Merge "Implement secretkeeper HAL v2" into main

    </hal>

    <hal format="aidl">

        <name>android.hardware.security.secretkeeper</name>

        <version>1</version>

        <version>1-2</version>

        <interface>

            <name>ISecretkeeper</name>

            <instance>default</instance>

        "android.hardware.security.authgraph-V1",

    ],

    stability: "vintf",

    frozen: true,

    frozen: false,

    backend: {

        java: {

            enabled: true,

rust_defaults {

    name: "secretkeeper_use_latest_hal_aidl_rust",

    rustlibs: [

        "android.hardware.security.secretkeeper-V1-rust",

        "android.hardware.security.secretkeeper-V2-rust",

    ],

}

  byte[] processSecretManagementRequest(in byte[] request);

  void deleteIds(in android.hardware.security.secretkeeper.SecretId[] ids);

  void deleteAll();

  android.hardware.security.secretkeeper.PublicKey getSecretkeeperIdentity();

  const int ERROR_UNKNOWN_KEY_ID = 1;

  const int ERROR_INTERNAL_ERROR = 2;

  const int ERROR_REQUEST_MALFORMED = 3;

/*

 * Copyright (C) 2024 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

///////////////////////////////////////////////////////////////////////////////

// THIS FILE IS IMMUTABLE. DO NOT EDIT IN ANY CASE.                          //

///////////////////////////////////////////////////////////////////////////////

// This file is a snapshot of an AIDL file. Do not edit it manually. There are

// two cases:

// 1). this is a frozen version file - do not edit this in any case.

// 2). this is a 'current' file. If you make a backwards compatible change to

//     the interface (from the latest frozen version), the build system will

//     prompt you to update this file with `m <name>-update-api`.

//

// You must not make a backward incompatible change to any AIDL file built

// with the aidl_interface module type with versions property set. The module

// type is used to build AIDL files in a way that they can be used across

// independently updatable components of the system. If a device is shipped

// with such a backward incompatible change, it has a high risk of breaking

// later when a module using the interface is updated, e.g., Mainline modules.

package android.hardware.security.secretkeeper;

/* @hide */

@VintfStability

parcelable PublicKey {

  byte[] keyMaterial;

}

package android.hardware.security.secretkeeper;

import android.hardware.security.authgraph.IAuthGraphKeyExchange;

import android.hardware.security.secretkeeper.PublicKey;

import android.hardware.security.secretkeeper.SecretId;

@VintfStability

     * Delete data of all clients.

     */

    void deleteAll();

    /**

     * Gets the public key of the secret keeper instance. This should be a CBOR-encoded

     * COSE_Key, as a PubKeyEd25519 / PubKeyECDSA256 / PubKeyECDSA384, as defined in

     * generateCertificateRequestV2.cddl. Clients must have a trusted way of ensuring

     * this key is valid.

     */

    PublicKey getSecretkeeperIdentity();

}