diff options
25 files changed, 773 insertions, 7 deletions
diff --git a/keystore2/aidl/Android.bp b/keystore2/aidl/Android.bp index 383b0c25..c6f9de70 100644 --- a/keystore2/aidl/Android.bp +++ b/keystore2/aidl/Android.bp @@ -19,8 +19,8 @@ package { aidl_interface { name: "android.system.keystore2", vendor_available: true, - srcs: [ "android/system/keystore2/*.aidl" ], - imports: [ "android.hardware.security.keymint" ], + srcs: ["android/system/keystore2/*.aidl"], + imports: ["android.hardware.security.keymint"], stability: "vintf", backend: { java: { @@ -41,4 +41,5 @@ aidl_interface { ], }, }, + versions: ["1"], } diff --git a/keystore2/aidl/aidl_api/android.system.keystore2/1/.hash b/keystore2/aidl/aidl_api/android.system.keystore2/1/.hash new file mode 100644 index 00000000..256f639e --- /dev/null +++ b/keystore2/aidl/aidl_api/android.system.keystore2/1/.hash @@ -0,0 +1 @@ +19e8b65277839bad0ab335c781e3c652324920ce diff --git a/keystore2/aidl/aidl_api/android.system.keystore2/1/android/system/keystore2/AuthenticatorSpec.aidl b/keystore2/aidl/aidl_api/android.system.keystore2/1/android/system/keystore2/AuthenticatorSpec.aidl new file mode 100644 index 00000000..61b45d73 --- /dev/null +++ b/keystore2/aidl/aidl_api/android.system.keystore2/1/android/system/keystore2/AuthenticatorSpec.aidl @@ -0,0 +1,40 @@ +/* + * Copyright 2020, The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/////////////////////////////////////////////////////////////////////////////// +// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. // +/////////////////////////////////////////////////////////////////////////////// + +// This file is a snapshot of an AIDL file. Do not edit it manually. There are +// two cases: +// 1). this is a frozen version file - do not edit this in any case. +// 2). this is a 'current' file. If you make a backwards compatible change to +// the interface (from the latest frozen version), the build system will +// prompt you to update this file with `m <name>-update-api`. +// +// You must not make a backward incompatible change to any AIDL file built +// with the aidl_interface module type with versions property set. The module +// type is used to build AIDL files in a way that they can be used across +// independently updatable components of the system. If a device is shipped +// with such a backward incompatible change, it has a high risk of breaking +// later when a module using the interface is updated, e.g., Mainline modules. + +package android.system.keystore2; +/* @hide */ +@VintfStability +parcelable AuthenticatorSpec { + android.hardware.security.keymint.HardwareAuthenticatorType authenticatorType; + long authenticatorId; +} diff --git a/keystore2/aidl/aidl_api/android.system.keystore2/1/android/system/keystore2/Authorization.aidl b/keystore2/aidl/aidl_api/android.system.keystore2/1/android/system/keystore2/Authorization.aidl new file mode 100644 index 00000000..0b8c9196 --- /dev/null +++ b/keystore2/aidl/aidl_api/android.system.keystore2/1/android/system/keystore2/Authorization.aidl @@ -0,0 +1,40 @@ +/* + * Copyright 2020, The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/////////////////////////////////////////////////////////////////////////////// +// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. // +/////////////////////////////////////////////////////////////////////////////// + +// This file is a snapshot of an AIDL file. Do not edit it manually. There are +// two cases: +// 1). this is a frozen version file - do not edit this in any case. +// 2). this is a 'current' file. If you make a backwards compatible change to +// the interface (from the latest frozen version), the build system will +// prompt you to update this file with `m <name>-update-api`. +// +// You must not make a backward incompatible change to any AIDL file built +// with the aidl_interface module type with versions property set. The module +// type is used to build AIDL files in a way that they can be used across +// independently updatable components of the system. If a device is shipped +// with such a backward incompatible change, it has a high risk of breaking +// later when a module using the interface is updated, e.g., Mainline modules. + +package android.system.keystore2; +/* @hide */ +@VintfStability +parcelable Authorization { + android.hardware.security.keymint.SecurityLevel securityLevel; + android.hardware.security.keymint.KeyParameter keyParameter; +} diff --git a/keystore2/aidl/aidl_api/android.system.keystore2/1/android/system/keystore2/CreateOperationResponse.aidl b/keystore2/aidl/aidl_api/android.system.keystore2/1/android/system/keystore2/CreateOperationResponse.aidl new