/* * This file is auto-generated. DO NOT MODIFY. * Using: out/host/linux-x86/bin/aidl --lang=java -Weverything -Wno-missing-permission-annotation -t --min_sdk_version platform_apis -pout/soong/.intermediates/system/hardware/interfaces/keystore2/aidl/android.system.keystore2_interface/4/preprocessed.aidl --ninja -d out/soong/.intermediates/system/security/keystore2/aidl/android.security.maintenance-java-source/gen/android/security/maintenance/IKeystoreMaintenance.java.d -o out/soong/.intermediates/system/security/keystore2/aidl/android.security.maintenance-java-source/gen -Nsystem/security/keystore2/aidl system/security/keystore2/aidl/android/security/maintenance/IKeystoreMaintenance.aidl */ package android.security.maintenance; /** * IKeystoreMaintenance interface exposes the methods for adding/removing users and changing the * user's password. * @hide */ public interface IKeystoreMaintenance extends android.os.IInterface { /** Default implementation for IKeystoreMaintenance. */ public static class Default implements android.security.maintenance.IKeystoreMaintenance { /** * Allows LockSettingsService to inform keystore about adding a new user. * Callers require 'ChangeUser' permission. * * ## Error conditions: * `ResponseCode::PERMISSION_DENIED` - if the callers do not have the 'ChangeUser' permission. * `ResponseCode::SYSTEM_ERROR` - if failed to delete the keys of an existing user with the same * user id. * * @param userId - Android user id */ @Override public void onUserAdded(int userId) throws android.os.RemoteException { } /** * Allows LockSettingsService to tell Keystore to create a user's superencryption keys and store * them encrypted by the given secret. Requires 'ChangeUser' permission. * * ## Error conditions: * `ResponseCode::PERMISSION_DENIED` - if caller does not have the 'ChangeUser' permission * `ResponseCode::SYSTEM_ERROR` - if failed to initialize the user's super keys * * @param userId - Android user id * @param password - a secret derived from the synthetic password of the user * @param allowExisting - if true, then the keys already existing is not considered an error */ @Override public void initUserSuperKeys(int userId, byte[] password, boolean allowExisting) throws android.os.RemoteException { } /** * Allows LockSettingsService to inform keystore about removing a user. * Callers require 'ChangeUser' permission. * * ## Error conditions: * `ResponseCode::PERMISSION_DENIED` - if the callers do not have the 'ChangeUser' permission. * `ResponseCode::SYSTEM_ERROR` - if failed to delete the keys of the user being deleted. * * @param userId - Android user id */ @Override public void onUserRemoved(int userId) throws android.os.RemoteException { } /** * Allows LockSettingsService to tell Keystore that a user's LSKF is being removed, ie the * user's lock screen is changing to Swipe or None. Requires 'ChangePassword' permission. * * ## Error conditions: * `ResponseCode::PERMISSION_DENIED` - if caller does not have the 'ChangePassword' permission * `ResponseCode::SYSTEM_ERROR` - if failed to delete the user's auth-bound keys * * @param userId - Android user id */ @Override public void onUserLskfRemoved(int userId) throws android.os.RemoteException { } /** * Allows LockSettingsService to inform keystore about password change of a user. * Callers require 'ChangePassword' permission. * * ## Error conditions: * `ResponseCode::PERMISSION_DENIED` - if the callers does not have the 'ChangePassword' * permission. * `ResponseCode::SYSTEM_ERROR` - if failed to delete the super encrypted keys of the user. * `ResponseCode::Locked' - if the keystore is locked for the given user. * * @param userId - Android user id * @param password - a secret derived from the synthetic password of the user */ @Override public void onUserPasswordChanged(int userId, byte[] password) throws android.os.RemoteException { } /** * This function deletes all keys within a namespace. It mainly gets called when an app gets * removed and all resources of this app need to be cleaned up. * * @param domain - One of Domain.APP or Domain.SELINUX. * @param nspace - The UID of the app that is to be cleared