1 /*
2  * Copyright (C) 2014 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 package android.hardware.fingerprint;
17 
18 import android.hardware.biometrics.AuthenticationStateListener;
19 import android.hardware.biometrics.IBiometricSensorReceiver;
20 import android.hardware.biometrics.IBiometricServiceLockoutResetCallback;
21 import android.hardware.biometrics.IBiometricStateListener;
22 import android.hardware.biometrics.IInvalidationCallback;
23 import android.hardware.biometrics.ITestSession;
24 import android.hardware.biometrics.ITestSessionCallback;
25 import android.hardware.biometrics.fingerprint.PointerContext;
26 import android.hardware.fingerprint.IFingerprintClientActiveCallback;
27 import android.hardware.fingerprint.IFingerprintAuthenticatorsRegisteredCallback;
28 import android.hardware.fingerprint.IFingerprintServiceReceiver;
29 import android.hardware.fingerprint.IUdfpsOverlayController;
30 import android.hardware.fingerprint.Fingerprint;
31 import android.hardware.fingerprint.FingerprintAuthenticateOptions;
32 import android.hardware.fingerprint.FingerprintEnrollOptions;
33 import android.hardware.fingerprint.FingerprintSensorPropertiesInternal;
34 import android.hardware.fingerprint.FingerprintSensorConfigurations;
35 import java.util.List;
36 
37 /**
38  * Communication channel from client to the fingerprint service.
39  * @hide
40  */
41 interface IFingerprintService {
42 
43     // Creates a test session with the specified sensorId
44     @EnforcePermission("TEST_BIOMETRIC")
createTestSession(int sensorId, ITestSessionCallback callback, String opPackageName)45     ITestSession createTestSession(int sensorId, ITestSessionCallback callback, String opPackageName);
46 
47     // Requests a proto dump of the specified sensor
48     @EnforcePermission("USE_BIOMETRIC_INTERNAL")
dumpSensorServiceStateProto(int sensorId, boolean clearSchedulerBuffer)49     byte[] dumpSensorServiceStateProto(int sensorId, boolean clearSchedulerBuffer);
50 
51     // Retrieve static sensor properties for all fingerprint sensors
getSensorPropertiesInternal(String opPackageName)52     List<FingerprintSensorPropertiesInternal> getSensorPropertiesInternal(String opPackageName);
53 
54     // Retrieve static sensor properties for the specified sensor
55     @EnforcePermission("USE_BIOMETRIC_INTERNAL")
getSensorProperties(int sensorId, String opPackageName)56     FingerprintSensorPropertiesInternal getSensorProperties(int sensorId, String opPackageName);
57 
58     // Authenticate with a fingerprint. This is protected by USE_FINGERPRINT/USE_BIOMETRIC
59     // permission. This is effectively deprecated, since it only comes through FingerprintManager
60     // now. A requestId is returned that can be used to cancel this operation.
authenticate(IBinder token, long operationId, IFingerprintServiceReceiver receiver, in FingerprintAuthenticateOptions options)61     long authenticate(IBinder token, long operationId, IFingerprintServiceReceiver receiver,
62             in FingerprintAuthenticateOptions options);
63 
64     // Uses the fingerprint hardware to detect for the presence of a finger, without giving details
65     // about accept/reject/lockout. A requestId is returned that can be used to cancel this
66     // operation.
67     @EnforcePermission("USE_BIOMETRIC_INTERNAL")
detectFingerprint(IBinder token, IFingerprintServiceReceiver receiver, in FingerprintAuthenticateOptions options)68     long detectFingerprint(IBinder token, IFingerprintServiceReceiver receiver,
69             in FingerprintAuthenticateOptions options);
70 
71     // This method prepares the service to start authenticating, but doesn't start authentication.
72     // This is protected by the MANAGE_BIOMETRIC signatuer permission. This method should only be
73     // called from BiometricService. The additional uid, pid, userId arguments should be determined
74     // by BiometricService. To start authentication after the clients are ready, use
75     // startPreparedClient().
76     @EnforcePermission("MANAGE_BIOMETRIC")
prepareForAuthentication(IBinder token, long operationId, IBiometricSensorReceiver sensorReceiver, in FingerprintAuthenticateOptions options, long requestId, int cookie, boolean allowBackgroundAuthentication, boolean isForLegacyFingerprintManager)77     void prepareForAuthentication(IBinder token, long operationId,
78             IBiometricSensorReceiver sensorReceiver, in FingerprintAuthenticateOptions options, long requestId,
79             int cookie, boolean allowBackgroundAuthentication,
80             boolean isForLegacyFingerprintManager);
81 
82     // Starts authentication with the previously prepared client.
83     @EnforcePermission("MANAGE_BIOMETRIC")
startPreparedClient(int sensorId, int cookie)84     void startPreparedClient(int sensorId, int cookie);
85 
86     // Cancel authentication for the given requestId.
cancelAuthentication(IBinder token, String opPackageName, String attributionTag, long requestId)87     void cancelAuthentication(IBinder token, String opPackageName, String attributionTag, long requestId);
88 
89     // Cancel finger detection for the given requestId.
90     @EnforcePermission("USE_BIOMETRIC_INTERNAL")
cancelFingerprintDetect(IBinder token, String opPackageName, long requestId)91     void cancelFingerprintDetect(IBinder token, String opPackageName, long requestId);
92 
93     // Same as above, except this is protected by the MANAGE_BIOMETRIC signature permission. Takes
94     // an additional uid, pid, userid.
