identity

package
v0.0.9 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 6, 2026 License: CC0-1.0 Imports: 6 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	TransactionIIdentityCredentialDeleteCredential              = binder.FirstCallTransaction + 0
	TransactionIIdentityCredentialCreateEphemeralKeyPair        = binder.FirstCallTransaction + 1
	TransactionIIdentityCredentialSetReaderEphemeralPublicKey   = binder.FirstCallTransaction + 2
	TransactionIIdentityCredentialCreateAuthChallenge           = binder.FirstCallTransaction + 3
	TransactionIIdentityCredentialStartRetrieval                = binder.FirstCallTransaction + 4
	TransactionIIdentityCredentialStartRetrieveEntryValue       = binder.FirstCallTransaction + 5
	TransactionIIdentityCredentialRetrieveEntryValue            = binder.FirstCallTransaction + 6
	TransactionIIdentityCredentialFinishRetrieval               = binder.FirstCallTransaction + 7
	TransactionIIdentityCredentialGenerateSigningKeyPair        = binder.FirstCallTransaction + 8
	TransactionIIdentityCredentialSetRequestedNamespaces        = binder.FirstCallTransaction + 9
	TransactionIIdentityCredentialSetVerificationToken          = binder.FirstCallTransaction + 10
	TransactionIIdentityCredentialDeleteCredentialWithChallenge = binder.FirstCallTransaction + 11
	TransactionIIdentityCredentialProveOwnership                = binder.FirstCallTransaction + 12
	TransactionIIdentityCredentialUpdateCredential              = binder.FirstCallTransaction + 13
	TransactionIIdentityCredentialFinishRetrievalWithSignature  = binder.FirstCallTransaction + 14
)
View Source 
const (
	MethodIIdentityCredentialDeleteCredential              = "deleteCredential"
	MethodIIdentityCredentialCreateEphemeralKeyPair        = "createEphemeralKeyPair"
	MethodIIdentityCredentialSetReaderEphemeralPublicKey   = "setReaderEphemeralPublicKey"
	MethodIIdentityCredentialCreateAuthChallenge           = "createAuthChallenge"
	MethodIIdentityCredentialStartRetrieval                = "startRetrieval"
	MethodIIdentityCredentialStartRetrieveEntryValue       = "startRetrieveEntryValue"
	MethodIIdentityCredentialRetrieveEntryValue            = "retrieveEntryValue"
	MethodIIdentityCredentialFinishRetrieval               = "finishRetrieval"
	MethodIIdentityCredentialGenerateSigningKeyPair        = "generateSigningKeyPair"
	MethodIIdentityCredentialSetRequestedNamespaces        = "setRequestedNamespaces"
	MethodIIdentityCredentialSetVerificationToken          = "setVerificationToken"
	MethodIIdentityCredentialDeleteCredentialWithChallenge = "deleteCredentialWithChallenge"
	MethodIIdentityCredentialProveOwnership                = "proveOwnership"
	MethodIIdentityCredentialUpdateCredential              = "updateCredential"
	MethodIIdentityCredentialFinishRetrievalWithSignature  = "finishRetrievalWithSignature"
)
View Source 
const (
	TransactionIIdentityCredentialStoreGetHardwareInformation          = binder.FirstCallTransaction + 0
	TransactionIIdentityCredentialStoreCreateCredential                = binder.FirstCallTransaction + 1
	TransactionIIdentityCredentialStoreGetCredential                   = binder.FirstCallTransaction + 2
	TransactionIIdentityCredentialStoreCreatePresentationSession       = binder.FirstCallTransaction + 3
	TransactionIIdentityCredentialStoreGetRemotelyProvisionedComponent = binder.FirstCallTransaction + 4
)
View Source 
const (
	MethodIIdentityCredentialStoreGetHardwareInformation          = "getHardwareInformation"
	MethodIIdentityCredentialStoreCreateCredential                = "createCredential"
	MethodIIdentityCredentialStoreGetCredential                   = "getCredential"
	MethodIIdentityCredentialStoreCreatePresentationSession       = "createPresentationSession"
	MethodIIdentityCredentialStoreGetRemotelyProvisionedComponent = "getRemotelyProvisionedComponent"
)
View Source 
const (
	IIdentityCredentialStoreStatusOk                         int32 = 0