if domain is Domain.APP or * the SEPolicy namespace if domain is Domain.SELINUX. */ @Override public void clearNamespace(int domain, long nspace) throws android.os.RemoteException { } /** * This function notifies the Keymint device of the specified securityLevel that * early boot has ended, so that they no longer allow early boot keys to be used. * ## Error conditions: * `ResponseCode::PERMISSION_DENIED` - if the caller does not have the 'EarlyBootEnded' * permission. * A KeyMint ErrorCode may be returned indicating a backend diagnosed error. */ @Override public void earlyBootEnded() throws android.os.RemoteException { } /** * Migrate a key from one namespace to another. The caller must have use, grant, and delete * permissions on the source namespace and rebind permissions on the destination namespace. * The source may be specified by Domain::APP, Domain::SELINUX, or Domain::KEY_ID. The target * may be specified by Domain::APP or Domain::SELINUX. * * ## Error conditions: * `ResponseCode::PERMISSION_DENIED` - If the caller lacks any of the required permissions. * `ResponseCode::KEY_NOT_FOUND` - If the source did not exist. * `ResponseCode::INVALID_ARGUMENT` - If the target exists or if any of the above mentioned * requirements for the domain parameter are not met. * `ResponseCode::SYSTEM_ERROR` - An unexpected system error occurred. */ @Override public void migrateKeyNamespace(android.system.keystore2.KeyDescriptor source, android.system.keystore2.KeyDescriptor destination) throws android.os.RemoteException { } /** * Deletes all keys in all hardware keystores. Used when keystore is reset completely. After * this function is called all keys with Tag::ROLLBACK_RESISTANCE in their hardware-enforced * authorization lists must be rendered permanently unusable. Keys without * Tag::ROLLBACK_RESISTANCE may or may not be rendered unusable. */ @Override public void deleteAllKeys() throws android.os.RemoteException { } /** * Returns a list of App UIDs that have keys associated with the given SID, under the * given user ID. * When a given user's LSKF is removed or biometric authentication methods are changed * (addition of a fingerprint, for example), authentication-bound keys may be invalidated. * This method allows the platform to find out which apps would be affected (for a given user) * when a given user secure ID is removed. * Callers require the `android.permission.MANAGE_USERS` Android permission * (not SELinux policy). * * @param userId The affected user. * @param sid The user secure ID - identifier of the authentication method. * * @return A list of APP UIDs, in the form of (AID + userId*AID_USER_OFFSET), that have * keys auth-bound to the given SID. These values can be passed into the * PackageManager for resolution. */ @Override public long[] getAppUidsAffectedBySid(int userId, long sid) throws android.os.RemoteException { return null; } @Override public android.os.IBinder asBinder() { return null; } } /** Local-side IPC implementation stub class. */ public static abstract class Stub extends android.os.Binder implements android.security.maintenance.IKeystoreMaintenance { /** Construct the stub at attach it to the interface. */ @SuppressWarnings("this-escape") public Stub() { this.attachInterface(this, DESCRIPTOR); } /** * Cast an IBinder object into an android.security.maintenance.IKeystoreMaintenance interface, * generating a proxy if needed. */ public static android.security.maintenance.IKeystoreMaintenance asInterface(android.os.IBinder obj) { if ((obj==null)) { return null; } android.os.IInterface iin = obj.queryLocalInterface(DESCRIPTOR); if (((iin!