 int begin(in IKeystoreOperationResultCallback cb, IBinder appToken, String alias, int purpose, boolean pruneable, 59 in KeymasterArguments params, in byte[] entropy, int uid); update(in IKeystoreOperationResultCallback cb, IBinder token, in KeymasterArguments params, in byte[] input)60 int update(in IKeystoreOperationResultCallback cb, IBinder token, in KeymasterArguments params, in byte[] input); finish(in IKeystoreOperationResultCallback cb, IBinder token, in KeymasterArguments params, in byte[] signature, in byte[] entropy)61 int finish(in IKeystoreOperationResultCallback cb, IBinder token, in KeymasterArguments params, in byte[] signature, 62 in byte[] entropy); abort(in IKeystoreResponseCallback cb, IBinder token)63 int abort(in IKeystoreResponseCallback cb, IBinder token); addAuthToken(in byte[] authToken)64 int addAuthToken(in byte[] authToken); onUserAdded(int userId, int parentId)65 int onUserAdded(int userId, int parentId); onUserRemoved(int userId)66 int onUserRemoved(int userId); attestKey(in IKeystoreCertificateChainCallback cb, String alias, in KeymasterArguments params)67 int attestKey(in IKeystoreCertificateChainCallback cb, String alias, in KeymasterArguments params); attestDeviceIds(in IKeystoreCertificateChainCallback cb, in KeymasterArguments params)68 int attestDeviceIds(in IKeystoreCertificateChainCallback cb, in KeymasterArguments params); onDeviceOffBody()69 int onDeviceOffBody(); importWrappedKey(in IKeystoreKeyCharacteristicsCallback cb, String wrappedKeyAlias, in byte[] wrappedKey, in String wrappingKeyAlias, in byte[] maskingKey, in KeymasterArguments arguments, in long rootSid, in long fingerprintSid)70 int importWrappedKey(in IKeystoreKeyCharacteristicsCallback cb, String wrappedKeyAlias, in byte[] wrappedKey, 71 in String wrappingKeyAlias, in byte[] maskingKey, in KeymasterArguments arguments, 72 in long rootSid, in long fingerprintSid); presentConfirmationPrompt(IBinder listener, String promptText, in byte[] extraData, in String locale, in int uiOptionsAsFlags)73 int presentConfirmationPrompt(IBinder listener, String promptText, in byte[] extraData, 74 in String locale, in int uiOptionsAsFlags); cancelConfirmationPrompt(IBinder listener)75 int cancelConfirmationPrompt(IBinder listener); isConfirmationPromptSupported()76 boolean isConfirmationPromptSupported(); onKeyguardVisibilityChanged(in boolean isShowing, in int userId)77 int onKeyguardVisibilityChanged(in boolean isShowing, in int userId); listUidsOfAuthBoundKeys(out @tf8InCpp List<String> uids)78 int listUidsOfAuthBoundKeys(out @utf8InCpp List<String> uids); 79 } 80