file mode 100644 index 00000000..e37facbd --- /dev/null +++ b/keystore2/aidl/aidl_api/android.system.keystore2/1/android/system/keystore2/CreateOperationResponse.aidl @@ -0,0 +1,42 @@ +/* + * Copyright 2020, The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/////////////////////////////////////////////////////////////////////////////// +// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. // +/////////////////////////////////////////////////////////////////////////////// + +// This file is a snapshot of an AIDL file. Do not edit it manually. There are +// two cases: +// 1). this is a frozen version file - do not edit this in any case. +// 2). this is a 'current' file. If you make a backwards compatible change to +// the interface (from the latest frozen version), the build system will +// prompt you to update this file with `m <name>-update-api`. +// +// You must not make a backward incompatible change to any AIDL file built +// with the aidl_interface module type with versions property set. The module +// type is used to build AIDL files in a way that they can be used across +// independently updatable components of the system. If a device is shipped +// with such a backward incompatible change, it has a high risk of breaking +// later when a module using the interface is updated, e.g., Mainline modules. + +package android.system.keystore2; +/* @hide */ +@VintfStability +parcelable CreateOperationResponse { + android.system.keystore2.IKeystoreOperation iOperation; + @nullable android.system.keystore2.OperationChallenge operationChallenge; + @nullable android.system.keystore2.KeyParameters parameters; + @nullable byte[] upgradedBlob; +} diff --git a/keystore2/aidl/aidl_api/android.system.keystore2/1/android/system/keystore2/Domain.aidl b/keystore2/aidl/aidl_api/android.system.keystore2/1/android/system/keystore2/Domain.aidl new file mode 100644 index 00000000..4fd54aa5 --- /dev/null +++ b/keystore2/aidl/aidl_api/android.system.keystore2/1/android/system/keystore2/Domain.aidl @@ -0,0 +1,43 @@ +/* + * Copyright 2020, The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/////////////////////////////////////////////////////////////////////////////// +// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. // +/////////////////////////////////////////////////////////////////////////////// + +// This file is a snapshot of an AIDL file. Do not edit it manually. There are +// two cases: +// 1). this is a frozen version file - do not edit this in any case. +// 2). this is a 'current' file. If you make a backwards compatible change to +// the interface (from the latest frozen version), the build system will +// prompt you to update this file with `m <name>-update-api`. +// +// You must not make a backward incompatible change to any AIDL file built +// with the aidl_interface module type with versions property set. The module +// type is used to build AIDL files in a way that they can be used across +// independently updatable components of the system. If a device is shipped +// with such a backward incompatible change, it has a high risk of breaking +// later when a module using the interface is updated, e.g., Mainline modules. + +package android.system.keystore2; +/* @hide */ +@Backing(type="int") @VintfStability +enum Domain { + APP = 0, + GRANT = 1, + SELINUX = 2, + BLOB = 3, + KEY_ID = 4, +} diff --git a/keystore2/aidl/aidl_api/android.system.keystore2/1/android/system/keystore2/EphemeralStorageKeyResponse.aidl b/keystore2/aidl/aidl_api/android.system.keystore2/1/android/system/keystore2/EphemeralStorageKeyResponse.aidl new file mode 100644 index 00000000..963af7bf --- /dev/null +++ b/keystore2/aidl/aidl_api/android.system.keystore2/1/android/system/keystore2/EphemeralStorageKeyResponse.aidl @@ -0,0 +1,40 @@ +/* + * Copyright 2021, The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/////////////////////////////////////////////////////////////////////////////// +// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. // +/////////////////////////////////////////////////////////////////////////////// + +// This file is a snapshot of an AIDL file. Do not edit it manually. There are +// two cases: +// 1). this is a frozen version file - do not edit this in any case. +// 2). this is a 'current' file. If you make a backwards compatible change to +// the interface (from the latest frozen version), the build system will +// prompt you to update this file with `m <name>-update-api`. +// +// You must not make a backward incompatible change to any AIDL file built +// with the aidl_interface module type with versions property set. The module +// type is used to build AIDL files in a way that