1 /* 2 * Copyright (C) 2014 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 package android.hardware.fingerprint; 17 18 import android.hardware.biometrics.IBiometricSensorReceiver; 19 import android.hardware.biometrics.IBiometricServiceLockoutResetCallback; 20 import android.hardware.biometrics.IBiometricStateListener; 21 import android.hardware.biometrics.IInvalidationCallback; 22 import android.hardware.biometrics.ITestSession; 23 import android.hardware.biometrics.ITestSessionCallback; 24 import android.hardware.biometrics.fingerprint.PointerContext; 25 import android.hardware.fingerprint.IFingerprintClientActiveCallback; 26 import android.hardware.fingerprint.IFingerprintAuthenticatorsRegisteredCallback; 27 import android.hardware.fingerprint.IFingerprintServiceReceiver; 28 import android.hardware.fingerprint.IUdfpsOverlayController; 29 import android.hardware.fingerprint.ISidefpsController; 30 import android.hardware.fingerprint.Fingerprint; 31 import android.hardware.fingerprint.FingerprintAuthenticateOptions; 32 import android.hardware.fingerprint.FingerprintSensorPropertiesInternal; 33 import java.util.List; 34 35 /** 36 * Communication channel from client to the fingerprint service. 37 * @hide 38 */ 39 interface IFingerprintService { 40 41 // Creates a test session with the specified sensorId 42 @EnforcePermission("TEST_BIOMETRIC") createTestSession(int sensorId, ITestSessionCallback callback, String opPackageName)43 ITestSession createTestSession(int sensorId, ITestSessionCallback callback, String opPackageName); 44 45 // Requests a proto dump of the specified sensor 46 @EnforcePermission("USE_BIOMETRIC_INTERNAL") dumpSensorServiceStateProto(int sensorId, boolean clearSchedulerBuffer)47 byte[] dumpSensorServiceStateProto(int sensorId, boolean clearSchedulerBuffer); 48 49 // Retrieve static sensor properties for all fingerprint sensors getSensorPropertiesInternal(String opPackageName)50 List<FingerprintSensorPropertiesInternal> getSensorPropertiesInternal(String opPackageName); 51 52 // Retrieve static sensor properties for the specified sensor 53 @EnforcePermission("USE_BIOMETRIC_INTERNAL") getSensorProperties(int sensorId, String opPackageName)54 FingerprintSensorPropertiesInternal getSensorProperties(int sensorId, String opPackageName); 55 56 // Authenticate with a fingerprint. This is protected by USE_FINGERPRINT/USE_BIOMETRIC 57 // permission. This is effectively deprecated, since it only comes through FingerprintManager 58 // now. A requestId is returned that can be used to cancel this operation. authenticate(IBinder token, long operationId, IFingerprintServiceReceiver receiver, in FingerprintAuthenticateOptions options)59 long authenticate(IBinder token, long operationId, IFingerprintServiceReceiver receiver, 60 in FingerprintAuthenticateOptions options); 61 62 // Uses the fingerprint hardware to detect for the presence of a finger, without giving details 63 // about accept/reject/lockout. A requestId is returned that can be used to cancel this 64 // operation. 65 @EnforcePermission("USE_BIOMETRIC_INTERNAL") detectFingerprint(IBinder token, IFingerprintServiceReceiver receiver, in FingerprintAuthenticateOptions options)66 long detectFingerprint(IBinder token, IFingerprintServiceReceiver receiver, 67 in FingerprintAuthenticateOptions options); 68 69 // This method prepares the service to start authenticating, but doesn't start authentication. 70 // This is protected by the MANAGE_BIOMETRIC signatuer permission. This method should only be 71 // called from BiometricService. The additional uid, pid, userId arguments should be determined 72 // by BiometricService. To start authentication after the clients are ready, use 73 // startPreparedClient(). 74 @EnforcePermission("MANAGE_BIOMETRIC") prepareForAuthentication(IBinder token, long operationId, IBiometricSensorReceiver sensorReceiver, in FingerprintAuthenticateOptions options, long requestId, int cookie, boolean allowBackgroundAuthentication, boolean isForLegacyFingerprintManager)75 void prepareForAuthentication(IBinder token, long operationId, 76 IBiometricSensorReceiver sensorReceiver, in FingerprintAuthenticateOptions options, long requestId, 77 int cookie, boolean allowBackgroundAuthentication, 78 boolean isForLegacyFingerprintManager); 79 80 // Starts authentication with the previously prepared client. 81 @EnforcePermission("MANAGE_BIOMETRIC") startPreparedClient(int sensorId, int cookie)82 void startPreparedClient(int sensorId, int cookie); 83 84 // Cancel authentication for the given requestId. cancelAuthentication(IBinder token, String opPackageName, String attributionTag, long requestId)85 void cancelAuthentication(IBinder token, String opPackageName, String attributionTag, long requestId); 86 87 // Cancel finger detection for the given requestId. 