IGateKeeperService.aidl revision 8fa5665f0e757cec0063fb4cf1354f1596f93a91
1/* 2 * Copyright (C) 2015 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17package android.service.gatekeeper; 18 19/** 20 * Interface for communication with GateKeeper, the 21 * secure password storage daemon. 22 * 23 * This must be kept manually in sync with system/core/gatekeeperd 24 * until AIDL can generate both C++ and Java bindings. 25 * 26 * @hide 27 */ 28interface IGateKeeperService { 29 /** 30 * Enrolls a password, returning the handle to the enrollment to be stored locally. 31 * @param uid The Android user ID associated to this enrollment 32 * @param currentPasswordHandle The previously enrolled handle, or null if none 33 * @param currentPassword The previously enrolled plaintext password, or null if none. 34 * If provided, must verify against the currentPasswordHandle. 35 * @param desiredPassword The new desired password, for which a handle will be returned 36 * upon success. 37 * @return the handle corresponding to desiredPassword, or null 38 */ 39 byte[] enroll(int uid, in byte[] currentPasswordHandle, in byte[] currentPassword, 40 in byte[] desiredPassword); 41 42 /** 43 * Verifies an enrolled handle against a provided, plaintext blob. 44 * @param uid The Android user ID associated to this enrollment 45 * @param enrolledPasswordHandle The handle against which the provided password will be 46 * verified. 47 * @param The plaintext blob to verify against enrolledPassword. 48 * @return true if success, false if failure 49 */ 50 boolean verify(int uid, in byte[] enrolledPasswordHandle, in byte[] providedPassword); 51} 52