1 /* 2 * Copyright (C) 2024 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package android.security.postprocessor; 18 19 import android.security.postprocessor.CertificateChain; 20 21 interface IKeystoreCertificatePostProcessor { 22 /** 23 * Allows implementing services to process the keystore certificates after the certificate 24 * chain has been generated. 25 * 26 * certificateChain holds the chain associated with a newly generated Keystore asymmetric 27 * keypair, where the leafCertificate is the certificate for the public key of generated key. 28 * The remaining attestation certificates are stored as a concatenated byte array of the 29 * encoded certificates with root certificate as the last element. 30 * 31 * Successful calls would get the processed certificate chain which then replaces the original 32 * certificate chain. In case of any failures/exceptions, keystore would fallback to the 33 * original certificate chain. 34 * 35 * @hide 36 */ processKeystoreCertificates(in CertificateChain certificateChain)37 CertificateChain processKeystoreCertificates(in CertificateChain certificateChain); 38 } 39