88 @EnforcePermission("USE_BIOMETRIC_INTERNAL") cancelFingerprintDetect(IBinder token, String opPackageName, long requestId)89 void cancelFingerprintDetect(IBinder token, String opPackageName, long requestId); 90 91 // Same as above, except this is protected by the MANAGE_BIOMETRIC signature permission. Takes 92 // an additional uid, pid, userid. 93 @EnforcePermission("MANAGE_BIOMETRIC") cancelAuthenticationFromService(int sensorId, IBinder token, String opPackageName, long requestId)94 void cancelAuthenticationFromService(int sensorId, IBinder token, String opPackageName, long requestId); 95 96 // Start fingerprint enrollment 97 @EnforcePermission("MANAGE_FINGERPRINT") enroll(IBinder token, in byte [] hardwareAuthToken, int userId, IFingerprintServiceReceiver receiver, String opPackageName, int enrollReason)98 long enroll(IBinder token, in byte [] hardwareAuthToken, int userId, IFingerprintServiceReceiver receiver, 99 String opPackageName, int enrollReason); 100 101 // Cancel enrollment in progress 102 @EnforcePermission("MANAGE_FINGERPRINT") cancelEnrollment(IBinder token, long requestId)103 void cancelEnrollment(IBinder token, long requestId); 104 105 // Any errors resulting from this call will be returned to the listener 106 @EnforcePermission("MANAGE_FINGERPRINT") remove(IBinder token, int fingerId, int userId, IFingerprintServiceReceiver receiver, String opPackageName)107 void remove(IBinder token, int fingerId, int userId, IFingerprintServiceReceiver receiver, 108 String opPackageName); 109 110 // Removes all face enrollments for the specified userId. 111 @EnforcePermission("USE_BIOMETRIC_INTERNAL") removeAll(IBinder token, int userId, IFingerprintServiceReceiver receiver, String opPackageName)112 void removeAll(IBinder token, int userId, IFingerprintServiceReceiver receiver, String opPackageName); 113 114 // Rename the fingerprint specified by fingerId and userId to the given name 115 @EnforcePermission("MANAGE_FINGERPRINT") rename(int fingerId, int userId, String name)116 void rename(int fingerId, int userId, String name); 117 118 // Get a list of enrolled fingerprints in the given userId. getEnrolledFingerprints(int userId, String opPackageName, String attributionTag)119 List<Fingerprint> getEnrolledFingerprints(int userId, String opPackageName, String attributionTag); 120 121 // Determine if the HAL is loaded and ready. Meant to support the deprecated FingerprintManager APIs isHardwareDetectedDeprecated(String opPackageName, String attributionTag)122 boolean isHardwareDetectedDeprecated(String opPackageName, String attributionTag); 123 124 // Determine if the specified HAL is loaded and ready 125 @EnforcePermission("USE_BIOMETRIC_INTERNAL") isHardwareDetected(int sensorId, String opPackageName)126 boolean isHardwareDetected(int sensorId, String opPackageName); 127 128 // Get a pre-enrollment authentication token 129 @EnforcePermission("MANAGE_FINGERPRINT") generateChallenge(IBinder token, int sensorId, int userId, IFingerprintServiceReceiver receiver, String opPackageName)130 void generateChallenge(IBinder token, int sensorId, int userId, IFingerprintServiceReceiver receiver, String opPackageName); 131 132 // Finish an enrollment sequence and invalidate the authentication token 133 @EnforcePermission("MANAGE_FINGERPRINT") revokeChallenge(IBinder token, int sensorId, int userId, String opPackageName, long challenge)134 void revokeChallenge(IBinder token, int sensorId, int userId, String opPackageName, long challenge); 135 136 // Determine if a user has at least one enrolled fingerprint. Meant to support the deprecated FingerprintManager APIs hasEnrolledFingerprintsDeprecated(int userId, String opPackageName, String attributionTag)137 boolean hasEnrolledFingerprintsDeprecated(int userId, String opPackageName, String attributionTag); 138 139 // Determine if a user has at least one enrolled fingerprint. 