	IIdentityCredentialStoreStatusFailed                     int32 = 1
	IIdentityCredentialStoreStatusCipherSuiteNotSupported    int32 = 2
	IIdentityCredentialStoreStatusInvalidData                int32 = 3
	IIdentityCredentialStoreStatusInvalidAuthToken           int32 = 4
	IIdentityCredentialStoreStatusInvalidItemsRequestMessage int32 = 5
	IIdentityCredentialStoreStatusReaderSignatureCheckFailed int32 = 6
	IIdentityCredentialStoreStatusEphemeralPublicKeyNotFound int32 = 7
	IIdentityCredentialStoreStatusUserAuthenticationFailed   int32 = 8
	IIdentityCredentialStoreStatusReaderAuthenticationFailed int32 = 9
	IIdentityCredentialStoreStatusNoAccessControlProfiles    int32 = 10
	IIdentityCredentialStoreStatusNotInRequestMessage        int32 = 11
	IIdentityCredentialStoreStatusSessionTranscriptMismatch  int32 = 12
)
View Source 
const (
	TransactionIPresentationSessionGetEphemeralKeyPair         = binder.FirstCallTransaction + 0
	TransactionIPresentationSessionGetAuthChallenge            = binder.FirstCallTransaction + 1
	TransactionIPresentationSessionSetReaderEphemeralPublicKey = binder.FirstCallTransaction + 2
	TransactionIPresentationSessionSetSessionTranscript        = binder.FirstCallTransaction + 3
	TransactionIPresentationSessionGetCredential               = binder.FirstCallTransaction + 4
)
View Source 
const (
	MethodIPresentationSessionGetEphemeralKeyPair         = "getEphemeralKeyPair"
	MethodIPresentationSessionGetAuthChallenge            = "getAuthChallenge"
	MethodIPresentationSessionSetReaderEphemeralPublicKey = "setReaderEphemeralPublicKey"
	MethodIPresentationSessionSetSessionTranscript        = "setSessionTranscript"
	MethodIPresentationSessionGetCredential               = "getCredential"
)
View Source 
const (
	TransactionIWritableIdentityCredentialGetAttestationCertificate            = binder.FirstCallTransaction + 0
	TransactionIWritableIdentityCredentialStartPersonalization                 = binder.FirstCallTransaction + 1
	TransactionIWritableIdentityCredentialAddAccessControlProfile              = binder.FirstCallTransaction + 2
	TransactionIWritableIdentityCredentialBeginAddEntry                        = binder.FirstCallTransaction + 3
	TransactionIWritableIdentityCredentialAddEntryValue                        = binder.FirstCallTransaction + 4
	TransactionIWritableIdentityCredentialFinishAddingEntries                  = binder.FirstCallTransaction + 5
	TransactionIWritableIdentityCredentialSetExpectedProofOfProvisioningSize   = binder.FirstCallTransaction + 6
	TransactionIWritableIdentityCredentialSetRemotelyProvisionedAttestationKey = binder.FirstCallTransaction + 7
)
View Source 
const (
	MethodIWritableIdentityCredentialGetAttestationCertificate            = "getAttestationCertificate"
	MethodIWritableIdentityCredentialStartPersonalization                 = "startPersonalization"
	MethodIWritableIdentityCredentialAddAccessControlProfile              = "addAccessControlProfile"
	MethodIWritableIdentityCredentialBeginAddEntry                        = "beginAddEntry"
	MethodIWritableIdentityCredentialAddEntryValue                        = "addEntryValue"
	MethodIWritableIdentityCredentialFinishAddingEntries                  = "finishAddingEntries"
	MethodIWritableIdentityCredentialSetExpectedProofOfProvisioningSize   = "setExpectedProofOfProvisioningSize"
	MethodIWritableIdentityCredentialSetRemotelyProvisionedAttestationKey = "setRemotelyProvisionedAttestationKey"
)
View Source 
const DescriptorIIdentityCredential = "android.hardware.identity.IIdentityCredential"
View Source 
const DescriptorIIdentityCredentialStore = "android.hardware.identity.IIdentityCredentialStore"
View Source 
const DescriptorIPresentationSession = "android.hardware.identity.IPresentationSession"
View Source 
const DescriptorIWritableIdentityCredential = "android.hardware.identity.IWritableIdentityCredential"

