1 /*
2  * Copyright (C) 2019 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 package android.hardware.biometrics;
18 
19 import android.hardware.biometrics.AuthenticationStateListener;
20 import android.hardware.biometrics.IBiometricEnabledOnKeyguardCallback;
21 import android.hardware.biometrics.IBiometricServiceReceiver;
22 import android.hardware.biometrics.IInvalidationCallback;
23 import android.hardware.biometrics.ITestSession;
24 import android.hardware.biometrics.ITestSessionCallback;
25 import android.hardware.biometrics.PromptInfo;
26 import android.hardware.biometrics.SensorPropertiesInternal;
27 
28 /**
29  * Communication channel from BiometricPrompt and BiometricManager to AuthService. The
30  * interface does not expose specific biometric modalities. The system will use the default
31  * biometric for apps. On devices with more than one, the choice is dictated by user preference in
32  * Settings.
33  * @hide
34  */
35 interface IAuthService {
36     // Creates a test session with the specified sensorId
37     @EnforcePermission("TEST_BIOMETRIC")
createTestSession(int sensorId, ITestSessionCallback callback, String opPackageName)38     ITestSession createTestSession(int sensorId, ITestSessionCallback callback, String opPackageName);
39 
40     // Retrieve static sensor properties for all biometric sensors
41     @EnforcePermission("TEST_BIOMETRIC")
getSensorProperties(String opPackageName)42     List<SensorPropertiesInternal> getSensorProperties(String opPackageName);
43 
44     // Retrieve the package where BIometricOrompt's UI is implemented
45     @EnforcePermission("TEST_BIOMETRIC")
getUiPackage()46     String getUiPackage();
47 
48     // Requests authentication. The service chooses the appropriate biometric to use, and shows
49     // the corresponding BiometricDialog. A requestId is returned that can be used to cancel
50     // this operation.
authenticate(IBinder token, long sessionId, int userId, IBiometricServiceReceiver receiver, String opPackageName, in PromptInfo promptInfo)51     long authenticate(IBinder token, long sessionId, int userId,
52             IBiometricServiceReceiver receiver, String opPackageName, in PromptInfo promptInfo);
53 
54     // Cancel authentication for the given requestId.
cancelAuthentication(IBinder token, String opPackageName, long requestId)55     void cancelAuthentication(IBinder token, String opPackageName, long requestId);
56 
57     // TODO(b/141025588): Make userId the first arg to be consistent with hasEnrolledBiometrics.
58     // Checks if biometrics can be used.
canAuthenticate(String opPackageName, int userId, int authenticators)59     int canAuthenticate(String opPackageName, int userId, int authenticators);
60 
61     // Gets the time of last authentication for the given user and authenticators.
getLastAuthenticationTime(int userId, int authenticators)62     long getLastAuthenticationTime(int userId, int authenticators);
63 
64     // Checks if any biometrics are enrolled.
hasEnrolledBiometrics(int userId, String opPackageName)65     boolean hasEnrolledBiometrics(int userId, String opPackageName);
66 
67     // Register callback for when keyguard biometric eligibility changes.
registerEnabledOnKeyguardCallback(IBiometricEnabledOnKeyguardCallback callback)68     void registerEnabledOnKeyguardCallback(IBiometricEnabledOnKeyguardCallback callback);
69 
70     // Register listener for changes to authentication state.
registerAuthenticationStateListener(AuthenticationStateListener listener)71     void registerAuthenticationStateListener(AuthenticationStateListener listener);
72 
73     // Unregister listener for changes to authentication state.
unregisterAuthenticationStateListener(AuthenticationStateListener listener)74     void unregisterAuthenticationStateListener(AuthenticationStateListener listener);
75 
76     // Requests all BIOMETRIC_STRONG sensors to have their authenticatorId invalidated for the
77     // specified user. This happens when enrollments have been added on devices with multiple
78     // biometric sensors.
invalidateAuthenticatorIds(int userId, int fromSensorId, IInvalidationCallback callback)79     void invalidateAuthenticatorIds(int userId, int fromSensorId, IInvalidationCallback callback);
80 
81     // Get a list of AuthenticatorIDs for authenticators which have enrolled templates and meet
82     // the requirements for integrating with Keystore. The AuthenticatorID are known in Keystore
83     // land as SIDs, and are used during key generation.
84     // If userId is not equal to the calling user ID, the caller must have the
85     // USE_BIOMETRIC_INTERNAL permission.
getAuthenticatorIds(in int userId)86     long[] getAuthenticatorIds(in int userId);
87 
88     // See documentation in BiometricManager.
resetLockoutTimeBound(IBinder token, String opPackageName, int fromSensorId, int userId, in byte[] hardwareAuthToken)89     void resetLockoutTimeBound(IBinder token, String opPackageName, int fromSensorId, int userId,
90             in byte[] hardwareAuthToken);
91 
92     // See documentation in BiometricManager.
resetLockout(int userId, in byte[] hardwareAuthToken)93     void resetLockout(int userId, in byte[] hardwareAuthToken);
94 
95     // Provides a localized string that may be used as the label for a button that invokes
96     // BiometricPrompt.
getButtonLabel(int userId, String opPackageName, int authenticators)97     CharSequence getButtonLabel(int userId, String opPackageName, int authenticators);
98 
99     // Provides a localized string that may be shown while the user is authenticating with
100     // BiometricPrompt.
getPromptMessage(int userId, String opPackageName, int authenticators)101     CharSequence getPromptMessage(int userId, String opPackageName, int authenticators);
102 
103     // Provides a localized string that may be shown as the title for an app setting that enables
104     // biometric authentication.
getSettingName(int userId, String opPackageName, int authenticators)105     CharSequence getSettingName(int userId, String opPackageName, int authenticators);
106 }
107