140 @EnforcePermission("USE_BIOMETRIC_INTERNAL") hasEnrolledFingerprints(int sensorId, int userId, String opPackageName)141 boolean hasEnrolledFingerprints(int sensorId, int userId, String opPackageName); 142 143 // Return the LockoutTracker status for the specified user 144 @EnforcePermission("USE_BIOMETRIC_INTERNAL") getLockoutModeForUser(int sensorId, int userId)145 int getLockoutModeForUser(int sensorId, int userId); 146 147 // Requests for the specified sensor+userId's authenticatorId to be invalidated 148 @EnforcePermission("USE_BIOMETRIC_INTERNAL") invalidateAuthenticatorId(int sensorId, int userId, IInvalidationCallback callback)149 void invalidateAuthenticatorId(int sensorId, int userId, IInvalidationCallback callback); 150 151 // Gets the authenticator ID for fingerprint 152 @EnforcePermission("USE_BIOMETRIC_INTERNAL") getAuthenticatorId(int sensorId, int callingUserId)153 long getAuthenticatorId(int sensorId, int callingUserId); 154 155 // Reset the timeout when user authenticates with strong auth (e.g. PIN, pattern or password) 156 @EnforcePermission("RESET_FINGERPRINT_LOCKOUT") resetLockout(IBinder token, int sensorId, int userId, in byte[] hardwareAuthToken, String opPackageNAame)157 void resetLockout(IBinder token, int sensorId, int userId, in byte[] hardwareAuthToken, String opPackageNAame); 158 159 // Add a callback which gets notified when the fingerprint lockout period expired. 160 @EnforcePermission("USE_BIOMETRIC_INTERNAL") addLockoutResetCallback(IBiometricServiceLockoutResetCallback callback, String opPackageName)161 void addLockoutResetCallback(IBiometricServiceLockoutResetCallback callback, String opPackageName); 162 163 // Check if a client request is currently being handled 164 @EnforcePermission("MANAGE_FINGERPRINT") isClientActive()165 boolean isClientActive(); 166 167 // Add a callback which gets notified when the service starts and stops handling client requests 168 @EnforcePermission("MANAGE_FINGERPRINT") addClientActiveCallback(IFingerprintClientActiveCallback callback)169 void addClientActiveCallback(IFingerprintClientActiveCallback callback); 170 171 // Removes a callback set by addClientActiveCallback 172 @EnforcePermission("MANAGE_FINGERPRINT") removeClientActiveCallback(IFingerprintClientActiveCallback callback)173 void removeClientActiveCallback(IFingerprintClientActiveCallback callback); 174 175 // Registers all HIDL and AIDL sensors. Only HIDL sensor properties need to be provided, because 176 // AIDL sensor properties are retrieved directly from the available HALs. If no HIDL HALs exist, 177 // hidlSensors must be non-null and empty. See AuthService.java 178 @EnforcePermission("USE_BIOMETRIC_INTERNAL") registerAuthenticators(in List<FingerprintSensorPropertiesInternal> hidlSensors)179 void registerAuthenticators(in List<FingerprintSensorPropertiesInternal> hidlSensors); 180 181 // Adds a callback which gets called when the service registers all of the fingerprint 182 // authenticators. The callback is automatically removed after it's invoked. 183 @EnforcePermission("USE_BIOMETRIC_INTERNAL") addAuthenticatorsRegisteredCallback(IFingerprintAuthenticatorsRegisteredCallback callback)184 void addAuthenticatorsRegisteredCallback(IFingerprintAuthenticatorsRegisteredCallback callback); 185 186 // Notifies about a finger touching the sensor area. 187 @EnforcePermission("USE_BIOMETRIC_INTERNAL") onPointerDown(long requestId, int sensorId, in PointerContext pc)188 void onPointerDown(long requestId, int sensorId, in PointerContext pc); 189 190 // Notifies about a finger leaving the sensor area. 191 @EnforcePermission("USE_BIOMETRIC_INTERNAL") onPointerUp(long requestId, int sensorId, in PointerContext pc)192 void onPointerUp(long requestId, int sensorId, in PointerContext pc); 193 194 // Notifies about the fingerprint UI being ready (e.g. HBM illumination is enabled). 195 @EnforcePermission("USE_BIOMETRIC_INTERNAL") onUdfpsUiEvent(int event, long requestId, int sensorId)196 void onUdfpsUiEvent(int event, long requestId, int sensorId); 197 198 // Sets the controller for managing the UDFPS overlay. 199 @EnforcePermission("USE_BIOMETRIC_INTERNAL") setUdfpsOverlayController(in IUdfpsOverlayController controller)200 void setUdfpsOverlayController(in IUdfpsOverlayController controller); 201 202 // Sets the controller for managing the SideFPS overlay. 203 @EnforcePermission("USE_BIOMETRIC_INTERNAL") setSidefpsController(in ISidefpsController controller)204 void setSidefpsController(in ISidefpsController controller); 205 206 // Registers BiometricStateListener. 207 @EnforcePermission("USE_BIOMETRIC_INTERNAL") registerBiometricStateListener(IBiometricStateListener listener)208 void registerBiometricStateListener(IBiometricStateListener listener); 209 210 // Sends a power button pressed event to all listeners. 211 @EnforcePermission("USE_BIOMETRIC_INTERNAL") onPowerPressed()212 oneway void onPowerPressed(); 213 214 // Internal operation used to clear fingerprint biometric scheduler. 215 // Ensures that the scheduler is not stuck. 216 @EnforcePermission("USE_BIOMETRIC_INTERNAL") scheduleWatchdog()217 oneway void scheduleWatchdog(); 218 } 219