Variables

This section is empty.

Functions

This section is empty.

Types

type Certificate 

type Certificate struct {
	EncodedCertificate []byte
}

func (*Certificate) MarshalParcel 

func (s *Certificate) MarshalParcel(
	p *parcel.Parcel,
) error

func (*Certificate) UnmarshalParcel 

func (s *Certificate) UnmarshalParcel(
	p *parcel.Parcel,
) error

type CipherSuite 

type CipherSuite int32
const (
	CipherSuiteCiphersuiteEcdheHkdfEcdsaWithAes256GcmSha256 CipherSuite = 1
)

type HardwareInformation 

type HardwareInformation struct {
	CredentialStoreName              string
	CredentialStoreAuthorName        string
	DataChunkSize                    int32
	IsDirectAccess                   bool
	SupportedDocTypes                []string
	IsRemoteKeyProvisioningSupported bool
}

func (*HardwareInformation) MarshalParcel 

func (s *HardwareInformation) MarshalParcel(
	p *parcel.Parcel,
) error

func (*HardwareInformation) UnmarshalParcel 

func (s *HardwareInformation) UnmarshalParcel(
	p *parcel.Parcel,
) error

type IIdentityCredential 

type IIdentityCredential interface {
	AsBinder() binder.IBinder
	DeleteCredential(ctx context.Context) ([]byte, error)
	CreateEphemeralKeyPair(ctx context.Context) ([]byte, error)
	SetReaderEphemeralPublicKey(ctx context.Context, publicKey []byte) error
	CreateAuthChallenge(ctx context.Context) (int64, error)
	StartRetrieval(ctx context.Context, accessControlProfiles []SecureAccessControlProfile, authToken keymaster.HardwareAuthToken, itemsRequest []byte, signingKeyBlob []byte, sessionTranscript []byte, readerSignature []byte, requestCounts []int32) error
	StartRetrieveEntryValue(ctx context.Context, nameSpace string, name string, entrySize int32, accessControlProfileIds []int32) error
	RetrieveEntryValue(ctx context.Context, encryptedContent []byte) ([]byte, error)
	FinishRetrieval(ctx context.Context, mac []byte, deviceNameSpaces []byte) error
	GenerateSigningKeyPair(ctx context.Context, signingKeyBlob []byte) (Certificate, error)
	SetRequestedNamespaces(ctx context.Context, requestNamespaces []RequestNamespace) error
	SetVerificationToken(ctx context.Context, verificationToken keymaster.VerificationToken) error
	DeleteCredentialWithChallenge(ctx context.Context, challenge []byte) ([]byte, error)
	ProveOwnership(ctx context.Context, challenge []byte) ([]byte, error)
	UpdateCredential(ctx context.Context) (IWritableIdentityCredential, error)
	FinishRetrievalWithSignature(ctx context.Context, mac []byte, deviceNameSpaces []byte, ecdsaSignature []byte) error
}

func NewIdentityCredentialStub 

func NewIdentityCredentialStub(
	impl IIdentityCredentialServer,
) IIdentityCredential

NewIdentityCredentialStub creates a server-side IIdentityCredential wrapping the given server implementation. The returned value satisfies IIdentityCredential and can be passed to proxy methods; its AsBinder() returns a *binder.StubBinder that is auto-registered with the binder driver on first use.