they can be used across +// independently updatable components of the system. If a device is shipped +// with such a backward incompatible change, it has a high risk of breaking +// later when a module using the interface is updated, e.g., Mainline modules. + +package android.system.keystore2; +/* @hide */ +@VintfStability +parcelable EphemeralStorageKeyResponse { + byte[] ephemeralKey; + @nullable byte[] upgradedBlob; +} diff --git a/keystore2/aidl/aidl_api/android.system.keystore2/1/android/system/keystore2/IKeystoreOperation.aidl b/keystore2/aidl/aidl_api/android.system.keystore2/1/android/system/keystore2/IKeystoreOperation.aidl new file mode 100644 index 00000000..df911cd3 --- /dev/null +++ b/keystore2/aidl/aidl_api/android.system.keystore2/1/android/system/keystore2/IKeystoreOperation.aidl @@ -0,0 +1,42 @@ +/* + * Copyright (C) 2020 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/////////////////////////////////////////////////////////////////////////////// +// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. // +/////////////////////////////////////////////////////////////////////////////// + +// This file is a snapshot of an AIDL file. Do not edit it manually. There are +// two cases: +// 1). this is a frozen version file - do not edit this in any case. +// 2). this is a 'current' file. If you make a backwards compatible change to +// the interface (from the latest frozen version), the build system will +// prompt you to update this file with `m <name>-update-api`. +// +// You must not make a backward incompatible change to any AIDL file built +// with the aidl_interface module type with versions property set. The module +// type is used to build AIDL files in a way that they can be used across +// independently updatable components of the system. If a device is shipped +// with such a backward incompatible change, it has a high risk of breaking +// later when a module using the interface is updated, e.g., Mainline modules. + +package android.system.keystore2; +/* @hide */ +@SensitiveData @VintfStability +interface IKeystoreOperation { + void updateAad(in byte[] aadInput); + @nullable byte[] update(in byte[] input); + @nullable byte[] finish(in @nullable byte[] input, in @nullable byte[] signature); + void abort(); +} diff --git a/keystore2/aidl/aidl_api/android.system.keystore2/1/android/system/keystore2/IKeystoreSecurityLevel.aidl b/keystore2/aidl/aidl_api/android.system.keystore2/1/android/system/keystore2/IKeystoreSecurityLevel.aidl new file mode 100644 index 00000000..a14ee85e --- /dev/null +++ b/keystore2/aidl/aidl_api/android.system.keystore2/1/android/system/keystore2/IKeystoreSecurityLevel.aidl @@ -0,0 +1,45 @@ +/* + * Copyright (C) 2020 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/////////////////////////////////////////////////////////////////////////////// +// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. // +/////////////////////////////////////////////////////////////////////////////// + +// This file is a snapshot of an AIDL file. Do not edit it manually. There are +// two cases: +// 1). this is a frozen version file - do not edit this in any case. +// 2). this is a 'current' file. If you make a backwards compatible change to +// the interface (from the latest frozen version), the build system will +// prompt you to update this file with `m <name>-update-api`. +// +// You must not make a backward incompatible change to any AIDL file built +// with the aidl_interface module type with versions property set. The module +// type is used to build AIDL files in a way that they can be used across +// independently updatable components of the system. If a device is shipped +// with such a backward incompatible change, it has a high risk of breaking +// later when a module using the interface is updated, e.g., Mainline modules. + +package android.system.keystore2; +/* @hide */ +@SensitiveData @VintfStability +interface IKeystoreSecurityLevel { + android.system.keystore2.CreateOperationResponse createOperation(in android.system.keystore2.KeyDescriptor key, in android.hardware.security.keymint.KeyParameter[] operationParameters, in boolean forced); + android.system.keystore2.KeyMetadata generateKey(in android.system.keystore2.KeyDescriptor key, in @nullable android.system.keystore2.KeyDescriptor attestationKey, in android.hardware.security.keymint.KeyParameter[] params, in int flags, in byte[] entropy); + android.system.keystore2.KeyMetadata importKey(in android.system.keystore2.KeyDescriptor key, in @nullable android.system.keystore2.KeyDescriptor attestationKey, in android.hardware.security.keymint.KeyParameter[] params, in int flags, in