18fa5665f0e757cec0063fb4cf1354f1596f93a91Andres Morales/* 28fa5665f0e757cec0063fb4cf1354f1596f93a91Andres Morales * Copyright (C) 2015 The Android Open Source Project 38fa5665f0e757cec0063fb4cf1354f1596f93a91Andres Morales * 48fa5665f0e757cec0063fb4cf1354f1596f93a91Andres Morales * Licensed under the Apache License, Version 2.0 (the "License"); 58fa5665f0e757cec0063fb4cf1354f1596f93a91Andres Morales * you may not use this file except in compliance with the License. 68fa5665f0e757cec0063fb4cf1354f1596f93a91Andres Morales * You may obtain a copy of the License at 78fa5665f0e757cec0063fb4cf1354f1596f93a91Andres Morales * 88fa5665f0e757cec0063fb4cf1354f1596f93a91Andres Morales * http://www.apache.org/licenses/LICENSE-2.0 98fa5665f0e757cec0063fb4cf1354f1596f93a91Andres Morales * 108fa5665f0e757cec0063fb4cf1354f1596f93a91Andres Morales * Unless required by applicable law or agreed to in writing, software 118fa5665f0e757cec0063fb4cf1354f1596f93a91Andres Morales * distributed under the License is distributed on an "AS IS" BASIS, 128fa5665f0e757cec0063fb4cf1354f1596f93a91Andres Morales * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 138fa5665f0e757cec0063fb4cf1354f1596f93a91Andres Morales * See the License for the specific language governing permissions and 148fa5665f0e757cec0063fb4cf1354f1596f93a91Andres Morales * limitations under the License. 158fa5665f0e757cec0063fb4cf1354f1596f93a91Andres Morales */ 168fa5665f0e757cec0063fb4cf1354f1596f93a91Andres Morales 178fa5665f0e757cec0063fb4cf1354f1596f93a91Andres Moralespackage android.service.gatekeeper; 188fa5665f0e757cec0063fb4cf1354f1596f93a91Andres Morales 192397427cb1a0bad8a42e6a342dcf29b31e40a234Andres Moralesimport android.service.gatekeeper.GateKeeperResponse; 202397427cb1a0bad8a42e6a342dcf29b31e40a234Andres Morales 218fa5665f0e757cec0063fb4cf1354f1596f93a91Andres Morales/** 228fa5665f0e757cec0063fb4cf1354f1596f93a91Andres Morales * Interface for communication with GateKeeper, the 238fa5665f0e757cec0063fb4cf1354f1596f93a91Andres Morales * secure password storage daemon. 248fa5665f0e757cec0063fb4cf1354f1596f93a91Andres Morales * 258fa5665f0e757cec0063fb4cf1354f1596f93a91Andres Morales * This must be kept manually in sync with system/core/gatekeeperd 268fa5665f0e757cec0063fb4cf1354f1596f93a91Andres Morales * until AIDL can generate both C++ and Java bindings. 278fa5665f0e757cec0063fb4cf1354f1596f93a91Andres Morales * 288fa5665f0e757cec0063fb4cf1354f1596f93a91Andres Morales * @hide 298fa5665f0e757cec0063fb4cf1354f1596f93a91Andres Morales */ 308fa5665f0e757cec0063fb4cf1354f1596f93a91Andres Moralesinterface IGateKeeperService { 318fa5665f0e757cec0063fb4cf1354f1596f93a91Andres Morales /** 328fa5665f0e757cec0063fb4cf1354f1596f93a91Andres Morales * Enrolls a password, returning the handle to the enrollment to be stored locally. 338fa5665f0e757cec0063fb4cf1354f1596f93a91Andres Morales * @param uid The Android user ID associated to this enrollment 348fa5665f0e757cec0063fb4cf1354f1596f93a91Andres Morales * @param currentPasswordHandle The previously enrolled handle, or null if none 358fa5665f0e757cec0063fb4cf1354f1596f93a91Andres Morales * @param currentPassword The previously enrolled plaintext password, or null if none. 368fa5665f0e757cec0063fb4cf1354f1596f93a91Andres Morales * If provided, must verify against the currentPasswordHandle. 378fa5665f0e757cec0063fb4cf1354f1596f93a91Andres Morales * @param desiredPassword The new desired password, for which a handle will be returned 388fa5665f0e757cec0063fb4cf1354f1596f93a91Andres Morales * upon success. 