1 /** 2 * Copyright (c) 2015, The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package android.security; 18 19 import android.security.keymaster.ExportResult; 20 import android.security.keymaster.KeyCharacteristics; 21 import android.security.keymaster.KeymasterArguments; 22 import android.security.keymaster.KeymasterCertificateChain; 23 import android.security.keymaster.KeymasterBlob; 24 import android.security.keymaster.OperationResult; 25 import android.security.KeystoreArguments; 26 27 /** 28 * This must be kept manually in sync with system/security/keystore until AIDL 29 * can generate both Java and C++ bindings. 30 * 31 * @hide 32 */ 33 interface IKeystoreService { getState(int userId)34 int getState(int userId); get(String name, int uid)35 byte[] get(String name, int uid); insert(String name, in byte[] item, int uid, int flags)36 int insert(String name, in byte[] item, int uid, int flags); del(String name, int uid)37 int del(String name, int uid); exist(String name, int uid)38 int exist(String name, int uid); list(String namePrefix, int uid)39 String[] list(String namePrefix, int uid); reset()40 int reset(); onUserPasswordChanged(int userId, String newPassword)41 int onUserPasswordChanged(int userId, String newPassword); lock(int userId)42 int lock(int userId); unlock(int userId, String userPassword)43 int unlock(int userId, String userPassword); isEmpty(int userId)44 int isEmpty(int userId); generate(String name, int uid, int keyType, int keySize, int flags, in KeystoreArguments args)45 int generate(String name, int uid, int keyType, int keySize, int flags, 46 in KeystoreArguments args); import_key(String name, in byte[] data, int uid, int flags)47 int import_key(String name, in byte[] data, int uid, int flags); sign(String name, in byte[] data)48 byte[] sign(String name, in byte[] data); verify(String name, in byte[] data, in byte[] signature)49 int verify(String name, in byte[] data, in byte[] signature); get_pubkey(String name)50 byte[] get_pubkey(String name); grant(String name, int granteeUid)51 String grant(String name, int granteeUid); ungrant(String name, int granteeUid)52 int ungrant(String name, int granteeUid); getmtime(String name, int uid)53 long getmtime(String name, int uid); duplicate(String srcKey, int srcUid, String destKey, int destUid)54 int duplicate(String srcKey, int srcUid, String destKey, int destUid); is_hardware_backed(String string)55 int is_hardware_backed(String string); clear_uid(long uid)56 int clear_uid(long uid); 57 58 // Keymaster 0.4 methods addRngEntropy(in byte[] data)59 int addRngEntropy(in byte[] data); generateKey(String alias, in KeymasterArguments arguments, in byte[] entropy, int uid, int flags, out KeyCharacteristics characteristics)60 int generateKey(String alias, in KeymasterArguments arguments, in byte[] entropy, int uid, 61 int flags, out KeyCharacteristics characteristics); getKeyCharacteristics(String alias, in KeymasterBlob clientId, in KeymasterBlob appId, int uid, out KeyCharacteristics characteristics)62 int getKeyCharacteristics(String alias, in KeymasterBlob clientId, in KeymasterBlob appId, 63 int uid, out KeyCharacteristics characteristics); importKey(String alias, in KeymasterArguments arguments, int format, in byte[] keyData, int uid, int flags, out KeyCharacteristics characteristics)64 int importKey(String alias, in KeymasterArguments arguments, int format, 65 in byte[] keyData, int uid, int flags, out KeyCharacteristics characteristics); exportKey(String alias, int format, in KeymasterBlob clientId, in KeymasterBlob appId, int uid)66 ExportResult exportKey(String alias, int format, in KeymasterBlob clientId, 67 in KeymasterBlob appId, int uid); begin(IBinder appToken, String alias, int purpose, boolean pruneable, in KeymasterArguments params, in byte[] entropy, int uid)68 OperationResult begin(IBinder appToken, String alias, int purpose, boolean pruneable, 69 in KeymasterArguments params, in byte[] entropy, int uid); update(IBinder token, in KeymasterArguments params, in byte[] input)70 OperationResult update(IBinder token, in KeymasterArguments params, in byte[] input); finish(IBinder token, in KeymasterArguments params, in byte[] signature, in byte[] entropy)71 OperationResult finish(IBinder token, in KeymasterArguments params, in byte[] signature, 72 in byte[] entropy); abort(IBinder handle)73 int abort(IBinder handle); isOperationAuthorized(IBinder token)74 boolean isOperationAuthorized(IBinder token); addAuthToken(in byte[] authToken)75 int addAuthToken(in byte[] authToken); onUserAdded(int userId, int parentId)76 int onUserAdded(int userId, int parentId); onUserRemoved(int userId)77 int onUserRemoved(int userId); attestKey(String alias, in KeymasterArguments params, out KeymasterCertificateChain chain)78 int attestKey(String alias, in KeymasterArguments params, out KeymasterCertificateChain chain); attestDeviceIds(in KeymasterArguments params, out KeymasterCertificateChain chain)79 int attestDeviceIds(in KeymasterArguments params, out KeymasterCertificateChain chain); onDeviceOffBody()80 int onDeviceOffBody(); 81 } 82