byte[] keyData); + android.system.keystore2.KeyMetadata importWrappedKey(in android.system.keystore2.KeyDescriptor key, in android.system.keystore2.KeyDescriptor wrappingKey, in @nullable byte[] maskingKey, in android.hardware.security.keymint.KeyParameter[] params, in android.system.keystore2.AuthenticatorSpec[] authenticators); + android.system.keystore2.EphemeralStorageKeyResponse convertStorageKeyToEphemeral(in android.system.keystore2.KeyDescriptor storageKey); + void deleteKey(in android.system.keystore2.KeyDescriptor key); + const int KEY_FLAG_AUTH_BOUND_WITHOUT_CRYPTOGRAPHIC_LSKF_BINDING = 1; +} diff --git a/keystore2/aidl/aidl_api/android.system.keystore2/1/android/system/keystore2/IKeystoreService.aidl b/keystore2/aidl/aidl_api/android.system.keystore2/1/android/system/keystore2/IKeystoreService.aidl new file mode 100644 index 00000000..5ed5d37a --- /dev/null +++ b/keystore2/aidl/aidl_api/android.system.keystore2/1/android/system/keystore2/IKeystoreService.aidl @@ -0,0 +1,45 @@ +/* + * Copyright (C) 2020 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/////////////////////////////////////////////////////////////////////////////// +// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. // +/////////////////////////////////////////////////////////////////////////////// + +// This file is a snapshot of an AIDL file. Do not edit it manually. There are +// two cases: +// 1). this is a frozen version file - do not edit this in any case. +// 2). this is a 'current' file. If you make a backwards compatible change to +// the interface (from the latest frozen version), the build system will +// prompt you to update this file with `m <name>-update-api`. +// +// You must not make a backward incompatible change to any AIDL file built +// with the aidl_interface module type with versions property set. The module +// type is used to build AIDL files in a way that they can be used across +// independently updatable components of the system. If a device is shipped +// with such a backward incompatible change, it has a high risk of breaking +// later when a module using the interface is updated, e.g., Mainline modules. + +package android.system.keystore2; +/* @hide */ +@VintfStability +interface IKeystoreService { + android.system.keystore2.IKeystoreSecurityLevel getSecurityLevel(in android.hardware.security.keymint.SecurityLevel securityLevel); + android.system.keystore2.KeyEntryResponse getKeyEntry(in android.system.keystore2.KeyDescriptor key); + void updateSubcomponent(in android.system.keystore2.KeyDescriptor key, in @nullable byte[] publicCert, in @nullable byte[] certificateChain); + android.system.keystore2.KeyDescriptor[] listEntries(in android.system.keystore2.Domain domain, in long nspace); + void deleteKey(in android.system.keystore2.KeyDescriptor key); + android.system.keystore2.KeyDescriptor grant(in android.system.keystore2.KeyDescriptor key, in int granteeUid, in int accessVector); + void ungrant(in android.system.keystore2.KeyDescriptor key, in int granteeUid); +} diff --git a/keystore2/aidl/aidl_api/android.system.keystore2/1/android/system/keystore2/KeyDescriptor.aidl b/keystore2/aidl/aidl_api/android.system.keystore2/1/android/system/keystore2/KeyDescriptor.aidl new file mode 100644 index 00000000..895a9277 --- /dev/null +++ b/keystore2/aidl/aidl_api/android.system.keystore2/1/android/system/keystore2/KeyDescriptor.aidl @@ -0,0 +1,42 @@ +/* + * Copyright (C) 2020 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/////////////////////////////////////////////////////////////////////////////// +// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. // +/////////////////////////////////////////////////////////////////////////////// + +// This file is a snapshot of an AIDL file. Do not edit it manually. There are +// two cases: +// 1). this is a frozen version file - do not edit this in any case. +// 2). this is a 'current' file. If you make a backwards compatible change to +// the interface (from the latest frozen version), the build system will +// prompt you to update this file with `m <name>-update-api`. +// +// You must not make a backward incompatible change to any AIDL file built +// with the aidl_interface module type with versions property set. The module +// type is used to build AIDL files in a way that they can be used across +// independently updatable components of the system. If a device is shipped +// with such a backward incompatible change, it has a high risk of breaking +// later when a module using the interface is updated, e.g., Mainline modules. + +package android.system.keystore2; +/* @hide */ +@RustDerive(Clone=true, Eq=true, Ord=true, PartialEq=true, PartialOrd=true) @VintfStability +parcelable KeyDescriptor { + android.system.keystore2.Domain domain; + long nspace; + @nullable String alias; + @nullable byte[] blob; +} diff --git a/keystore2/aidl/aidl_api/android.system.keystore2/1/android/system/keystore2/KeyEntryResponse.aidl b/keystore2/aidl/aidl_api/android.system.keystore2/1/android/system/keystore2/KeyEntryResponse.aidl new file mode 100644 index 00000000..ea313b3d --- /dev/null +++ b/keystore2/aidl/aidl_api/android.system.keystore2/1/android/system/keystore2/KeyEntryResponse.aidl @@ -0,0 +1,40 @@ +/* + * Copyright 2020, The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/////////////////////////////////////////////////////////////////////////////// +// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. // +/////////////////////////////////////////////////////////////////////////////// + +// This file is a snapshot of an AIDL file. Do not edit it manually. There are +// two cases: +// 1). this is a frozen version file - do not edit this in any case. +// 2). this is a 'current' file. If you make a backwards compatible change to +// the interface (from the latest frozen version), the build system will +// prompt you to update this file with `m <name>-update-api`. +// +// You must not make a backward incompatible change to any AIDL file built +// with the aidl_interface module type with versions property set. The module +// type is used to build AIDL files in a way that they can be used across +// independently updatable components of the system. If a device is shipped +// with such a backward incompatible change, it has a high risk of breaking +// later when a module using the interface is updated, e.g., Mainline modules. + +package android.system.keystore2; +/* @hide */ +@VintfStability +parcelable KeyEntryResponse { + @nullable android.system.keystore2.IKeystoreSecurityLevel iSecurityLevel; + android.system.keystore2.KeyMetadata metadata; +} diff --git a/keystore2/aidl/aidl_api/android.system.keystore2/1/android/system/keystore2/KeyMetadata.aidl b/keystore2/aidl/aidl_api/android.system.keystore2/1/android/system/keystore2/KeyMetadata.aidl new file mode 100644 index 00000000..5c8df716 --- /dev/null +++ b/keystore2/aidl/aidl_api/android.system.keystore2/1/android/system/keystore2/KeyMetadata.aidl @@ -0,0 +1,44 @@ +/* + * Copyright 2020, The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/////////////////////////////////////////////////////////////////////////////// +// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. // +/////////////////////////////////////////////////////////////////////////////// + +// This file is a snapshot of an AIDL file. Do not edit it manually. There are +// two cases: +// 1). this is a frozen version file - do not edit this in any case. +// 2). this is a 'current' file. If you make a backwards compatible change to +// the interface (from the latest frozen version), the build system will +// prompt you to update this file with `m <name>-update-api`. +// +// You must not make a backward incompatible change to any AIDL file built +// with the aidl_interface module type with versions property set. The module +// type is used to build AIDL files in a way that they can be used across +// independently updatable components of the system. If a device is shipped +// with such a backward incompatible change, it has a high risk of breaking +// later when a module using the interface is updated, e.g., Mainline modules. + +package android.system.keystore2; +/* @hide */ +@VintfStability +parcelable KeyMetadata { + android.system.keystore2.KeyDescriptor key; + android.hardware.security.keymint.SecurityLevel keySecurityLevel; + android.system.keystore2.Authorization[] authorizations; + @nullable byte[] certificate; + @nullable byte[] certificateChain; + long modificationTimeMs; +} diff --git a/keystore2/aidl/aidl_api/android.system.keystore2/1/android/system/keystore2/KeyParameters.aidl b/keystore2/aidl/aidl_api/android.system.keystore2/1/android/system/keystore2/KeyParameters.aidl new file mode 100644 index 00000000..f9c836a5 --- /dev/null +++ b/keystore2/aidl/aidl_api/android.system.keystore2/1/android/system/keystore2/KeyParameters.aidl @@ -0,0 +1,39 @@ +/* + * Copyright 2020, The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/////////////////////////////////////////////////////////////////////////////// +// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. // +/////////////////////////////////////////////////////////////////////////////// + +// This file is a snapshot of an AIDL file. Do not edit it manually. There are +// two cases: +// 1). this is a frozen version file - do not edit this in any case. +// 