392397427cb1a0bad8a42e6a342dcf29b31e40a234Andres Morales * @return an EnrollResponse or null on failure 408fa5665f0e757cec0063fb4cf1354f1596f93a91Andres Morales */ 412397427cb1a0bad8a42e6a342dcf29b31e40a234Andres Morales GateKeeperResponse enroll(int uid, in byte[] currentPasswordHandle, in byte[] currentPassword, 428fa5665f0e757cec0063fb4cf1354f1596f93a91Andres Morales in byte[] desiredPassword); 438fa5665f0e757cec0063fb4cf1354f1596f93a91Andres Morales 448fa5665f0e757cec0063fb4cf1354f1596f93a91Andres Morales /** 458fa5665f0e757cec0063fb4cf1354f1596f93a91Andres Morales * Verifies an enrolled handle against a provided, plaintext blob. 468fa5665f0e757cec0063fb4cf1354f1596f93a91Andres Morales * @param uid The Android user ID associated to this enrollment 478fa5665f0e757cec0063fb4cf1354f1596f93a91Andres Morales * @param enrolledPasswordHandle The handle against which the provided password will be 488fa5665f0e757cec0063fb4cf1354f1596f93a91Andres Morales * verified. 498fa5665f0e757cec0063fb4cf1354f1596f93a91Andres Morales * @param The plaintext blob to verify against enrolledPassword. 502397427cb1a0bad8a42e6a342dcf29b31e40a234Andres Morales * @return a VerifyResponse, or null on failure. 518fa5665f0e757cec0063fb4cf1354f1596f93a91Andres Morales */ 522397427cb1a0bad8a42e6a342dcf29b31e40a234Andres Morales GateKeeperResponse verify(int uid, in byte[] enrolledPasswordHandle, in byte[] providedPassword); 532397427cb1a0bad8a42e6a342dcf29b31e40a234Andres Morales 54d9fc85ac27742adbe89e54fd35f3cb2469e94b91Andres Morales /** 55d9fc85ac27742adbe89e54fd35f3cb2469e94b91Andres Morales * Verifies an enrolled handle against a provided, plaintext blob. 56d9fc85ac27742adbe89e54fd35f3cb2469e94b91Andres Morales * @param uid The Android user ID associated to this enrollment 57d9fc85ac27742adbe89e54fd35f3cb2469e94b91Andres Morales * @param challenge a challenge to authenticate agaisnt the device credential. If successful 58ca38add3ea7ac7e28bd915a52a861261a944f2bdAndres Morales * authentication occurs, this value will be written to the returned 59d9fc85ac27742adbe89e54fd35f3cb2469e94b91Andres Morales * authentication attestation. 60d9fc85ac27742adbe89e54fd35f3cb2469e94b91Andres Morales * @param enrolledPasswordHandle The handle against which the provided password will be 61d9fc85ac27742adbe89e54fd35f3cb2469e94b91Andres Morales * verified. 62d9fc85ac27742adbe89e54fd35f3cb2469e94b91Andres Morales * @param The plaintext blob to verify against enrolledPassword. 632397427cb1a0bad8a42e6a342dcf29b31e40a234Andres Morales * @return a VerifyResponse with an attestation, or null on failure. 64d9fc85ac27742adbe89e54fd35f3cb2469e94b91Andres Morales */ 652397427cb1a0bad8a42e6a342dcf29b31e40a234Andres Morales GateKeeperResponse verifyChallenge(int uid, long challenge, in byte[] enrolledPasswordHandle, 66d9fc85ac27742adbe89e54fd35f3cb2469e94b91Andres Morales in byte[] providedPassword); 67ca38add3ea7ac7e28bd915a52a861261a944f2bdAndres Morales 68ca38add3ea7ac7e28bd915a52a861261a944f2bdAndres Morales /** 69ca38add3ea7ac7e28bd915a52a861261a944f2bdAndres Morales * Retrieves the secure identifier for the user with the provided Android ID, 70ca38add3ea7ac7e28bd915a52a861261a944f2bdAndres Morales * or 0 if none is found. 71ca38add3ea7ac7e28bd915a52a861261a944f2bdAndres Morales * @param uid the Android user id 72ca38add3ea7ac7e28bd915a52a861261a944f2bdAndres Morales */ 73ca38add3ea7ac7e28bd915a52a861261a944f2bdAndres Morales long getSecureUserId(int uid); 74cfb61601fa4e92445655de7b82d2bc0ea9000824Andres Morales 75cfb61601fa4e92445655de7b82d2bc0ea9000824Andres Morales /** 76cfb61601fa4e92445655de7b82d2bc0ea9000824Andres Morales * Clears secure user id associated with the provided Android ID. 77cfb61601fa4e92445655de7b82d2bc0ea9000824Andres Morales * Must be called when password is set to NONE. 78cfb61601fa4e92445655de7b82d2bc0ea9000824Andres Morales * @param uid the Android user id. 79cfb61601fa4e92445655de7b82d2bc0ea9000824Andres Morales */ 80cfb61601fa4e92445655de7b82d2bc0ea9000824Andres Morales void clearSecureUserId(int uid); 818fa5665f0e757cec0063fb4cf1354f1596f93a91Andres Morales} 82