1/** 2 * Copyright (c) 2015, The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17package android.security; 18 19import android.security.keymaster.ExportResult; 20import android.security.keymaster.KeyCharacteristics; 21import android.security.keymaster.KeymasterArguments; 22import android.security.keymaster.KeymasterCertificateChain; 23import android.security.keymaster.KeymasterBlob; 24import android.security.keymaster.OperationResult; 25import android.security.KeystoreArguments; 26 27/** 28 * This must be kept manually in sync with system/security/keystore until AIDL 29 * can generate both Java and C++ bindings. 30 * 31 * @hide 32 */ 33interface IKeystoreService { 34 int getState(int userId); 35 byte[] get(String name, int uid); 36 int insert(String name, in byte[] item, int uid, int flags); 37 int del(String name, int uid); 38 int exist(String name, int uid); 39 String[] list(String namePrefix, int uid); 40 int reset(); 41 int onUserPasswordChanged(int userId, String newPassword); 42 int lock(int userId); 43 int unlock(int userId, String userPassword); 44 int isEmpty(int userId); 45 int generate(String name, int uid, int keyType, int keySize, int flags, 46 in KeystoreArguments args); 47 int import_key(String name, in byte[] data, int uid, int flags); 48 byte[] sign(String name, in byte[] data); 49 int verify(String name, in byte[] data, in byte[] signature); 50 byte[] get_pubkey(String name); 51 String grant(String name, int granteeUid); 52 int ungrant(String name, int granteeUid); 53 long getmtime(String name, int uid); 54 int is_hardware_backed(String string); 55 int clear_uid(long uid); 56 57 // Keymaster 0.4 methods 58 int addRngEntropy(in byte[] data, int flags); 59 int generateKey(String alias, in KeymasterArguments arguments, in byte[] entropy, int uid, 60 int flags, out KeyCharacteristics characteristics); 61 int getKeyCharacteristics(String alias, in KeymasterBlob clientId, in KeymasterBlob appData, 62 int uid, out KeyCharacteristics characteristics); 63 int importKey(String alias, in KeymasterArguments arguments, int format, 64 in byte[] keyData, int uid, int flags, out KeyCharacteristics characteristics); 65 ExportResult exportKey(String alias, int format, in KeymasterBlob clientId, 66 in KeymasterBlob appData, int uid); 67 OperationResult begin(IBinder appToken, String alias, int purpose, boolean pruneable, 68 in KeymasterArguments params, in byte[] entropy, int uid); 69 OperationResult update(IBinder token, in KeymasterArguments params, in byte[] input); 70 OperationResult finish(IBinder token, in KeymasterArguments params, in byte[] signature, 71 in byte[] entropy); 72 int abort(IBinder handle); 73 boolean isOperationAuthorized(IBinder token); 74 int addAuthToken(in byte[] authToken); 75 int onUserAdded(int userId, int parentId); 76 int onUserRemoved(int userId); 77 int attestKey(String alias, in KeymasterArguments params, out KeymasterCertificateChain chain); 78 int attestDeviceIds(in KeymasterArguments params, out KeymasterCertificateChain chain); 79 int onDeviceOffBody(); 80 int importWrappedKey(in String wrappedKeyAlias, in byte[] wrappedKey, 81 in String wrappingKeyAlias, in byte[] maskingKey, in KeymasterArguments arguments, 82 in long rootSid, in long fingerprintSid, 83 out KeyCharacteristics characteristics); 84 int presentConfirmationPrompt(IBinder listener, String promptText, in byte[] extraData, 85 in String locale, in int uiOptionsAsFlags); 86 int cancelConfirmationPrompt(IBinder listener); 87 boolean isConfirmationPromptSupported(); 88 int onKeyguardVisibilityChanged(in boolean isShowing, in int userId); 89} 90