2). this is a 'current' file. If you make a backwards compatible change to +// the interface (from the latest frozen version), the build system will +// prompt you to update this file with `m <name>-update-api`. +// +// You must not make a backward incompatible change to any AIDL file built +// with the aidl_interface module type with versions property set. The module +// type is used to build AIDL files in a way that they can be used across +// independently updatable components of the system. If a device is shipped +// with such a backward incompatible change, it has a high risk of breaking +// later when a module using the interface is updated, e.g., Mainline modules. + +package android.system.keystore2; +/* @hide */ +@VintfStability +parcelable KeyParameters { + android.hardware.security.keymint.KeyParameter[] keyParameter; +} diff --git a/keystore2/aidl/aidl_api/android.system.keystore2/1/android/system/keystore2/KeyPermission.aidl b/keystore2/aidl/aidl_api/android.system.keystore2/1/android/system/keystore2/KeyPermission.aidl new file mode 100644 index 00000000..d023e245 --- /dev/null +++ b/keystore2/aidl/aidl_api/android.system.keystore2/1/android/system/keystore2/KeyPermission.aidl @@ -0,0 +1,51 @@ +/* + * Copyright 2020, The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/////////////////////////////////////////////////////////////////////////////// +// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. // +/////////////////////////////////////////////////////////////////////////////// + +// This file is a snapshot of an AIDL file. Do not edit it manually. There are +// two cases: +// 1). this is a frozen version file - do not edit this in any case. +// 2). this is a 'current' file. If you make a backwards compatible change to +// the interface (from the latest frozen version), the build system will +// prompt you to update this file with `m <name>-update-api`. +// +// You must not make a backward incompatible change to any AIDL file built +// with the aidl_interface module type with versions property set. The module +// type is used to build AIDL files in a way that they can be used across +// independently updatable components of the system. If a device is shipped +// with such a backward incompatible change, it has a high risk of breaking +// later when a module using the interface is updated, e.g., Mainline modules. + +package android.system.keystore2; +/* @hide */ +@Backing(type="int") @VintfStability +enum KeyPermission { + NONE = 0, + DELETE = 1, + GEN_UNIQUE_ID = 2, + GET_INFO = 4, + GRANT = 8, + MANAGE_BLOB = 16, + REBIND = 32, + REQ_FORCED_OP = 64, + UPDATE = 128, + USE = 256, + USE_DEV_ID = 512, + USE_NO_LSKF_BINDING = 1024, + CONVERT_STORAGE_KEY_TO_EPHEMERAL = 2048, +} diff --git a/keystore2/aidl/aidl_api/android.system.keystore2/1/android/system/keystore2/OperationChallenge.aidl b/keystore2/aidl/aidl_api/android.system.keystore2/1/android/system/keystore2/OperationChallenge.aidl new file mode 100644 index 00000000..0a079fb1 --- /dev/null +++ b/keystore2/aidl/aidl_api/android.system.keystore2/1/android/system/keystore2/OperationChallenge.aidl @@ -0,0 +1,39 @@ +/* + * Copyright 2020, The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/////////////////////////////////////////////////////////////////////////////// +// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. // +/////////////////////////////////////////////////////////////////////////////// + +// This file is a snapshot of an AIDL file. Do not edit it manually. There are +// two cases: +// 1). this is a frozen version file - do not edit this in any case. +// 2). this is a 'current' file. If you make a backwards compatible change to +// the interface (from the latest frozen version), the build system will +// prompt you to update this file with `m <name>-update-api`. +// +// You must not make a backward incompatible change to any AIDL file built +// with the aidl_interface module type with versions property set. The module +// type is used to build AIDL files in a way that they can be used across +// independently updatable components of the system. If a device is shipped +// with such a backward incompatible change, it has a high risk of breaking +// later when a module using the interface is updated, e.g., Mainline modules. + +package android.system.keystore2; +/* @hide */ +@VintfStability +parcelable OperationChallenge { + long challenge; +} diff --git a/keystore2/aidl/aidl_api/android.system.keystore2/1/android/system/keystore2/ResponseCode.aidl b/keystore2/aidl/aidl_api/android.system.keystore2/1/android/system/keystore2/ResponseCode.aidl new file mode 100644 index 00000000..bbeb5d24 --- /dev/null +++ b/keystore2/aidl/aidl_api/android.system.keystore2/1/android/system/keystore2/ResponseCode.aidl @@ -0,0 +1,50 @@ +/* + * Copyright 2020, The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/////////////////////////////////////////////////////////////////////////////// +// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. // +/////////////////////////////////////////////////////////////////////////////// + +// This file is a snapshot of an AIDL file. Do not edit it manually. There are +// two cases: +// 1). this is a frozen version file - do not edit this in any case. +// 2). this is a 'current' file. If you make a backwards compatible change to +// the interface (from the latest frozen version), the build system will +// prompt you to update this file with `m <name>-update-api`. +// +// You must not make a backward incompatible change to any AIDL file built +// with the aidl_interface module type with versions property set. The module +// type is used to build AIDL files in a way that they can be used across +// independently updatable components of the system. If a device is shipped +// with such a backward incompatible change, it has a high risk of breaking +// later when a module using the interface is updated, e.g., Mainline modules. + +package android.system.keystore2; +/* @hide */ +@Backing(type="int") @VintfStability +enum ResponseCode { + LOCKED = 2, + UNINITIALIZED = 3, + SYSTEM_ERROR = 4, + PERMISSION_DENIED = 6, + KEY_NOT_FOUND = 7, + VALUE_CORRUPTED = 8, + KEY_PERMANENTLY_INVALIDATED = 17, + BACKEND_BUSY = 18, + OPERATION_BUSY = 19, + INVALID_ARGUMENT = 20, + TOO_MUCH_DATA = 21, + OUT_OF_KEYS = 22, +} diff --git a/keystore2/aidl/android/system/keystore2/IKeystoreSecurityLevel.aidl b/keystore2/aidl/android/system/keystore2/IKeystoreSecurityLevel.aidl index 3ee0c0cc..7aa422a1 100644 --- a/keystore2/aidl/android/system/keystore2/IKeystoreSecurityLevel.aidl +++ b/keystore2/aidl/android/system/keystore2/IKeystoreSecurityLevel.aidl @@ -101,9 +101,13 @@ interface IKeystoreSecurityLevel { * of the caller. * * SeLinux: The key is stored by the alias string in the namespace given by the * `nspace` field provided the caller has the appropriate access rights. - * * Blob: The key is returned as raw keymint blob in the resultKey.blob field. - * The `nspace` and `alias` fields are ignored. The caller must have the - * `MANAGE_BLOB` permission for the keystore:keystore_key context. + * * Blob: The key is returned as an opaque KeyMint blob in the KeyMetadata.key.blob + * field of the return value. + * The `alias` field is ignored. The caller must have the `MANAGE_BLOB` + * permission for the targeted `keystore2_key` context given by + * `nspace`. `nspace` is translated into the corresponding target context + * `<target_context>` and `<target_context>:keystore2_key manage_blob` is + * checked against the caller's context. * * @param attestationKey Optional key to be used for signing the attestation certificate. * diff --git a/suspend/aidl/Android.bp b/suspend/aidl/Android.bp index 8e45f9e0..7f6846a2 100644 --- a/suspend/aidl/Android.bp +++ b/suspend/aidl/Android.bp @@ -35,6 +35,7 @@ aidl_interface { sdk_version: "28", }, }, + versions: ["1"], } aidl_interface { diff --git a/suspend/aidl/aidl_api/android.system.suspend.control/1/.hash b/suspend/aidl/aidl_api/android.system.suspend.control/1/.hash new file mode 100644 index 00000000..68139ca8 --- /dev/null +++ b/suspend/aidl/aidl_api/android.system.suspend.control/1/.hash @@ -0,0 +1 @@ +34506b107801d68c881c2c7368ad4c676aed3e9b diff --git a/suspend/aidl/aidl_api/android.system.suspend.control/1/android/system/suspend/ISuspendCallback.aidl b/suspend/aidl/aidl_api/android.system.suspend.control/1/android/system/suspend/ISuspendCallback.aidl new file mode 100644 index 00000000..d3662efd --- /dev/null +++ b/suspend/aidl/aidl_api/android.system.suspend.control/1/android/system/suspend/ISuspendCallback.aidl @@ -0,0 +1,38 @@ +/* + * Copyright (C) 2019 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/////////////////////////////////////////////////////////////////////////////// +// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. // +/////////////////////////////////////////////////////////////////////////////// + +// This file is a snapshot of an AIDL file. Do not edit it manually. There are +// two cases: +// 1). this is a frozen version file - do not edit this in any case. +// 2). this is a 'current' file. If you make a backwards compatible change to +// the interface (from the latest frozen version), the build system will +// prompt you to update this file with `m <name>-update-api`. +// +// You must not make a backward incompatible