1 /* 2 * Copyright (C) 2018 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package android.hardware.biometrics; 18 19 import android.hardware.biometrics.IBiometricEnabledOnKeyguardCallback; 20 import android.hardware.biometrics.IBiometricServiceReceiver; 21 import android.hardware.biometrics.IBiometricAuthenticator; 22 import android.hardware.biometrics.IInvalidationCallback; 23 import android.hardware.biometrics.ITestSession; 24 import android.hardware.biometrics.ITestSessionCallback; 25 import android.hardware.biometrics.PromptInfo; 26 import android.hardware.biometrics.SensorPropertiesInternal; 27 28 /** 29 * Communication channel from AuthService to BiometricService. 30 * @hide 31 */ 32 interface IBiometricService { 33 // Creates a test session with the specified sensorId 34 @EnforcePermission("USE_BIOMETRIC_INTERNAL") createTestSession(int sensorId, ITestSessionCallback callback, String opPackageName)35 ITestSession createTestSession(int sensorId, ITestSessionCallback callback, String opPackageName); 36 37 // Retrieve static sensor properties for all biometric sensors 38 @EnforcePermission("USE_BIOMETRIC_INTERNAL") getSensorProperties(String opPackageName)39 List<SensorPropertiesInternal> getSensorProperties(String opPackageName); 40 41 // Requests authentication. The service chooses the appropriate biometric to use, and shows 42 // the corresponding BiometricDialog. A requestId is returned that can be used to cancel 43 // this operation. 44 @EnforcePermission("USE_BIOMETRIC_INTERNAL") authenticate(IBinder token, long operationId, int userId, IBiometricServiceReceiver receiver, String opPackageName, in PromptInfo promptInfo)45 long authenticate(IBinder token, long operationId, int userId, 46 IBiometricServiceReceiver receiver, String opPackageName, in PromptInfo promptInfo); 47 48 // Cancel authentication for the given requestId. 49 @EnforcePermission("USE_BIOMETRIC_INTERNAL") cancelAuthentication(IBinder token, String opPackageName, long requestId)50 void cancelAuthentication(IBinder token, String opPackageName, long requestId); 51 52 // Checks if biometrics can be used. 53 @EnforcePermission("USE_BIOMETRIC_INTERNAL") canAuthenticate(String opPackageName, int userId, int callingUserId, int authenticators)54 int canAuthenticate(String opPackageName, int userId, int callingUserId, int authenticators); 55 56 // Gets the time of last authentication for the given user and authenticators. 57 @EnforcePermission("USE_BIOMETRIC_INTERNAL") getLastAuthenticationTime(int userId, int authenticators)58 long getLastAuthenticationTime(int userId, int authenticators); 59 60 // Checks if any biometrics are enrolled. 61 @EnforcePermission("USE_BIOMETRIC_INTERNAL") hasEnrolledBiometrics(int userId, String opPackageName)62 boolean hasEnrolledBiometrics(int userId, String opPackageName); 63 64 // Registers an authenticator (e.g. face, fingerprint, iris). 65 // Id must be unique, whereas strength and modality don't need to be. 66 // TODO(b/123321528): Turn strength and modality into enums. 67 @EnforcePermission("USE_BIOMETRIC_INTERNAL") registerAuthenticator(int id, int modality, int strength, IBiometricAuthenticator authenticator)68 void registerAuthenticator(int id, int modality, int strength, 69 IBiometricAuthenticator authenticator); 70 71 // Register callback for when keyguard biometric eligibility changes. 72 @EnforcePermission("USE_BIOMETRIC_INTERNAL") registerEnabledOnKeyguardCallback(IBiometricEnabledOnKeyguardCallback callback)73 void registerEnabledOnKeyguardCallback(IBiometricEnabledOnKeyguardCallback callback); 74 75 // Notify BiometricService when <Biometric>Service is ready to start the prepared client. 76 // Client lifecycle is still managed in <Biometric>Service. 77 @EnforcePermission("USE_BIOMETRIC_INTERNAL") onReadyForAuthentication(long requestId, int cookie)78 void onReadyForAuthentication(long requestId, int cookie); 79 80 // Requests all BIOMETRIC_STRONG sensors to have their authenticatorId invalidated for the 81 // specified user. This happens when enrollments have been added on devices with multiple 82 // biometric sensors. 83 @EnforcePermission("USE_BIOMETRIC_INTERNAL") invalidateAuthenticatorIds(int userId, int fromSensorId, IInvalidationCallback callback)84 void invalidateAuthenticatorIds(int userId, int fromSensorId, IInvalidationCallback callback); 85 86 // Get a list of AuthenticatorIDs for authenticators which have enrolled templates and meet 87 // the requirements for integrating with Keystore. The AuthenticatorID are known in Keystore 88 // land as SIDs, and are used during key generation. 89 @EnforcePermission("USE_BIOMETRIC_INTERNAL") getAuthenticatorIds(int callingUserId)90 long[] getAuthenticatorIds(int callingUserId); 91 92 // See documentation in BiometricManager. 93 @EnforcePermission("USE_BIOMETRIC_INTERNAL") resetLockoutTimeBound(IBinder token, String opPackageName, int fromSensorId, int userId, in byte[] hardwareAuthToken)94 void resetLockoutTimeBound(IBinder token, String opPackageName, int fromSensorId, int userId, 95 in byte[] hardwareAuthToken); 96 97 // See documentation in BiometricManager. 98 @EnforcePermission("USE_BIOMETRIC_INTERNAL") resetLockout(int userId, in byte[] hardwareAuthToken)99 void resetLockout(int userId, in byte[] hardwareAuthToken); 100 101 @EnforcePermission("USE_BIOMETRIC_INTERNAL") getCurrentStrength(int sensorId)102 int getCurrentStrength(int sensorId); 103 104 // Returns a bit field of the modality (or modalities) that are will be used for authentication. 105 @EnforcePermission("USE_BIOMETRIC_INTERNAL") getCurrentModality(String opPackageName, int userId, int callingUserId, int authenticators)106 int getCurrentModality(String opPackageName, int userId, int callingUserId, int authenticators); 107 108 // Returns a bit field of the authentication modalities that are supported by this device. 109 @EnforcePermission("USE_BIOMETRIC_INTERNAL") getSupportedModalities(int authenticators)110 int getSupportedModalities(int authenticators); 111 } 112