| /* |
| * Copyright 2017 The Android Open Source Project |
| * |
| * Licensed under the Apache License, Version 2.0 (the "License"); |
| * you may not use this file except in compliance with the License. |
| * You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| */ |
| |
| package android.system.wifi.keystore@1.0; |
| |
| /** |
| * This is the root of the HAL module and is the interface returned when |
| * loading an implementation of the Wi-Fi HAL. There must be at most one |
| * module loaded in the system. |
| */ |
| interface IKeystore { |
| /** |
| * Return values for Keystore requests. |
| */ |
| enum KeystoreStatusCode : uint32_t { |
| /** No errors. */ |
| SUCCESS, |
| ERROR_UNKNOWN |
| }; |
| |
| /** |
| * Requests a binary blob from the keystore's key-value store. |
| * |
| * @param key the key into the keystore. |
| * @return status KeystoreStatusCode of the operation. |
| * Possible status codes: |
| * |KeystoreStatusCode.SUCCESS|, |
| * |KeystoreStatusCode.ERROR_UNKNOWN| |
| * @return value the value associated with |key| in the keystore. |
| */ |
| getBlob(string key) |
| generates (KeystoreStatusCode status, vec<uint8_t> value); |
| |
| /** |
| * Requests the public key associated with the credential referred to by |
| * |keyId|. |
| * |
| * @param keyId the key identifier associated with the credential. |
| * @return status KeystoreStatusCode of the operation. |
| * Possible status codes: |
| * |KeystoreStatusCode.SUCCESS|, |
| * |KeystoreStatusCode.ERROR_UNKNOWN| |
| * @return publicKey the public key associated with the credential. |
| */ |
| getPublicKey(string keyId) |
| generates (KeystoreStatusCode status, vec<uint8_t> publicKey); |
| |
| /** |
| * Signs the digest in |dataToSign| with the private key associated with |
| * the credential identified by |keyId|. This is a raw RSA or ECDSA |
| * operation that assumes |dataToSign| is already propertly digested and |
| * padded if necessary for the type of key. |
| * |
| * @param keyId the key identifier associated with the credential. |
| * @return status KeystoreStatusCode of the operation. |
| * Possible status codes: |
| * |KeystoreStatusCode.SUCCESS|, |
| * |KeystoreStatusCode.UNKNOWN| |
| * @return signedData the signed data. |
| */ |
| sign(string keyId, vec<uint8_t> dataToSign) |
| generates (KeystoreStatusCode status, vec<uint8_t> signedData); |
| }; |