Loading core/java/android/security/IKeystoreService.aidl +4 −8 Original line number Diff line number Diff line Loading @@ -30,33 +30,29 @@ import android.security.KeystoreArguments; * @hide */ interface IKeystoreService { int test(); int getState(int userId); byte[] get(String name); int insert(String name, in byte[] item, int uid, int flags); int del(String name, int uid); int exist(String name, int uid); String[] saw(String namePrefix, int uid); String[] list(String namePrefix, int uid); int reset(); int onUserPasswordChanged(int userId, String newPassword); int lock(); int lock(int userId); int unlock(int userId, String userPassword); int zero(); int isEmpty(int userId); int generate(String name, int uid, int keyType, int keySize, int flags, in KeystoreArguments args); int import_key(String name, in byte[] data, int uid, int flags); byte[] sign(String name, in byte[] data); int verify(String name, in byte[] data, in byte[] signature); byte[] get_pubkey(String name); int del_key(String name, int uid); int grant(String name, int granteeUid); int ungrant(String name, int granteeUid); long getmtime(String name); int duplicate(String srcKey, int srcUid, String destKey, int destUid); int is_hardware_backed(String string); int clear_uid(long uid); int reset_uid(int uid); int sync_uid(int sourceUid, int targetUid); int password_uid(String password, int uid); // Keymaster 0.4 methods int addRngEntropy(in byte[] data); Loading keystore/java/android/security/KeyStore.java +41 −44 Original line number Diff line number Diff line Loading @@ -146,10 +146,10 @@ public class KeyStore { } } public State state() { public State state(int userId) { final int ret; try { ret = mBinder.test(); ret = mBinder.getState(userId); } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); throw new AssertionError(e); Loading @@ -163,6 +163,10 @@ public class KeyStore { } } public State state() { return state(UserHandle.myUserId()); } public boolean isUnlocked() { return state() == State.UNLOCKED; } Loading Loading @@ -211,15 +215,26 @@ public class KeyStore { return contains(key, UID_SELF); } public String[] saw(String prefix, int uid) { /** * List all entries in the keystore for {@code uid} starting with {@code prefix}. */ public String[] list(String prefix, int uid) { try { return mBinder.saw(prefix, uid); return mBinder.list(prefix, uid); } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); return null; } } public String[] list(String prefix) { return list(prefix, UID_SELF); } public String[] saw(String prefix, int uid) { return list(prefix, uid); } public String[] saw(String prefix) { return saw(prefix, UID_SELF); } Loading @@ -233,15 +248,25 @@ public class KeyStore { } } public boolean lock() { /** * Attempt to lock the keystore for {@code user}. * * @param user Android user to lock. * @return whether {@code user}'s keystore was locked. */ public boolean lock(int userId) { try { return mBinder.lock() == NO_ERROR; return mBinder.lock(userId) == NO_ERROR; } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); return false; } } public boolean lock() { return lock(UserHandle.myUserId()); } /** * Attempt to unlock the keystore for {@code user} with the password {@code password}. * This is required before keystore entries created with FLAG_ENCRYPTED can be accessed or Loading @@ -267,15 +292,22 @@ public class KeyStore { return unlock(UserHandle.getUserId(Process.myUid()), password); } public boolean isEmpty() { /** * Check if the keystore for {@code userId} is empty. */ public boolean isEmpty(int userId) { try { return mBinder.zero() == KEY_NOT_FOUND; return mBinder.isEmpty(userId) != 0; } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); return false; } } public boolean isEmpty() { return isEmpty(UserHandle.myUserId()); } public boolean generate(String key, int uid, int keyType, int keySize, int flags, byte[][] args) { try { Loading Loading @@ -306,12 +338,7 @@ public class KeyStore { } public boolean delKey(String key, int uid) { try { return mBinder.del_key(key, uid) == NO_ERROR; } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); return false; } return delete(key, uid); } public boolean delKey(String key) { Loading Loading @@ -404,36 +431,6 @@ public class KeyStore { } } public boolean resetUid(int uid) { try { mError = mBinder.reset_uid(uid); return mError == NO_ERROR; } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); return false; } } public boolean syncUid(int sourceUid, int targetUid) { try { mError = mBinder.sync_uid(sourceUid, targetUid); return mError == NO_ERROR; } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); return false; } } public boolean passwordUid(String password, int uid) { try { mError = mBinder.password_uid(password, uid); return mError == NO_ERROR; } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); return false; } } public int getLastError() { return mError; } Loading Loading