=null)&&(iin instanceof android.security.maintenance.IKeystoreMaintenance))) { return ((android.security.maintenance.IKeystoreMaintenance)iin); } return new android.security.maintenance.IKeystoreMaintenance.Stub.Proxy(obj); } @Override public android.os.IBinder asBinder() { return this; } /** @hide */ public static java.lang.String getDefaultTransactionName(int transactionCode) { switch (transactionCode) { case TRANSACTION_onUserAdded: { return "onUserAdded"; } case TRANSACTION_initUserSuperKeys: { return "initUserSuperKeys"; } case TRANSACTION_onUserRemoved: { return "onUserRemoved"; } case TRANSACTION_onUserLskfRemoved: { return "onUserLskfRemoved"; } case TRANSACTION_onUserPasswordChanged: { return "onUserPasswordChanged"; } case TRANSACTION_clearNamespace: { return "clearNamespace"; } case TRANSACTION_earlyBootEnded: { return "earlyBootEnded"; } case TRANSACTION_migrateKeyNamespace: { return "migrateKeyNamespace"; } case TRANSACTION_deleteAllKeys: { return "deleteAllKeys"; } case TRANSACTION_getAppUidsAffectedBySid: { return "getAppUidsAffectedBySid"; } default: { return null; } } } /** @hide */ public java.lang.String getTransactionName(int transactionCode) { return this.getDefaultTransactionName(transactionCode); } @Override public boolean onTransact(int code, android.os.Parcel data, android.os.Parcel reply, int flags) throws android.os.RemoteException { java.lang.String descriptor = DESCRIPTOR; if (code >= android.os.IBinder.FIRST_CALL_TRANSACTION && code <= android.os.IBinder.LAST_CALL_TRANSACTION) { data.enforceInterface(descriptor); } if (code == INTERFACE_TRANSACTION) { reply.writeString(descriptor); return true; } switch (code) { case TRANSACTION_onUserAdded: { int _arg0; _arg0 = data.readInt(); data.enforceNoDataAvail(); this.onUserAdded(_arg0); reply.writeNoException(); break; } case TRANSACTION_initUserSuperKeys: { int _arg0; _arg0 = data.readInt(); byte[] _arg1; _arg1 = data.createByteArray(); boolean _arg2; _arg2 = data.readBoolean(); data.enforceNoDataAvail(); this.initUserSuperKeys(_arg0, _arg1, _arg2); reply.writeNoException(); break; } case TRANSACTION_onUserRemoved: { int _arg0; _arg0 = data.readInt(); data.enforceNoDataAvail(); this.onUserRemoved(_arg0); reply.writeNoException(); break; } case TRANSACTION_onUserLskfRemoved: { int _arg0; _arg0 = data.readInt(); data.enforceNoDataAvail(); this.onUserLskfRemoved(_arg0); reply.writeNoException(); break; } case TRANSACTION_onUserPasswordChanged: { int _arg0; _arg0 = data.readInt(); byte[] _arg1; _arg1 = data.createByteArray(); data.enforceNoDataAvail(); this.onUserPasswordChanged(_arg0, _arg1); reply.writeNoException(); break; } case TRANSACTION_clearNamespace: { int _arg0; _arg0 = data.readInt(); long _arg1; _arg1 = data.readLong(); data.enforceNoDataAvail(); this.clearNamespace(_arg0, _arg1); reply.writeNoException(); break; } case TRANSACTION_earlyBootEnded: { this.earlyBootEnded(); reply.writeNoException(); break; } case TRANSACTION_migrateKeyNamespace: { android.system.keystore2.KeyDescriptor _arg0; _arg0 = data.readTypedObject(android.system.keystore2.KeyDescriptor.CREATOR); android.system.keystore2.KeyDescriptor _arg1; _arg1 = data.readTypedObject(android.system.keystore2.KeyDescriptor.CREATOR); data.enforceNoDataAvail(); this.migrateKeyNamespace(_arg0, _arg1); reply.writeNoException(); break; } case TRANSACTION_deleteAllKeys: { this.deleteAllKeys(); reply.writeNoException(); break; } case TRANSACTION_getAppUidsAffectedBySid: { int _arg0; _arg0 = data.readInt(); long _arg1; _arg1 = data.readLong(); data.enforceNoDataAvail(); long[] _result = this.getAppUidsAffectedBySid(_arg0, _arg1); reply.writeNoException(); reply.writeLongArray(_result); break; } default: { return super.onTransact(code, data, reply, flags); } } return true; } private static class Proxy implements android.security.maintenance.IKeystoreMaintenance { private android.os.IBinder mRemote; Proxy(android.os.IBinder remote) { mRemote = remote; } @Override public android.os.IBinder asBinder() { return mRemote; } public java.lang.String getInterfaceDescriptor() { return DESCRIPTOR; } /** * Allows LockSettingsService to inform keystore about adding a new user. * Callers require 'ChangeUser' permission. * * ## Error conditions: * `ResponseCode::PERMISSION_DENIED` - if the callers do not have the 'ChangeUser' permission. * `ResponseCode::SYSTEM_ERROR` - if failed to delete the keys of an existing user with the same * user id. * * @param userId - Android user id */ @Override public void onUserAdded(int userId) throws android.os.RemoteException { android.os.Parcel _data = android.os.Parcel.obtain(asBinder()); _data.markSensitive(); android.os.Parcel _reply = android.os.Parcel.obtain(); try { _data.writeInterfaceToken(DESCRIPTOR); _data.writeInt(userId); boolean _status = mRemote.transact(Stub.TRANSACTION_onUserAdded, _data, _reply, android.os.IBinder.FLAG_CLEAR_BUF); _reply.readException(); } finally { _reply.recycle(); _data.recycle(); } } /** * Allows LockSettingsService to tell Keystore to create a user's superencryption keys and store * them encrypted by the given secret. Requires 'ChangeUser' permission. * * ## Error conditions: * `ResponseCode::PERMISSION_DENIED` - if caller does not have the 'ChangeUser' permission * `ResponseCode::SYSTEM_ERROR` - if failed to initialize the user's super keys * * @param userId - Android user id * @param password - a secret derived from the synthetic password of the user * @param allowExisting - if true, then the keys already existing is not considered an error */ @Override public void initUserSuperKeys(int userId, byte[] password, boolean allowExisting) throws android.os.RemoteException { android.os.Parcel _data = android.os.Parcel.obtain(asBinder()); _data.markSensitive(); android.os.Parcel _reply = android.os.Parcel.obtain(); try { _data.writeInterfaceToken(DESCRIPTOR); _data.writeInt(userId); _data.writeByteArray(password); _data.writeBoolean(allowExisting); boolean _status = mRemote.transact(Stub.TRANSACTION_initUserSuperKeys, _data, _reply, android.os.IBinder.FLAG_CLEAR_BUF); _reply.readException(); } finally { _reply.recycle(); _data.recycle(); } } /** * Allows LockSettingsService to inform keystore about removing a user. * Callers require 'ChangeUser' permission. * * ## Error conditions: * `ResponseCode::PERMISSION_DENIED` - if the callers do not have the 'ChangeUser' permission. * `ResponseCode::SYSTEM_ERROR` - if failed to delete the keys of the user being deleted. * * @param userId - Android user id */ @Override public void onUserRemoved(int userId) throws android.os.RemoteException { android.os.Parcel _data = android.os.Parcel.obtain(asBinder()); _data.markSensitive(); android.os.Parcel _reply = android.os.Parcel.obtain(); try { _data.writeInterfaceToken(DESCRIPTOR); _data.writeInt(userId); boolean _status = mRemote.transact(Stub.TRANSACTION_onUserRemoved, _data, _reply, android.os.IBinder.FLAG_CLEAR_BUF); _reply.readException(); } finally { _reply.recycle(); _data.recycle(); } } /** * Allows LockSettingsService to tell Keystore that a user's LSKF is being removed, ie the * user's lock screen is changing to Swipe or None. Requires 'ChangePassword' permission. * * ## Error conditions: * `ResponseCode::PERMISSION_DENIED` - if caller does not have the 'ChangePassword' permission * `ResponseCode::SYSTEM_ERROR` - if failed to delete the user's auth-bound keys * * @param userId - Android user id */ @Override public void onUserLskfRemoved(int userId) throws android.os.RemoteException { android.os.Parcel _data = android.os.Parcel.obtain(asBinder()); _data.markSensitive(); android.os.Parcel _reply = android.os.Parcel.obtain(); try { _data.writeInterfaceToken(DESCRIPTOR); _data.writeInt(userId); boolean _status = mRemote.transact(Stub.TRANSACTION_onUserLskfRemoved, _data, _reply, android.os.IBinder.FLAG_CLEAR_BUF); _reply.readException(); } finally { _reply.recycle(); _data.recycle(); } } /** * Allows LockSettingsService to inform keystore about password change of a user. * Callers require 'ChangePassword' permission. * * ## Error conditions: * `ResponseCode::PERMISSION_DENIED` - if the callers does not have the 'ChangePassword' * permission. * `ResponseCode::SYSTEM_ERROR` - if failed to delete the super encrypted keys of the user. * `ResponseCode::Locked' - if the keystore is locked for the given user. * * @param userId - Android user id * @param password - a secret derived from the synthetic password of the user */ @Override public void onUserPasswordChanged(int userId, byte[] password) throws android.os.RemoteException { android.os.Parcel _data = android.os.Parcel.obtain(asBinder()); _data.markSensitive(); android.os.Parcel _reply = android.os.Parcel.obtain(); try { _data.writeInterfaceToken(DESCRIPTOR); _data.writeInt(userId); _data.writeByteArray(password); boolean _status = mRemote.transact(Stub.TRANSACTION_onUserPasswordChanged, _data, _reply, android.os.IBinder.FLAG_CLEAR_BUF); _reply.readException(); } finally { _reply.recycle(); _data.recycle(); } } /** * This function deletes all keys within a namespace. It mainly gets called when an app gets * removed and all resources of this app need to be cleaned up. * * @param domain - One of Domain.APP or Domain.SELINUX. * @param nspace - The UID of the app that is to be cleared if domain is Domain.APP or * the SEPolicy namespace if domain is Domain.SELINUX. */ @Override public void clearNamespace(int domain, long nspace) throws android.os.RemoteException { android.os.Parcel _data = android.os.Parcel.obtain(asBinder()); _data.markSensitive(); android.os.Parcel _reply = android.os.Parcel.obtain(); try { _data.writeInterfaceToken(DESCRIPTOR); _data.writeInt(domain); _data.writeLong(nspace); boolean _status = mRemote.transact(Stub.TRANSACTION_clearNamespace, _data, _reply, android.os.IBinder.FLAG_CLEAR_BUF); _reply.readException(); } finally { _reply.recycle(); _data.recycle(); } } /** * This function notifies the Keymint device of the specified securityLevel that * early boot has ended, so that they no longer allow early boot keys to be used. * ## Error conditions: * `ResponseCode::PERMISSION_DENIED` - if the caller does not have the 'EarlyBootEnded' * permission. * A KeyMint ErrorCode may be returned indicating a backend diagnosed error. */ @Override public void earlyBootEnded() throws android.os.RemoteException { android.os.Parcel _data = android.os.Parcel.obtain(asBinder()); _data.markSensitive(); android.os.Parcel _reply = android.os.Parcel.obtain(); try { _data.writeInterfaceToken(DESCRIPTOR); boolean _status = mRemote.transact(Stub.TRANSACTION_earlyBootEnded, _data, _reply, android.os.IBinder.FLAG_CLEAR_BUF); _reply.readException(); } finally { _reply.recycle(); _data.recycle(); } } /** * Migrate a key from one namespace to another. The caller must have use, grant, and delete * permissions on the source namespace and rebind permissions on the destination namespace. * The source may be specified by Domain::APP, Domain::SELINUX, or Domain::KEY_ID. The target * may be specified by Domain::APP or Domain::SELINUX. * * ## Error conditions: * `ResponseCode::PERMISSION_DENIED` - If the caller lacks any of the required permissions. * `ResponseCode::KEY_NOT_FOUND` - If the source did not exist. * `ResponseCode::INVALID_ARGUMENT` - If the target exists or if any of the above mentioned * requirements for the domain parameter are not met. * `ResponseCode::SYSTEM_ERROR` - An unexpected system error occurred. */ @Override public void migrateKeyNamespace(android.system.keystore2.KeyDescriptor source, android.system.keystore2.KeyDescriptor destination) throws android.os.RemoteException { android.os.Parcel _data = android.os.Parcel.obtain(asBinder()); _data.markSensitive(); android.os.Parcel _reply = android.os.Parcel.obtain(); try { _data.writeInterfaceToken(DESCRIPTOR); _data.writeTypedObject(source, 0); _data.writeTypedObject(destination, 0); boolean _status = mRemote.transact(Stub.TRANSACTION_migrateKeyNamespace, _data, _reply, android.os.IBinder.FLAG_CLEAR_BUF); _reply.readException(); } finally { _reply.recycle(); _data.recycle(); } } /** * Deletes all keys in all hardware keystores. Used when keystore is reset completely. After * this function is called all keys with Tag::ROLLBACK_RESISTANCE in their hardware-enforced * authorization lists must be rendered permanently unusable. Keys without * Tag::ROLLBACK_RESISTANCE may or may not be rendered unusable. */ @Override public void deleteAllKeys() throws android.os.RemoteException { android.os.Parcel _data = android.os.Parcel.obtain(asBinder()); _data.markSensitive(); android.os.Parcel _reply = android.os.Parcel.obtain(); try { _data.writeInterfaceToken(DESCRIPTOR); boolean _status = mRemote.transact(Stub.TRANSACTION_deleteAllKeys, _data, _reply, android.os.IBinder.FLAG_CLEAR_BUF); _reply.readException(); } finally { _reply.recycle(); _data.recycle(); } } /** * Returns a list of App UIDs that have keys associated with the given SID, under the * given user