type IIdentityCredentialServer 

type IIdentityCredentialServer interface {
	DeleteCredential(ctx context.Context) ([]byte, error)
	CreateEphemeralKeyPair(ctx context.Context) ([]byte, error)
	SetReaderEphemeralPublicKey(ctx context.Context, publicKey []byte) error
	CreateAuthChallenge(ctx context.Context) (int64, error)
	StartRetrieval(ctx context.Context, accessControlProfiles []SecureAccessControlProfile, authToken keymaster.HardwareAuthToken, itemsRequest []byte, signingKeyBlob []byte, sessionTranscript []byte, readerSignature []byte, requestCounts []int32) error
	StartRetrieveEntryValue(ctx context.Context, nameSpace string, name string, entrySize int32, accessControlProfileIds []int32) error
	RetrieveEntryValue(ctx context.Context, encryptedContent []byte) ([]byte, error)
	FinishRetrieval(ctx context.Context, mac []byte, deviceNameSpaces []byte) error
	GenerateSigningKeyPair(ctx context.Context, signingKeyBlob []byte) (Certificate, error)
	SetRequestedNamespaces(ctx context.Context, requestNamespaces []RequestNamespace) error
	SetVerificationToken(ctx context.Context, verificationToken keymaster.VerificationToken) error
	DeleteCredentialWithChallenge(ctx context.Context, challenge []byte) ([]byte, error)
	ProveOwnership(ctx context.Context, challenge []byte) ([]byte, error)
	UpdateCredential(ctx context.Context) (IWritableIdentityCredential, error)
	FinishRetrievalWithSignature(ctx context.Context, mac []byte, deviceNameSpaces []byte, ecdsaSignature []byte) error
}

IIdentityCredentialServer is the server-side interface that user implementations provide to NewIdentityCredentialStub. It contains only the business methods, without AsBinder (which is provided by the stub itself).

type IIdentityCredentialStore 

type IIdentityCredentialStore interface {
	AsBinder() binder.IBinder
	GetHardwareInformation(ctx context.Context) (HardwareInformation, error)
	CreateCredential(ctx context.Context, docType string, testCredential bool) (IWritableIdentityCredential, error)
	GetCredential(ctx context.Context, cipherSuite CipherSuite, credentialData []byte) (IIdentityCredential, error)
	CreatePresentationSession(ctx context.Context, cipherSuite CipherSuite) (IPresentationSession, error)
	GetRemotelyProvisionedComponent(ctx context.Context) (keymint.IRemotelyProvisionedComponent, error)
}

func NewIdentityCredentialStoreStub 

func NewIdentityCredentialStoreStub(
	impl IIdentityCredentialStoreServer,
) IIdentityCredentialStore

NewIdentityCredentialStoreStub creates a server-side IIdentityCredentialStore wrapping the given server implementation. The returned value satisfies IIdentityCredentialStore and can be passed to proxy methods; its AsBinder() returns a *binder.StubBinder that is auto-registered with the binder driver on first use.

type IIdentityCredentialStoreServer 

type IIdentityCredentialStoreServer interface {
	GetHardwareInformation(ctx context.Context) (HardwareInformation, error)
	CreateCredential(ctx context.Context, docType string, testCredential bool) (IWritableIdentityCredential, error)
	GetCredential(ctx context.Context, cipherSuite CipherSuite, credentialData []byte) (IIdentityCredential, error)
	CreatePresentationSession(ctx context.Context, cipherSuite CipherSuite) (IPresentationSession, error)
	GetRemotelyProvisionedComponent(ctx context.Context) (keymint.IRemotelyProvisionedComponent, error)
}

IIdentityCredentialStoreServer is the server-side interface that user implementations provide to NewIdentityCredentialStoreStub. It contains only the business methods, without AsBinder (which is provided by the stub itself).

