1 /* 2 * Copyright (c) 2019, The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package android.security.identity; 18 19 import android.security.identity.IWritableCredential; 20 21 import android.security.identity.RequestNamespaceParcel; 22 import android.security.identity.GetEntriesResultParcel; 23 import android.security.identity.AuthKeyParcel; 24 25 /** 26 * @hide 27 */ 28 interface ICredential { 29 /* The STATUS_* constants are used in the status field in ResultEntryParcel. 30 * Keep in sync with ResultNamespace.java. 31 */ 32 const int STATUS_OK = 0; 33 const int STATUS_NO_SUCH_ENTRY = 1; 34 const int STATUS_NOT_REQUESTED = 2; 35 const int STATUS_NOT_IN_REQUEST_MESSAGE = 3; 36 const int STATUS_USER_AUTHENTICATION_FAILED = 4; 37 const int STATUS_READER_AUTHENTICATION_FAILED = 5; 38 const int STATUS_NO_ACCESS_CONTROL_PROFILES = 6; 39 createEphemeralKeyPair()40 byte[] createEphemeralKeyPair(); 41 setReaderEphemeralPublicKey(in byte[] publicKey)42 void setReaderEphemeralPublicKey(in byte[] publicKey); 43 deleteCredential()44 byte[] deleteCredential(); deleteWithChallenge(in byte[] challenge)45 byte[] deleteWithChallenge(in byte[] challenge); 46 proveOwnership(in byte[] challenge)47 byte[] proveOwnership(in byte[] challenge); 48 getCredentialKeyCertificateChain()49 byte[] getCredentialKeyCertificateChain(); 50 selectAuthKey(in boolean allowUsingExhaustedKeys, in boolean allowUsingExpiredKeys, in boolean incrementUsageCount)51 long selectAuthKey(in boolean allowUsingExhaustedKeys, 52 in boolean allowUsingExpiredKeys, 53 in boolean incrementUsageCount); 54 getEntries(in byte[] requestMessage, in RequestNamespaceParcel[] requestNamespaces, in byte[] sessionTranscript, in byte[] readerSignature, in boolean allowUsingExhaustedKeys, in boolean allowUsingExpiredKeys, in boolean incrementUsageCount)55 GetEntriesResultParcel getEntries(in byte[] requestMessage, 56 in RequestNamespaceParcel[] requestNamespaces, 57 in byte[] sessionTranscript, 58 in byte[] readerSignature, 59 in boolean allowUsingExhaustedKeys, 60 in boolean allowUsingExpiredKeys, 61 in boolean incrementUsageCount); 62 setAvailableAuthenticationKeys(in int keyCount, in int maxUsesPerKey, in long minValidTimeMillis)63 void setAvailableAuthenticationKeys(in int keyCount, 64 in int maxUsesPerKey, 65 in long minValidTimeMillis); 66 getAuthKeysNeedingCertification()67 AuthKeyParcel[] getAuthKeysNeedingCertification(); 68 storeStaticAuthenticationData(in AuthKeyParcel authenticationKey, in byte[] staticAuthData)69 void storeStaticAuthenticationData(in AuthKeyParcel authenticationKey, 70 in byte[] staticAuthData); 71 storeStaticAuthenticationDataWithExpiration(in AuthKeyParcel authenticationKey, in long expirationDateMillisSinceEpoch, in byte[] staticAuthData)72 void storeStaticAuthenticationDataWithExpiration(in AuthKeyParcel authenticationKey, 73 in long expirationDateMillisSinceEpoch, 74 in byte[] staticAuthData); 75 getAuthenticationDataUsageCount()76 int[] getAuthenticationDataUsageCount(); 77 getAuthenticationDataExpirations()78 long[] getAuthenticationDataExpirations(); 79 update()80 IWritableCredential update(); 81 } 82 83