core/java/android/security/IKeystoreService.aidl +4 −8 Original line number Diff line number Diff line Loading @@ -30,33 +30,29 @@ import android.security.KeystoreArguments; * @hide */ interface IKeystoreService { int test(); int getState(int userId); byte[] get(String name); int insert(String name, in byte[] item, int uid, int flags); int del(String name, int uid); int exist(String name, int uid); String[] saw(String namePrefix, int uid); String[] list(String namePrefix, int uid); int reset(); int onUserPasswordChanged(int userId, String newPassword); int lock(); int lock(int userId); int unlock(int userId, String userPassword); int zero(); int isEmpty(int userId); int generate(String name, int uid, int keyType, int keySize, int flags, in KeystoreArguments args); int import_key(String name, in byte[] data, int uid, int flags); byte[] sign(String name, in byte[] data); int verify(String name, in byte[] data, in byte[] signature); byte[] get_pubkey(String name); int del_key(String name, int uid); int grant(String name, int granteeUid); int ungrant(String name, int granteeUid); long getmtime(String name); int duplicate(String srcKey, int srcUid, String destKey, int destUid); int is_hardware_backed(String string); int clear_uid(long uid); int reset_uid(int uid); int sync_uid(int sourceUid, int targetUid); int password_uid(String password, int uid); // Keymaster 0.4 methods int addRngEntropy(in byte[] data); Loading
keystore/java/android/security/KeyStore.java +41 −44 Original line number Diff line number Diff line Loading @@ -146,10 +146,10 @@ public class KeyStore { } } public State state() { public State state(int userId) { final int ret; try { ret = mBinder.test(); ret = mBinder.getState(userId); } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); throw new AssertionError(e); Loading @@ -163,6 +163,10 @@ public class KeyStore { } } public State state() { return state(UserHandle.myUserId()); } public boolean isUnlocked() { return state() == State.UNLOCKED; } Loading Loading @@ -211,15 +215,26 @@ public class KeyStore { return contains(key, UID_SELF); } public String[] saw(String prefix, int uid) { /** * List all entries in the keystore for {@code uid} starting with {@code prefix}. */ public String[] list(String prefix, int uid) { try { return mBinder.saw(prefix, uid); return mBinder.list(prefix, uid); } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); return null; } } public String[] list(String prefix) { return list(prefix, UID_SELF); } public String[] saw(String prefix, int uid) { return list(prefix, uid); } public String[] saw(String prefix) { return saw(prefix, UID_SELF); } Loading @@ -233,15 +248,25 @@ public class KeyStore { } } public boolean lock() { /** * Attempt to lock the keystore for {@code user}. * * @param user Android user to lock. * @return whether {@code user}'s keystore was locked. */ public boolean lock(int userId) { try { return mBinder.lock() == NO_ERROR; return mBinder.lock(userId) == NO_ERROR; } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); return false; } } public boolean lock() { return lock(UserHandle.myUserId()); } /** * Attempt to unlock the keystore for {@code user} with the password {@code password}. * This is required before keystore entries created with FLAG_ENCRYPTED can be accessed or Loading @@ -267,15 +292,22 @@ public class KeyStore { return unlock(UserHandle.getUserId(Process.myUid()), password); } public boolean isEmpty() { /** * Check if the keystore for {@code userId} is empty. */ public boolean isEmpty(int userId) { try { return mBinder.zero() == KEY_NOT_FOUND; return mBinder.isEmpty(userId) != 0; } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); return false; } } public boolean isEmpty() { return isEmpty(UserHandle.myUserId()); } public boolean generate(String key, int uid, int keyType, int keySize, int flags, byte[][] args) { try { Loading Loading @@ -306,12 +338,7 @@ public class KeyStore { } public boolean delKey(String key, int uid) { try { return mBinder.del_key(key, uid) == NO_ERROR; } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); return false; } return delete(key, uid); } public boolean delKey(String key) { Loading Loading @@ -404,36 +431,6 @@ public class KeyStore { } } public boolean resetUid(int uid) { try { mError = mBinder.reset_uid(uid); return mError == NO_ERROR; } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); return false; } } public boolean syncUid(int sourceUid, int targetUid) { try { mError = mBinder.sync_uid(sourceUid, targetUid); return mError == NO_ERROR; } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); return false; } } public boolean passwordUid(String password, int uid) { try { mError = mBinder.password_uid(password, uid); return mError == NO_ERROR; } catch (RemoteException e) { Log.w(TAG, "Cannot connect to keystore", e); return false; } } public int getLastError() { return mError; } Loading