ID. * When a given user's LSKF is removed or biometric authentication methods are changed * (addition of a fingerprint, for example), authentication-bound keys may be invalidated. * This method allows the platform to find out which apps would be affected (for a given user) * when a given user secure ID is removed. * Callers require the `android.permission.MANAGE_USERS` Android permission * (not SELinux policy). * * @param userId The affected user. * @param sid The user secure ID - identifier of the authentication method. * * @return A list of APP UIDs, in the form of (AID + userId*AID_USER_OFFSET), that have * keys auth-bound to the given SID. These values can be passed into the * PackageManager for resolution. */ @Override public long[] getAppUidsAffectedBySid(int userId, long sid) throws android.os.RemoteException { android.os.Parcel _data = android.os.Parcel.obtain(asBinder()); _data.markSensitive(); android.os.Parcel _reply = android.os.Parcel.obtain(); long[] _result; try { _data.writeInterfaceToken(DESCRIPTOR); _data.writeInt(userId); _data.writeLong(sid); boolean _status = mRemote.transact(Stub.TRANSACTION_getAppUidsAffectedBySid, _data, _reply, android.os.IBinder.FLAG_CLEAR_BUF); _reply.readException(); _result = _reply.createLongArray(); } finally { _reply.recycle(); _data.recycle(); } return _result; } } static final int TRANSACTION_onUserAdded = (android.os.IBinder.FIRST_CALL_TRANSACTION + 0); static final int TRANSACTION_initUserSuperKeys = (android.os.IBinder.FIRST_CALL_TRANSACTION + 1); static final int TRANSACTION_onUserRemoved = (android.os.IBinder.FIRST_CALL_TRANSACTION + 2); static final int TRANSACTION_onUserLskfRemoved = (android.os.IBinder.FIRST_CALL_TRANSACTION + 3); static final int TRANSACTION_onUserPasswordChanged = (android.os.IBinder.FIRST_CALL_TRANSACTION + 4); static final int TRANSACTION_clearNamespace = (android.os.IBinder.FIRST_CALL_TRANSACTION + 5); static final int TRANSACTION_earlyBootEnded = (android.os.IBinder.FIRST_CALL_TRANSACTION + 6); static final int TRANSACTION_migrateKeyNamespace = (android.os.IBinder.FIRST_CALL_TRANSACTION + 7); static final int TRANSACTION_deleteAllKeys = (android.os.IBinder.FIRST_CALL_TRANSACTION + 8); static final int TRANSACTION_getAppUidsAffectedBySid = (android.os.IBinder.FIRST_CALL_TRANSACTION + 9); /** @hide */ public int getMaxTransactionId() { return 9; } } /** @hide */ public static final java.lang.String DESCRIPTOR = "android.security.maintenance.IKeystoreMaintenance"; /** * Allows LockSettingsService to inform keystore about adding a new user. * Callers require 'ChangeUser' permission. * * ## Error conditions: * `ResponseCode::PERMISSION_DENIED` - if the callers do not have the 'ChangeUser' permission. * `ResponseCode::SYSTEM_ERROR` - if failed to delete the keys of an existing user with the same * user id. * * @param userId - Android user id */ public void onUserAdded(int userId) throws android.os.RemoteException; /** * Allows LockSettingsService to tell Keystore to create a user's superencryption keys and store * them encrypted by the given secret. Requires 'ChangeUser' permission. * * ## Error conditions: * `ResponseCode::PERMISSION_DENIED` - if caller does not have the 'ChangeUser' permission * `ResponseCode::SYSTEM_ERROR` - if failed to initialize the user's super keys * * @param userId - Android user id * @param password - a secret derived from the synthetic password of the user * @param allowExisting - if true, then the keys already existing is not considered an error */ public void initUserSuperKeys(int userId, byte[] password, boolean allowExisting) throws android.os.RemoteException; /** * Allows LockSettingsService to inform keystore about removing a user. * Callers require 'ChangeUser' permission. * * ## Error conditions: * `ResponseCode::PERMISSION_DENIED` - if the callers do not have the 'ChangeUser' permission. * `ResponseCode::SYSTEM_ERROR` - if failed to delete the keys of the user being deleted. * * @param userId - Android user id */ public void onUserRemoved(int userId) throws android.os.RemoteException; /** * Allows LockSettingsService to tell Keystore that a user's LSKF is being