change to any AIDL file built +// with the aidl_interface module type with versions property set. The module +// type is used to build AIDL files in a way that they can be used across +// independently updatable components of the system. If a device is shipped +// with such a backward incompatible change, it has a high risk of breaking +// later when a module using the interface is updated, e.g., Mainline modules. + +package android.system.suspend; +/* @hide */ +interface ISuspendCallback { + void notifyWakeup(boolean success, in @utf8InCpp String[] wakeupReasons); +} diff --git a/suspend/aidl/aidl_api/android.system.suspend.control/1/android/system/suspend/ISuspendControlService.aidl b/suspend/aidl/aidl_api/android.system.suspend.control/1/android/system/suspend/ISuspendControlService.aidl new file mode 100644 index 00000000..32cfd143 --- /dev/null +++ b/suspend/aidl/aidl_api/android.system.suspend.control/1/android/system/suspend/ISuspendControlService.aidl @@ -0,0 +1,39 @@ +/* + * Copyright (C) 2019 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/////////////////////////////////////////////////////////////////////////////// +// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. // +/////////////////////////////////////////////////////////////////////////////// + +// This file is a snapshot of an AIDL file. Do not edit it manually. There are +// two cases: +// 1). this is a frozen version file - do not edit this in any case. +// 2). this is a 'current' file. If you make a backwards compatible change to +// the interface (from the latest frozen version), the build system will +// prompt you to update this file with `m <name>-update-api`. +// +// You must not make a backward incompatible change to any AIDL file built +// with the aidl_interface module type with versions property set. The module +// type is used to build AIDL files in a way that they can be used across +// independently updatable components of the system. If a device is shipped +// with such a backward incompatible change, it has a high risk of breaking +// later when a module using the interface is updated, e.g., Mainline modules. + +package android.system.suspend; +/* @hide */ +interface ISuspendControlService { + boolean registerCallback(android.system.suspend.ISuspendCallback callback); + boolean registerWakelockCallback(android.system.suspend.IWakelockCallback callback, @utf8InCpp String name); +} diff --git a/suspend/aidl/aidl_api/android.system.suspend.control/1/android/system/suspend/IWakelockCallback.aidl b/suspend/aidl/aidl_api/android.system.suspend.control/1/android/system/suspend/IWakelockCallback.aidl new file mode 100644 index 00000000..c1649f38 --- /dev/null +++ b/suspend/aidl/aidl_api/android.system.suspend.control/1/android/system/suspend/IWakelockCallback.aidl @@ -0,0 +1,39 @@ +/* + * Copyright (C) 2020 The Android Open Source Project + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/////////////////////////////////////////////////////////////////////////////// +// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE. // +/////////////////////////////////////////////////////////////////////////////// + +// This file is a snapshot of an AIDL file. Do not edit it manually. There are +// two cases: +// 1). this is a frozen version file - do not edit this in any case. +// 2). this is a 'current' file. If you make a backwards compatible change to +// the interface (from the latest frozen version), the build system will +// prompt you to update this file with `m <name>-update-api`. +// +// You must not make a backward incompatible change to any AIDL file built +// with the aidl_interface module type with versions property set. The module +// type is used to build AIDL files in a way that they can be used across +// independently updatable components of the system. If a device is shipped +// with such a backward incompatible change, it has a high risk of breaking +// later when a module using the interface is updated, e.g., Mainline modules. + +package android.system.suspend; +/* @hide */ +interface IWakelockCallback { + oneway void notifyAcquired(); + oneway void notifyReleased(); +} diff --git a/wifi/keystore/1.0/default/OWNERS b/wifi/keystore/1.0/default/OWNERS index 8bfb1488..c7e30bec 100644 --- a/wifi/keystore/1.0/default/OWNERS +++ b/wifi/keystore/1.0/default/OWNERS @@ -1,2 +1,2 @@ -rpius@google.com +haishalom@google.com etancohen@google.com diff --git a/wifi/keystore/1.0/vts/OWNERS b/wifi/keystore/1.0/vts/OWNERS index 8bfb1488..c7e30bec 100644 --- a/wifi/keystore/1.0/vts/OWNERS +++ b/wifi/keystore/1.0/vts/OWNERS @@ -1,2 +1,2 @@ -rpius@google.com +haishalom@google.com etancohen@google.com |