* @hide
*/
interface IKeystoreService {
- int test();
+ int getState(int userId);
byte[] get(String name);
int insert(String name, in byte[] item, int uid, int flags);
int del(String name, int uid);
int exist(String name, int uid);
- String[] saw(String namePrefix, int uid);
+ String[] list(String namePrefix, int uid);
int reset();
int onUserPasswordChanged(int userId, String newPassword);
- int lock();
+ int lock(int userId);
int unlock(int userId, String userPassword);
- int zero();
+ int isEmpty(int userId);
int generate(String name, int uid, int keyType, int keySize, int flags,
in KeystoreArguments args);
int import_key(String name, in byte[] data, int uid, int flags);
byte[] sign(String name, in byte[] data);
int verify(String name, in byte[] data, in byte[] signature);
byte[] get_pubkey(String name);
- int del_key(String name, int uid);
int grant(String name, int granteeUid);
int ungrant(String name, int granteeUid);
long getmtime(String name);
int duplicate(String srcKey, int srcUid, String destKey, int destUid);
int is_hardware_backed(String string);
int clear_uid(long uid);
- int reset_uid(int uid);
- int sync_uid(int sourceUid, int targetUid);
- int password_uid(String password, int uid);
// Keymaster 0.4 methods
int addRngEntropy(in byte[] data);
}
}
- public State state() {
+ public State state(int userId) {
final int ret;
try {
- ret = mBinder.test();
+ ret = mBinder.getState(userId);
} catch (RemoteException e) {
Log.w(TAG, "Cannot connect to keystore", e);
throw new AssertionError(e);
}
}
+ public State state() {
+ return state(UserHandle.myUserId());
+ }
+
public boolean isUnlocked() {
return state() == State.UNLOCKED;
}
return contains(key, UID_SELF);
}
- public String[] saw(String prefix, int uid) {
+ /**
+ * List all entries in the keystore for {@code uid} starting with {@code prefix}.
+ */
+ public String[] list(String prefix, int uid) {
try {
- return mBinder.saw(prefix, uid);
+ return mBinder.list(prefix, uid);
} catch (RemoteException e) {
Log.w(TAG, "Cannot connect to keystore", e);
return null;
}
}
+ public String[] list(String prefix) {
+ return list(prefix, UID_SELF);
+ }
+
+ public String[] saw(String prefix, int uid) {
+ return list(prefix, uid);
+ }
+
public String[] saw(String prefix) {
return saw(prefix, UID_SELF);
}
}
}
- public boolean lock() {
+ /**
+ * Attempt to lock the keystore for {@code user}.
+ *
+ * @param user Android user to lock.
+ * @return whether {@code user}'s keystore was locked.
+ */
+ public boolean lock(int userId) {
try {
- return mBinder.lock() == NO_ERROR;
+ return mBinder.lock(userId) == NO_ERROR;
} catch (RemoteException e) {
Log.w(TAG, "Cannot connect to keystore", e);
return false;
}
}
+ public boolean lock() {
+ return lock(UserHandle.myUserId());
+ }
+
/**
* Attempt to unlock the keystore for {@code user} with the password {@code password}.
* This is required before keystore entries created with FLAG_ENCRYPTED can be accessed or
return unlock(UserHandle.getUserId(Process.myUid()), password);
}
- public boolean isEmpty() {
+ /**
+ * Check if the keystore for {@code userId} is empty.
+ */
+ public boolean isEmpty(int userId) {
try {
- return mBinder.zero() == KEY_NOT_FOUND;
+ return mBinder.isEmpty(userId) != 0;
} catch (RemoteException e) {
Log.w(TAG, "Cannot connect to keystore", e);
return false;
}
}
+ public boolean isEmpty() {
+ return isEmpty(UserHandle.myUserId());
+ }
+
public boolean generate(String key, int uid, int keyType, int keySize, int flags,
byte[][] args) {
try {
}
public boolean delKey(String key, int uid) {
- try {
- return mBinder.del_key(key, uid) == NO_ERROR;
- } catch (RemoteException e) {
- Log.w(TAG, "Cannot connect to keystore", e);
- return false;
- }
+ return delete(key, uid);
}
public boolean delKey(String key) {
}
}
- public boolean resetUid(int uid) {
- try {
- mError = mBinder.reset_uid(uid);
- return mError == NO_ERROR;
- } catch (RemoteException e) {
- Log.w(TAG, "Cannot connect to keystore", e);
- return false;
- }
- }
-
- public boolean syncUid(int sourceUid, int targetUid) {
- try {
- mError = mBinder.sync_uid(sourceUid, targetUid);
- return mError == NO_ERROR;
- } catch (RemoteException e) {
- Log.w(TAG, "Cannot connect to keystore", e);
- return false;
- }
- }
-
- public boolean passwordUid(String password, int uid) {
- try {
- mError = mBinder.password_uid(password, uid);
- return mError == NO_ERROR;
- } catch (RemoteException e) {
- Log.w(TAG, "Cannot connect to keystore", e);
- return false;
- }
- }
-
public int getLastError() {
return mError;
}
private static final long OP_TIMEOUT_MILLIS = 8 * 1000;
private static final String[] VERB_STRINGS = {
- "VERB_BINDING", "VERB_STARTING", "VERB_EXECUTING", "VERB_STOPPING"
+ "VERB_BINDING", "VERB_STARTING", "VERB_EXECUTING", "VERB_STOPPING", "VERB_FINISHED"
};
// States that a job occupies while interacting with the client.
static final int VERB_STARTING = 1;
static final int VERB_EXECUTING = 2;
static final int VERB_STOPPING = 3;
+ static final int VERB_FINISHED = 4;
// Messages that result from interactions with the client service.
/** System timed out waiting for a response. */
mRunningJob = null;
mParams = null;
mExecutionStartTimeElapsed = 0L;
+ mVerb = VERB_FINISHED;
removeOpTimeOut();
return false;
}
break;
case MSG_CALLBACK:
if (DEBUG) {
- Slog.d(TAG, "MSG_CALLBACK of : " + mRunningJob + " v:" +
- (mVerb >= 0 ? VERB_STRINGS[mVerb] : "[invalid]"));
+ Slog.d(TAG, "MSG_CALLBACK of : " + mRunningJob
+ + " v:" + VERB_STRINGS[mVerb]);
}
removeOpTimeOut();
* we want to clean up internally.
*/
private void closeAndCleanupJobH(boolean reschedule) {
- final JobStatus completedJob = mRunningJob;
+ final JobStatus completedJob;
synchronized (mLock) {
+ if (mVerb == VERB_FINISHED) {
+ return;
+ }
+ completedJob = mRunningJob;
try {
mBatteryStats.noteJobFinish(mRunningJob.getName(), mRunningJob.getUid());
} catch (RemoteException e) {
mWakeLock = null;
mRunningJob = null;
mParams = null;
- mVerb = -1;
+ mVerb = VERB_FINISHED;
mCancelled.set(false);
service = null;
mAvailable = true;