removed, ie the * user's lock screen is changing to Swipe or None. Requires 'ChangePassword' permission. * * ## Error conditions: * `ResponseCode::PERMISSION_DENIED` - if caller does not have the 'ChangePassword' permission * `ResponseCode::SYSTEM_ERROR` - if failed to delete the user's auth-bound keys * * @param userId - Android user id */ public void onUserLskfRemoved(int userId) throws android.os.RemoteException; /** * Allows LockSettingsService to inform keystore about password change of a user. * Callers require 'ChangePassword' permission. * * ## Error conditions: * `ResponseCode::PERMISSION_DENIED` - if the callers does not have the 'ChangePassword' * permission. * `ResponseCode::SYSTEM_ERROR` - if failed to delete the super encrypted keys of the user. * `ResponseCode::Locked' - if the keystore is locked for the given user. * * @param userId - Android user id * @param password - a secret derived from the synthetic password of the user */ public void onUserPasswordChanged(int userId, byte[] password) throws android.os.RemoteException; /** * This function deletes all keys within a namespace. It mainly gets called when an app gets * removed and all resources of this app need to be cleaned up. * * @param domain - One of Domain.APP or Domain.SELINUX. * @param nspace - The UID of the app that is to be cleared if domain is Domain.APP or * the SEPolicy namespace if domain is Domain.SELINUX. */ public void clearNamespace(int domain, long nspace) throws android.os.RemoteException; /** * This function notifies the Keymint device of the specified securityLevel that * early boot has ended, so that they no longer allow early boot keys to be used. * ## Error conditions: * `ResponseCode::PERMISSION_DENIED` - if the caller does not have the 'EarlyBootEnded' * permission. * A KeyMint ErrorCode may be returned indicating a backend diagnosed error. */ public void earlyBootEnded() throws android.os.RemoteException; /** * Migrate a key from one namespace to another. The caller must have use, grant, and delete * permissions on the source namespace and rebind permissions on the destination namespace. * The source may be specified by Domain::APP, Domain::SELINUX, or Domain::KEY_ID. The target * may be specified by Domain::APP or Domain::SELINUX. * * ## Error conditions: * `ResponseCode::PERMISSION_DENIED` - If the caller lacks any of the required permissions. * `ResponseCode::KEY_NOT_FOUND` - If the source did not exist. * `ResponseCode::INVALID_ARGUMENT` - If the target exists or if any of the above mentioned * requirements for the domain parameter are not met. * `ResponseCode::SYSTEM_ERROR` - An unexpected system error occurred. */ public void migrateKeyNamespace(android.system.keystore2.KeyDescriptor source, android.system.keystore2.KeyDescriptor destination) throws android.os.RemoteException; /** * Deletes all keys in all hardware keystores. Used when keystore is reset completely. After * this function is called all keys with Tag::ROLLBACK_RESISTANCE in their hardware-enforced * authorization lists must be rendered permanently unusable. Keys without * Tag::ROLLBACK_RESISTANCE may or may not be rendered unusable. */ public void deleteAllKeys() throws android.os.RemoteException; /** * Returns a list of App UIDs that have keys associated with the given SID, under the * given user ID. * When a given user's LSKF is removed or biometric authentication methods are changed * (addition of a fingerprint, for example), authentication-bound keys may be invalidated. * This method allows the platform to find out which apps would be affected (for a given user) * when a given user secure ID is removed. * Callers require the `android.permission.MANAGE_USERS` Android permission * (not SELinux policy). * * @param userId The affected user. * @param sid The user secure ID - identifier of the authentication method. * * @return A list of APP UIDs, in the form of (AID + userId*AID_USER_OFFSET), that have * keys auth-bound to the given SID. These values can be passed into the * PackageManager for resolution. */ public long[] getAppUidsAffectedBySid(int userId, long sid) throws android.os.RemoteException; }