1 /* 2 * Copyright (C) 2018 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package android.hardware.biometrics; 18 19 import android.os.Bundle; 20 import android.hardware.biometrics.IBiometricEnabledOnKeyguardCallback; 21 import android.hardware.biometrics.IBiometricServiceReceiver; 22 import android.hardware.biometrics.IBiometricAuthenticator; 23 24 /** 25 * Communication channel from AuthService to BiometricService. 26 * @hide 27 */ 28 interface IBiometricService { 29 // Requests authentication. The service choose the appropriate biometric to use, and show 30 // the corresponding BiometricDialog. authenticate(IBinder token, long sessionId, int userId, IBiometricServiceReceiver receiver, String opPackageName, in Bundle bundle, int callingUid, int callingPid, int callingUserId)31 void authenticate(IBinder token, long sessionId, int userId, 32 IBiometricServiceReceiver receiver, String opPackageName, in Bundle bundle, 33 int callingUid, int callingPid, int callingUserId); 34 35 // Cancel authentication for the given session. cancelAuthentication(IBinder token, String opPackageName, int callingUid, int callingPid, int callingUserId)36 void cancelAuthentication(IBinder token, String opPackageName, int callingUid, int callingPid, 37 int callingUserId); 38 39 // Checks if biometrics can be used. canAuthenticate(String opPackageName, int userId, int callingUserId, int authenticators)40 int canAuthenticate(String opPackageName, int userId, int callingUserId, int authenticators); 41 42 // Checks if any biometrics are enrolled. hasEnrolledBiometrics(int userId, String opPackageName)43 boolean hasEnrolledBiometrics(int userId, String opPackageName); 44 45 // Registers an authenticator (e.g. face, fingerprint, iris). 46 // Id must be unique, whereas strength and modality don't need to be. 47 // TODO(b/123321528): Turn strength and modality into enums. registerAuthenticator(int id, int modality, int strength, IBiometricAuthenticator authenticator)48 void registerAuthenticator(int id, int modality, int strength, 49 IBiometricAuthenticator authenticator); 50 51 // Register callback for when keyguard biometric eligibility changes. registerEnabledOnKeyguardCallback(IBiometricEnabledOnKeyguardCallback callback, int callingUserId)52 void registerEnabledOnKeyguardCallback(IBiometricEnabledOnKeyguardCallback callback, 53 int callingUserId); 54 55 // Explicitly set the active user. setActiveUser(int userId)56 void setActiveUser(int userId); 57 58 // Notify BiometricService when <Biometric>Service is ready to start the prepared client. 59 // Client lifecycle is still managed in <Biometric>Service. onReadyForAuthentication(int cookie, boolean requireConfirmation, int userId)60 void onReadyForAuthentication(int cookie, boolean requireConfirmation, int userId); 61 62 // Reset the lockout when user authenticates with strong auth (e.g. PIN, pattern or password) resetLockout(in byte [] token)63 void resetLockout(in byte [] token); 64 65 // Get a list of AuthenticatorIDs for authenticators which have enrolled templates and meet 66 // the requirements for integrating with Keystore. The AuthenticatorID are known in Keystore 67 // land as SIDs, and are used during key generation. getAuthenticatorIds(int callingUserId)68 long[] getAuthenticatorIds(int callingUserId); 69 } 70