1 /*
2  * Copyright (C) 2022 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 package android.security.rkp;
18 
19 import android.security.rkp.RemotelyProvisionedKey;
20 
21 /**
22  * Callback interface for receiving remotely provisioned keys from a
23  * {@link IRegistration}.
24  *
25  * @hide
26  */
27 oneway interface IGetKeyCallback {
28     enum ErrorCode {
29         /**
30          * An unexpected error occurred and there's no standard way to describe it. See the
31          * corresponding error string for more information.
32          */
33         ERROR_UNKNOWN = 1,
34 
35         /**
36          * Device will not receive remotely provisioned keys because it's running vulnerable
37          * code. The device needs to be updated to a fixed build to recover.
38          */
39         ERROR_REQUIRES_SECURITY_PATCH = 2,
40 
41         /**
42          * Indicates that the attestation key pool has been exhausted, and the remote key
43          * provisioning server cannot currently be reached. Clients should wait for the
44          * device to have connectivity, then retry.
45          */
46         ERROR_PENDING_INTERNET_CONNECTIVITY = 3,
47 
48         /**
49          * Indicates that this device will never be able to provision attestation keys using
50          * the remote provsisioning server. This may be due to multiple causes, such as the
51          * device is not registered with the remote provisioning backend or the device has
52          * been permanently revoked. Clients who receive this error should not attempt to
53          * retry key creation.
54          */
55         ERROR_PERMANENT = 5,
56     }
57 
58     /**
59      * Called in response to {@link IRegistration.getKey}, indicating
60      * a remotely-provisioned key is available.
61      *
62      * @param key The key that was received from the remote provisioning service.
63      */
onSuccess(in RemotelyProvisionedKey key)64     void onSuccess(in RemotelyProvisionedKey key);
65 
66     /**
67      * Called when the key request has been successfully cancelled.
68      * @see IRegistration.cancelGetKey
69      */
onCancel()70     void onCancel();
71 
72     /**
73      * Called when an error has occurred while trying to get a remotely provisioned key.
74      *
75      * @param error allows code to handle certain errors, if desired
76      * @param description human-readable explanation of what failed, suitable for logging.
77      */
onError(ErrorCode error, String description)78     void onError(ErrorCode error, String description);
79 }
80 
81