1 /* 2 * Copyright (C) 2022 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package android.security.rkp; 18 19 import android.security.rkp.RemotelyProvisionedKey; 20 21 /** 22 * Callback interface for receiving remotely provisioned keys from a 23 * {@link IRegistration}. 24 * 25 * @hide 26 */ 27 oneway interface IGetKeyCallback { 28 enum ErrorCode { 29 /** 30 * An unexpected error occurred and there's no standard way to describe it. See the 31 * corresponding error string for more information. 32 */ 33 ERROR_UNKNOWN = 1, 34 35 /** 36 * Device will not receive remotely provisioned keys because it's running vulnerable 37 * code. The device needs to be updated to a fixed build to recover. 38 */ 39 ERROR_REQUIRES_SECURITY_PATCH = 2, 40 41 /** 42 * Indicates that the attestation key pool has been exhausted, and the remote key 43 * provisioning server cannot currently be reached. Clients should wait for the 44 * device to have connectivity, then retry. 45 */ 46 ERROR_PENDING_INTERNET_CONNECTIVITY = 3, 47 48 /** 49 * Indicates that this device will never be able to provision attestation keys using 50 * the remote provsisioning server. This may be due to multiple causes, such as the 51 * device is not registered with the remote provisioning backend or the device has 52 * been permanently revoked. Clients who receive this error should not attempt to 53 * retry key creation. 54 */ 55 ERROR_PERMANENT = 5, 56 } 57 58 /** 59 * Called in response to {@link IRegistration.getKey}, indicating 60 * a remotely-provisioned key is available. 61 * 62 * @param key The key that was received from the remote provisioning service. 63 */ onSuccess(in RemotelyProvisionedKey key)64 void onSuccess(in RemotelyProvisionedKey key); 65 66 /** 67 * Called when the key request has been successfully cancelled. 68 * @see IRegistration.cancelGetKey 69 */ onCancel()70 void onCancel(); 71 72 /** 73 * Called when an error has occurred while trying to get a remotely provisioned key. 74 * 75 * @param error allows code to handle certain errors, if desired 76 * @param description human-readable explanation of what failed, suitable for logging. 77 */ onError(ErrorCode error, String description)78 void onError(ErrorCode error, String description); 79 } 80 81