1 /* 2 * Copyright (C) 2011 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 package android.security; 17 18 import android.content.pm.StringParceledListSlice; 19 import android.security.keymaster.KeymasterCertificateChain; 20 import android.security.keystore.ParcelableKeyGenParameterSpec; 21 import android.security.AppUriAuthenticationPolicy; 22 import android.net.Uri; 23 24 /** 25 * Caller is required to ensure that {@link KeyStore#unlock 26 * KeyStore.unlock} was successful. 27 * 28 * @hide 29 */ 30 interface IKeyChainService { 31 // APIs used by KeyChain 32 @UnsupportedAppUsage requestPrivateKey(String alias)33 String requestPrivateKey(String alias); getCertificate(String alias)34 byte[] getCertificate(String alias); getCaCertificates(String alias)35 byte[] getCaCertificates(String alias); isUserSelectable(String alias)36 boolean isUserSelectable(String alias); setUserSelectable(String alias, boolean isUserSelectable)37 void setUserSelectable(String alias, boolean isUserSelectable); 38 generateKeyPair(in String algorithm, in ParcelableKeyGenParameterSpec spec)39 int generateKeyPair(in String algorithm, in ParcelableKeyGenParameterSpec spec); setKeyPairCertificate(String alias, in byte[] userCert, in byte[] certChain)40 boolean setKeyPairCertificate(String alias, in byte[] userCert, in byte[] certChain); 41 42 // APIs used by CertInstaller and DevicePolicyManager installCaCertificate(in byte[] caCertificate)43 String installCaCertificate(in byte[] caCertificate); 44 45 // APIs used by DevicePolicyManager installKeyPair( in byte[] privateKey, in byte[] userCert, in byte[] certChain, String alias, int uid)46 boolean installKeyPair( 47 in byte[] privateKey, in byte[] userCert, in byte[] certChain, String alias, int uid); removeKeyPair(String alias)48 boolean removeKeyPair(String alias); containsKeyPair(String alias)49 boolean containsKeyPair(String alias); getGrants(String alias)50 int[] getGrants(String alias); 51 52 // APIs used by Settings deleteCaCertificate(String alias)53 boolean deleteCaCertificate(String alias); reset()54 boolean reset(); getUserCaAliases()55 StringParceledListSlice getUserCaAliases(); getSystemCaAliases()56 StringParceledListSlice getSystemCaAliases(); containsCaAlias(String alias)57 boolean containsCaAlias(String alias); getEncodedCaCertificate(String alias, boolean includeDeletedSystem)58 byte[] getEncodedCaCertificate(String alias, boolean includeDeletedSystem); getCaCertificateChainAliases(String rootAlias, boolean includeDeletedSystem)59 List<String> getCaCertificateChainAliases(String rootAlias, boolean includeDeletedSystem); setCredentialManagementApp(String packageName, in AppUriAuthenticationPolicy policy)60 void setCredentialManagementApp(String packageName, in AppUriAuthenticationPolicy policy); hasCredentialManagementApp()61 boolean hasCredentialManagementApp(); getCredentialManagementAppPackageName()62 String getCredentialManagementAppPackageName(); getCredentialManagementAppPolicy()63 AppUriAuthenticationPolicy getCredentialManagementAppPolicy(); getPredefinedAliasForPackageAndUri(String packageName, in Uri uri)64 String getPredefinedAliasForPackageAndUri(String packageName, in Uri uri); removeCredentialManagementApp()65 void removeCredentialManagementApp(); isCredentialManagementApp(String packageName)66 boolean isCredentialManagementApp(String packageName); 67 68 // APIs used by KeyChainActivity 69 // setGrant may fail with value=false when ungrant operation fails in KeyStore. setGrant(int uid, String alias, boolean value)70 boolean setGrant(int uid, String alias, boolean value); hasGrant(int uid, String alias)71 boolean hasGrant(int uid, String alias); 72 73 // API used by Wifi getWifiKeyGrantAsUser(String alias)74 String getWifiKeyGrantAsUser(String alias); 75 } 76