IKeystoreService.aidl revision ccb492da4478a11210b1a7aa885ad38958ca837f
13bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien/** 23bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien * Copyright (c) 2015, The Android Open Source Project 33bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien * 43bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien * Licensed under the Apache License, Version 2.0 (the "License"); 53bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien * you may not use this file except in compliance with the License. 63bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien * You may obtain a copy of the License at 73bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien * 83bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien * http://www.apache.org/licenses/LICENSE-2.0 93bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien * 103bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien * Unless required by applicable law or agreed to in writing, software 113bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien * distributed under the License is distributed on an "AS IS" BASIS, 123bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 133bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien * See the License for the specific language governing permissions and 143bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien * limitations under the License. 153bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien */ 163bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien 173bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chienpackage android.security; 183bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien 193bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chienimport android.security.keymaster.ExportResult; 203bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chienimport android.security.keymaster.KeyCharacteristics; 213bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chienimport android.security.keymaster.KeymasterArguments; 223bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chienimport android.security.keymaster.KeymasterCertificateChain; 233bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chienimport android.security.keymaster.KeymasterBlob; 243bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chienimport android.security.keymaster.OperationResult; 253bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chienimport android.security.KeystoreArguments; 263bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien 273bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien/** 283bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien * This must be kept manually in sync with system/security/keystore until AIDL 293bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien * can generate both Java and C++ bindings. 303bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien * 313bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien * @hide 323bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien */ 333bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chieninterface IKeystoreService { 343bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien int getState(int userId); 353bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien byte[] get(String name, int uid); 363bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien int insert(String name, in byte[] item, int uid, int flags); 373bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien int del(String name, int uid); 383bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien int exist(String name, int uid); 393bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien String[] list(String namePrefix, int uid); 403bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien int reset(); 413bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien int onUserPasswordChanged(int userId, String newPassword); 423bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien int lock(int userId); 433bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien int unlock(int userId, String userPassword); 443bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien int isEmpty(int userId); 453bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien int generate(String name, int uid, int keyType, int keySize, int flags, 463bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien in KeystoreArguments args); 473bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien int import_key(String name, in byte[] data, int uid, int flags); 483bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien byte[] sign(String name, in byte[] data); 493bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien int verify(String name, in byte[] data, in byte[] signature); 503bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien byte[] get_pubkey(String name); 513bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien String grant(String name, int granteeUid); 523bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien int ungrant(String name, int granteeUid); 533bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien long getmtime(String name, int uid); 543bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien int is_hardware_backed(String string); 553bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien int clear_uid(long uid); 563bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien 573bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien // Keymaster 0.4 methods 583bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien int addRngEntropy(in byte[] data, int flags); 593bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien int generateKey(String alias, in KeymasterArguments arguments, in byte[] entropy, int uid, 603bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien int flags, out KeyCharacteristics characteristics); 613bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien int getKeyCharacteristics(String alias, in KeymasterBlob clientId, in KeymasterBlob appId, 623bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien int uid, out KeyCharacteristics characteristics); 633bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien int importKey(String alias, in KeymasterArguments arguments, int format, 643bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien in byte[] keyData, int uid, int flags, out KeyCharacteristics characteristics); 653bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien ExportResult exportKey(String alias, int format, in KeymasterBlob clientId, 663bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien in KeymasterBlob appId, int uid); 673bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien OperationResult begin(IBinder appToken, String alias, int purpose, boolean pruneable, 683bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien in KeymasterArguments params, in byte[] entropy, int uid); 693bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien OperationResult update(IBinder token, in KeymasterArguments params, in byte[] input); 703bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien OperationResult finish(IBinder token, in KeymasterArguments params, in byte[] signature, 713bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien in byte[] entropy); 723bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien int abort(IBinder handle); 733bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien boolean isOperationAuthorized(IBinder token); 74ccb492da4478a11210b1a7aa885ad38958ca837fBrian Young int addAuthToken(in byte[] authToken); 753bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien int onUserAdded(int userId, int parentId); 763bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien int onUserRemoved(int userId); 773bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien int attestKey(String alias, in KeymasterArguments params, out KeymasterCertificateChain chain); 783bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien int attestDeviceIds(in KeymasterArguments params, out KeymasterCertificateChain chain); 793bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien int onDeviceOffBody(); 803bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien int importWrappedKey(in String wrappedKeyAlias, in byte[] wrappedKey, 813bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien in String wrappingKeyAlias, in byte[] maskingKey, in KeymasterArguments arguments, 823bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien in long rootSid, in long fingerprintSid, 833bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien out KeyCharacteristics characteristics); 843bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien int presentConfirmationPrompt(IBinder listener, String promptText, in byte[] extraData, 853bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien in String locale, in int uiOptionsAsFlags); 863bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien int cancelConfirmationPrompt(IBinder listener); 873bd6a51a6d49e465bcb03a43998f5bd9367fb59cLogan Chien} 88