Home | History | Annotate | Download | only in keystore 
      1 /*
      2  * Copyright (C) 2012 The Android Open Source Project
      3  *
      4  * Licensed under the Apache License, Version 2.0 (the "License");
      5  * you may not use this file except in compliance with the License.
      6  * You may obtain a copy of the License at
      7  *
      8  *      http://www.apache.org/licenses/LICENSE-2.0
      9  *
     10  * Unless required by applicable law or agreed to in writing, software
     11  * distributed under the License is distributed on an "AS IS" BASIS,
     12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
     13  * See the License for the specific language governing permissions and
     14  * limitations under the License.
     15  */
     16 
     17 #ifndef KEYSTORE_IKEYSTORESERVICE_H
     18 #define KEYSTORE_IKEYSTORESERVICE_H
     19 
     20 #include <utils/RefBase.h>
     21 #include <binder/IInterface.h>
     22 #include <binder/Parcel.h>
     23 
     24 namespace android {
     25 
     26 class KeystoreArg : public RefBase {
     27 public:
     28     KeystoreArg(const void *data, size_t len);
     29     ~KeystoreArg();
     30 
     31     const void* data() const;
     32     size_t size() const;
     33 
     34 private:
     35     const void* mData;
     36     size_t mSize;
     37 };
     38 
     39 /*
     40  * This must be kept manually in sync with frameworks/base's IKeystoreService.java
     41  */
     42 class IKeystoreService: public IInterface {
     43 public:
     44     enum {
     45         TEST = IBinder::FIRST_CALL_TRANSACTION + 0,
     46         GET = IBinder::FIRST_CALL_TRANSACTION + 1,
     47         INSERT = IBinder::FIRST_CALL_TRANSACTION + 2,
     48         DEL = IBinder::FIRST_CALL_TRANSACTION + 3,
     49         EXIST = IBinder::FIRST_CALL_TRANSACTION + 4,
     50         SAW = IBinder::FIRST_CALL_TRANSACTION + 5,
     51         RESET = IBinder::FIRST_CALL_TRANSACTION + 6,
     52         PASSWORD = IBinder::FIRST_CALL_TRANSACTION + 7,
     53         LOCK = IBinder::FIRST_CALL_TRANSACTION + 8,
     54         UNLOCK = IBinder::FIRST_CALL_TRANSACTION + 9,
     55         ZERO = IBinder::FIRST_CALL_TRANSACTION + 10,
     56         GENERATE = IBinder::FIRST_CALL_TRANSACTION + 11,
     57         IMPORT = IBinder::FIRST_CALL_TRANSACTION + 12,
     58         SIGN = IBinder::FIRST_CALL_TRANSACTION + 13,
     59         VERIFY = IBinder::FIRST_CALL_TRANSACTION + 14,
     60         GET_PUBKEY = IBinder::FIRST_CALL_TRANSACTION + 15,
     61         DEL_KEY = IBinder::FIRST_CALL_TRANSACTION + 16,
     62         GRANT = IBinder::FIRST_CALL_TRANSACTION + 17,
     63         UNGRANT = IBinder::FIRST_CALL_TRANSACTION + 18,
     64         GETMTIME = IBinder::FIRST_CALL_TRANSACTION + 19,
     65         DUPLICATE = IBinder::FIRST_CALL_TRANSACTION + 20,
     66         IS_HARDWARE_BACKED = IBinder::FIRST_CALL_TRANSACTION + 21,
     67         CLEAR_UID = IBinder::FIRST_CALL_TRANSACTION + 22,
     68     };
     69 
     70     DECLARE_META_INTERFACE(KeystoreService);
     71 
     72     virtual int32_t test() = 0;
     73 
     74     virtual int32_t get(const String16& name, uint8_t** item, size_t* itemLength) = 0;
     75 
     76     virtual int32_t insert(const String16& name, const uint8_t* item, size_t itemLength, int uid,
     77             int32_t flags) = 0;
     78 
     79     virtual int32_t del(const String16& name, int uid) = 0;
     80 
     81     virtual int32_t exist(const String16& name, int uid) = 0;
     82 
     83     virtual int32_t saw(const String16& name, int uid, Vector<String16>* matches) = 0;
     84 
     85     virtual int32_t reset() = 0;
     86 
     87     virtual int32_t password(const String16& password) = 0;
     88 
     89     virtual int32_t lock() = 0;
     90 
     91     virtual int32_t unlock(const String16& password) = 0;
     92 
     93     virtual int32_t zero() = 0;
     94 
     95     virtual int32_t generate(const String16& name, int32_t uid, int32_t keyType, int32_t keySize,
     96             int32_t flags, Vector<sp<KeystoreArg> >* args) = 0;
     97 
     98     virtual int32_t import(const String16& name, const uint8_t* data, size_t length, int uid,
     99             int32_t flags) = 0;
    100 
    101     virtual int32_t sign(const String16& name, const uint8_t* data, size_t length, uint8_t** out,
    102             size_t* outLength) = 0;
    103 
    104     virtual int32_t verify(const String16& name, const uint8_t* data, size_t dataLength,
    105             const uint8_t* signature, size_t signatureLength) = 0;
    106 
    107     virtual int32_t get_pubkey(const String16& name, uint8_t** pubkey, size_t* pubkeyLength) = 0;
    108 
    109     virtual int32_t del_key(const String16& name, int uid) = 0;
    110 
    111     virtual int32_t grant(const String16& name, int32_t granteeUid) = 0;
    112 
    113     virtual int32_t ungrant(const String16& name, int32_t granteeUid) = 0;
    114 
    115     virtual int64_t getmtime(const String16& name) = 0;
    116 
    117     virtual int32_t duplicate(const String16& srcKey, int32_t srcUid, const String16& destKey,
    118             int32_t destUid) = 0;
    119 
    120     virtual int32_t is_hardware_backed(const String16& keyType) = 0;
    121 
    122     virtual int32_t clear_uid(int64_t uid) = 0;
    123 };
    124 
    125 // ----------------------------------------------------------------------------
    126 
    127 class BnKeystoreService: public BnInterface<IKeystoreService> {
    128 public:
    129     virtual status_t onTransact(uint32_t code, const Parcel& data, Parcel* reply,
    130             uint32_t flags = 0);
    131 };
    132 
    133 } // namespace android
    134 
    135 #endif
    136