type IPresentationSession 

type IPresentationSession interface {
	AsBinder() binder.IBinder
	GetEphemeralKeyPair(ctx context.Context) ([]byte, error)
	GetAuthChallenge(ctx context.Context) (int64, error)
	SetReaderEphemeralPublicKey(ctx context.Context, publicKey []byte) error
	SetSessionTranscript(ctx context.Context, sessionTranscript []byte) error
	GetCredential(ctx context.Context, credentialData []byte) (IIdentityCredential, error)
}

func NewPresentationSessionStub 

func NewPresentationSessionStub(
	impl IPresentationSessionServer,
) IPresentationSession

NewPresentationSessionStub creates a server-side IPresentationSession wrapping the given server implementation. The returned value satisfies IPresentationSession and can be passed to proxy methods; its AsBinder() returns a *binder.StubBinder that is auto-registered with the binder driver on first use.

type IPresentationSessionServer 

type IPresentationSessionServer interface {
	GetEphemeralKeyPair(ctx context.Context) ([]byte, error)
	GetAuthChallenge(ctx context.Context) (int64, error)
	SetReaderEphemeralPublicKey(ctx context.Context, publicKey []byte) error
	SetSessionTranscript(ctx context.Context, sessionTranscript []byte) error
	GetCredential(ctx context.Context, credentialData []byte) (IIdentityCredential, error)
}

IPresentationSessionServer is the server-side interface that user implementations provide to NewPresentationSessionStub. It contains only the business methods, without AsBinder (which is provided by the stub itself).

type IWritableIdentityCredential 

type IWritableIdentityCredential interface {
	AsBinder() binder.IBinder
	GetAttestationCertificate(ctx context.Context, attestationApplicationId []byte, attestationChallenge []byte) ([]Certificate, error)
	StartPersonalization(ctx context.Context, accessControlProfileCount int32, entryCounts []int32) error
	AddAccessControlProfile(ctx context.Context, id int32, readerCertificate Certificate, userAuthenticationRequired bool, timeoutMillis int64, secureUserId int64) (SecureAccessControlProfile, error)
	BeginAddEntry(ctx context.Context, accessControlProfileIds []int32, nameSpace string, name string, entrySize int32) error
	AddEntryValue(ctx context.Context, content []byte) ([]byte, error)
	FinishAddingEntries(ctx context.Context, credentialData []byte, proofOfProvisioningSignature []byte) error
	SetExpectedProofOfProvisioningSize(ctx context.Context, expectedProofOfProvisioningSize int32) error
	SetRemotelyProvisionedAttestationKey(ctx context.Context, attestationKeyBlob []byte, attestationCertificate []byte) error
}

func NewWritableIdentityCredentialStub 

func NewWritableIdentityCredentialStub(
	impl IWritableIdentityCredentialServer,
) IWritableIdentityCredential

NewWritableIdentityCredentialStub creates a server-side IWritableIdentityCredential wrapping the given server implementation. The returned value satisfies IWritableIdentityCredential and can be passed to proxy methods; its AsBinder() returns a *binder.StubBinder that is auto-registered with the binder driver on first use.

type IWritableIdentityCredentialServer 

type IWritableIdentityCredentialServer interface {
	GetAttestationCertificate(ctx context.Context, attestationApplicationId []byte, attestationChallenge []byte) ([]Certificate, error)
	StartPersonalization(ctx context.Context, accessControlProfileCount int32, entryCounts []int32) error
	AddAccessControlProfile(ctx context.Context, id int32, readerCertificate Certificate, userAuthenticationRequired bool, timeoutMillis int64, secureUserId int64) (SecureAccessControlProfile, error)
	BeginAddEntry(ctx context.Context, accessControlProfileIds []int32, nameSpace string, name string, entrySize int32) error
	AddEntryValue(ctx context.Context, content []byte) ([]byte, error)
	FinishAddingEntries(ctx context.Context, credentialData []byte, proofOfProvisioningSignature []byte) error
	SetExpectedProofOfProvisioningSize(ctx context.Context, expectedProofOfProvisioningSize int32) error
	SetRemotelyProvisionedAttestationKey(ctx context.