1 /* 2 * Copyright (C) 2018 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package android.hardware.biometrics; 18 19 import android.hardware.biometrics.IBiometricEnabledOnKeyguardCallback; 20 import android.hardware.biometrics.IBiometricServiceReceiver; 21 import android.hardware.biometrics.IBiometricAuthenticator; 22 import android.hardware.biometrics.IInvalidationCallback; 23 import android.hardware.biometrics.ITestSession; 24 import android.hardware.biometrics.ITestSessionCallback; 25 import android.hardware.biometrics.PromptInfo; 26 import android.hardware.biometrics.SensorPropertiesInternal; 27 28 /** 29 * Communication channel from AuthService to BiometricService. 30 * @hide 31 */ 32 interface IBiometricService { 33 // Creates a test session with the specified sensorId 34 @EnforcePermission("USE_BIOMETRIC_INTERNAL") createTestSession(int sensorId, ITestSessionCallback callback, String opPackageName)35 ITestSession createTestSession(int sensorId, ITestSessionCallback callback, String opPackageName); 36 37 // Retrieve static sensor properties for all biometric sensors 38 @EnforcePermission("USE_BIOMETRIC_INTERNAL") getSensorProperties(String opPackageName)39 List<SensorPropertiesInternal> getSensorProperties(String opPackageName); 40 41 // Requests authentication. The service chooses the appropriate biometric to use, and shows 42 // the corresponding BiometricDialog. A requestId is returned that can be used to cancel 43 // this operation. 44 @EnforcePermission("USE_BIOMETRIC_INTERNAL") authenticate(IBinder token, long operationId, int userId, IBiometricServiceReceiver receiver, String opPackageName, in PromptInfo promptInfo)45 long authenticate(IBinder token, long operationId, int userId, 46 IBiometricServiceReceiver receiver, String opPackageName, in PromptInfo promptInfo); 47 48 // Cancel authentication for the given requestId. 49 @EnforcePermission("USE_BIOMETRIC_INTERNAL") cancelAuthentication(IBinder token, String opPackageName, long requestId)50 void cancelAuthentication(IBinder token, String opPackageName, long requestId); 51 52 // Checks if biometrics can be used. 53 @EnforcePermission("USE_BIOMETRIC_INTERNAL") canAuthenticate(String opPackageName, int userId, int callingUserId, int authenticators)54 int canAuthenticate(String opPackageName, int userId, int callingUserId, int authenticators); 55 56 // Checks if any biometrics are enrolled. 57 @EnforcePermission("USE_BIOMETRIC_INTERNAL") hasEnrolledBiometrics(int userId, String opPackageName)58 boolean hasEnrolledBiometrics(int userId, String opPackageName); 59 60 // Registers an authenticator (e.g. face, fingerprint, iris). 61 // Id must be unique, whereas strength and modality don't need to be. 62 // TODO(b/123321528): Turn strength and modality into enums. 63 @EnforcePermission("USE_BIOMETRIC_INTERNAL") registerAuthenticator(int id, int modality, int strength, IBiometricAuthenticator authenticator)64 void registerAuthenticator(int id, int modality, int strength, 65 IBiometricAuthenticator authenticator); 66 67 // Register callback for when keyguard biometric eligibility changes. 68 @EnforcePermission("USE_BIOMETRIC_INTERNAL") registerEnabledOnKeyguardCallback(IBiometricEnabledOnKeyguardCallback callback)69 void registerEnabledOnKeyguardCallback(IBiometricEnabledOnKeyguardCallback callback); 70 71 // Notify BiometricService when <Biometric>Service is ready to start the prepared client. 72 // Client lifecycle is still managed in <Biometric>Service. 73 @EnforcePermission("USE_BIOMETRIC_INTERNAL") onReadyForAuthentication(long requestId, int cookie)74 void onReadyForAuthentication(long requestId, int cookie); 75 76 // Requests all BIOMETRIC_STRONG sensors to have their authenticatorId invalidated for the 77 // specified user. This happens when enrollments have been added on devices with multiple 78 // biometric sensors. 79 @EnforcePermission("USE_BIOMETRIC_INTERNAL") invalidateAuthenticatorIds(int userId, int fromSensorId, IInvalidationCallback callback)80 void invalidateAuthenticatorIds(int userId, int fromSensorId, IInvalidationCallback callback); 81 82 // Get a list of AuthenticatorIDs for authenticators which have enrolled templates and meet 83 // the requirements for integrating with Keystore. The AuthenticatorID are known in Keystore 84 // land as SIDs, and are used during key generation. 85 @EnforcePermission("USE_BIOMETRIC_INTERNAL") getAuthenticatorIds(int callingUserId)86 long[] getAuthenticatorIds(int callingUserId); 87 88 // See documentation in BiometricManager. 89 @EnforcePermission("USE_BIOMETRIC_INTERNAL") resetLockoutTimeBound(IBinder token, String opPackageName, int fromSensorId, int userId, in byte[] hardwareAuthToken)90 void resetLockoutTimeBound(IBinder token, String opPackageName, int fromSensorId, int userId, 91 in byte[] hardwareAuthToken); 92 93 // See documentation in BiometricManager. 94 @EnforcePermission("USE_BIOMETRIC_INTERNAL") resetLockout(int userId, in byte[] hardwareAuthToken)95 void resetLockout(int userId, in byte[] hardwareAuthToken); 96 97 @EnforcePermission("USE_BIOMETRIC_INTERNAL") getCurrentStrength(int sensorId)98 int getCurrentStrength(int sensorId); 99 100 // Returns a bit field of the modality (or modalities) that are will be used for authentication. 101 @EnforcePermission("USE_BIOMETRIC_INTERNAL") getCurrentModality(String opPackageName, int userId, int callingUserId, int authenticators)102 int getCurrentModality(String opPackageName, int userId, int callingUserId, int authenticators); 103 104 // Returns a bit field of the authentication modalities that are supported by this device. 105 @EnforcePermission("USE_BIOMETRIC_INTERNAL") getSupportedModalities(int authenticators)106 int getSupportedModalities(int authenticators); 107 } 108