1/* 2 * Copyright (C) 2018 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16package android.hardware.authsecret@1.0; 17 18/** 19 * This security HAL allows vendor components to be cryptographically tied to 20 * the primary user's credential. For example, security hardware could require 21 * proof that the credential is known before applying updates. 22 * 23 * This HAL is optional so does not require an implementation on device. 24 */ 25interface IAuthSecret { 26 /** 27 * When the primary user is unlocked, this method is passed a secret to 28 * prove that is has been successfully unlocked. The primary user can either 29 * be unlocked by a person entering their credential or by another party 30 * using an escrow token e.g. a device administrator. 31 * 32 * The first time this is called, the secret must be used to provision state 33 * that depends on the primary user's secret. The same secret must be passed 34 * on each call until the next factory reset. 35 * 36 * Upon factory reset, any dependence on the secret must be removed as that 37 * secret is now lost and must never be derived again. A new secret must be 38 * created for the new primary user which must be used to newly provision 39 * state the first time this method is called after factory reset. 40 * 41 * The secret must be at least 16 bytes. 42 * 43 * @param secret blob derived from the primary user's credential. 44 */ 45 oneway primaryUserCredential(vec<uint8_t> secret); 46}; 47