1 /** 2 * Copyright (c) 2015, The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package android.security; 18 19 import android.security.keymaster.ExportResult; 20 import android.security.keymaster.KeyCharacteristics; 21 import android.security.keymaster.KeymasterArguments; 22 import android.security.keymaster.KeymasterCertificateChain; 23 import android.security.keymaster.KeymasterBlob; 24 import android.security.keymaster.OperationResult; 25 import android.security.KeystoreArguments; 26 27 /** 28 * This must be kept manually in sync with system/security/keystore until AIDL 29 * can generate both Java and C++ bindings. 30 * 31 * @hide 32 */ 33 interface IKeystoreService { 34 int getState(int userId); 35 byte[] get(String name, int uid); 36 int insert(String name, in byte[] item, int uid, int flags); 37 int del(String name, int uid); 38 int exist(String name, int uid); 39 String[] list(String namePrefix, int uid); 40 int reset(); 41 int onUserPasswordChanged(int userId, String newPassword); 42 int lock(int userId); 43 int unlock(int userId, String userPassword); 44 int isEmpty(int userId); 45 int generate(String name, int uid, int keyType, int keySize, int flags, 46 in KeystoreArguments args); 47 int import_key(String name, in byte[] data, int uid, int flags); 48 byte[] sign(String name, in byte[] data); 49 int verify(String name, in byte[] data, in byte[] signature); 50 byte[] get_pubkey(String name); 51 String grant(String name, int granteeUid); 52 int ungrant(String name, int granteeUid); 53 long getmtime(String name, int uid); 54 int duplicate(String srcKey, int srcUid, String destKey, int destUid); 55 int is_hardware_backed(String string); 56 int clear_uid(long uid); 57 58 // Keymaster 0.4 methods 59 int addRngEntropy(in byte[] data); 60 int generateKey(String alias, in KeymasterArguments arguments, in byte[] entropy, int uid, 61 int flags, out KeyCharacteristics characteristics); 62 int getKeyCharacteristics(String alias, in KeymasterBlob clientId, in KeymasterBlob appId, 63 int uid, out KeyCharacteristics characteristics); 64 int importKey(String alias, in KeymasterArguments arguments, int format, 65 in byte[] keyData, int uid, int flags, out KeyCharacteristics characteristics); 66 ExportResult exportKey(String alias, int format, in KeymasterBlob clientId, 67 in KeymasterBlob appId, int uid); 68 OperationResult begin(IBinder appToken, String alias, int purpose, boolean pruneable, 69 in KeymasterArguments params, in byte[] entropy, int uid); 70 OperationResult update(IBinder token, in KeymasterArguments params, in byte[] input); 71 OperationResult finish(IBinder token, in KeymasterArguments params, in byte[] signature, 72 in byte[] entropy); 73 int abort(IBinder handle); 74 boolean isOperationAuthorized(IBinder token); 75 int addAuthToken(in byte[] authToken); 76 int onUserAdded(int userId, int parentId); 77 int onUserRemoved(int userId); 78 int attestKey(String alias, in KeymasterArguments params, out KeymasterCertificateChain chain); 79 int attestDeviceIds(in KeymasterArguments params, out KeymasterCertificateChain chain); 80 int onDeviceOffBody(); 81 } 82