95     @EnforcePermission("MANAGE_BIOMETRIC")
cancelAuthenticationFromService(int sensorId, IBinder token, String opPackageName, long requestId)96     void cancelAuthenticationFromService(int sensorId, IBinder token, String opPackageName, long requestId);
97 
98     // Start fingerprint enrollment
99     @EnforcePermission("MANAGE_FINGERPRINT")
enroll(IBinder token, in byte [] hardwareAuthToken, int userId, IFingerprintServiceReceiver receiver, String opPackageName, int enrollReason, in FingerprintEnrollOptions options)100     long enroll(IBinder token, in byte [] hardwareAuthToken, int userId, IFingerprintServiceReceiver receiver,
101             String opPackageName, int enrollReason, in FingerprintEnrollOptions options);
102 
103     // Cancel enrollment in progress
104     @EnforcePermission("MANAGE_FINGERPRINT")
cancelEnrollment(IBinder token, long requestId)105     void cancelEnrollment(IBinder token, long requestId);
106 
107     // Any errors resulting from this call will be returned to the listener
108     @EnforcePermission("MANAGE_FINGERPRINT")
remove(IBinder token, int fingerId, int userId, IFingerprintServiceReceiver receiver, String opPackageName)109     void remove(IBinder token, int fingerId, int userId, IFingerprintServiceReceiver receiver,
110             String opPackageName);
111 
112     // Removes all face enrollments for the specified userId.
113     @EnforcePermission("USE_BIOMETRIC_INTERNAL")
removeAll(IBinder token, int userId, IFingerprintServiceReceiver receiver, String opPackageName)114     void removeAll(IBinder token, int userId, IFingerprintServiceReceiver receiver, String opPackageName);
115 
116     // Rename the fingerprint specified by fingerId and userId to the given name
117     @EnforcePermission("MANAGE_FINGERPRINT")
rename(int fingerId, int userId, String name)118     void rename(int fingerId, int userId, String name);
119 
120     // Get a list of enrolled fingerprints in the given userId.
getEnrolledFingerprints(int userId, String opPackageName, String attributionTag)121     List<Fingerprint> getEnrolledFingerprints(int userId, String opPackageName, String attributionTag);
122 
123     // Determine if the HAL is loaded and ready. Meant to support the deprecated FingerprintManager APIs
isHardwareDetectedDeprecated(String opPackageName, String attributionTag)124     boolean isHardwareDetectedDeprecated(String opPackageName, String attributionTag);
125 
126     // Determine if the specified HAL is loaded and ready
127     @EnforcePermission("USE_BIOMETRIC_INTERNAL")
isHardwareDetected(int sensorId, String opPackageName)128     boolean isHardwareDetected(int sensorId, String opPackageName);
129 
130     // Get a pre-enrollment authentication token
131     @EnforcePermission("MANAGE_FINGERPRINT")
generateChallenge(IBinder token, int sensorId, int userId, IFingerprintServiceReceiver receiver, String opPackageName)132     void generateChallenge(IBinder token, int sensorId, int userId, IFingerprintServiceReceiver receiver, String opPackageName);
133 
134     // Finish an enrollment sequence and invalidate the authentication token
135     @EnforcePermission("MANAGE_FINGERPRINT")
revokeChallenge(IBinder token, int sensorId, int userId, String opPackageName, long challenge)136     void revokeChallenge(IBinder token, int sensorId, int userId, String opPackageName, long challenge);
137 
138     // Determine if a user has at least one enrolled fingerprint. Meant to support the deprecated FingerprintManager APIs
hasEnrolledFingerprintsDeprecated(int userId, String opPackageName, String attributionTag)139     boolean hasEnrolledFingerprintsDeprecated(int userId, String opPackageName, String attributionTag);
140 
141     // Determine if a user has at least one enrolled fingerprint.
142     @EnforcePermission("USE_BIOMETRIC_INTERNAL")
hasEnrolledFingerprints(int sensorId, int userId, String opPackageName)143     boolean hasEnrolledFingerprints(int sensorId, int userId, String opPackageName);
144 
145     // Return the LockoutTracker status for the specified user
146     @EnforcePermission("USE_BIOMETRIC_INTERNAL")
getLockoutModeForUser(int sensorId, int userId)147     int getLockoutModeForUser(int sensorId, int userId);
148 
149     // Requests for the specified sensor+userId's authenticatorId to be invalidated
150     @EnforcePermission("USE_BIOMETRIC_INTERNAL")
invalidateAuthenticatorId(int sensorId, int userId, IInvalidationCallback callback)151     void invalidateAuthenticatorId(int sensorId, int userId, IInvalidationCallback callback);
152 
153     // Gets the authenticator ID for fingerprint
154     @EnforcePermission("USE_BIOMETRIC_INTERNAL")
getAuthenticatorId(int sensorId, int callingUserId)155     long getAuthenticatorId(int sensorId, int callingUserId);
156 
157     // Reset the timeout when user authenticates with strong auth (e.g. PIN, pattern or password)
158     @EnforcePermission("RESET_FINGERPRINT_LOCKOUT")
resetLockout(IBinder token, int sensorId, int userId, in byte[] hardwareAuthToken, String opPackageNAame)159     void resetLockout(IBinder token, int sensorId, int userId, in byte[] hardwareAuthToken, String opPackageNAame);
160 
161     // Add a callback which gets notified when the fingerprint lockout period expired.
162     @EnforcePermission("USE_BIOMETRIC_INTERNAL")
addLockoutResetCallback(IBiometricServiceLockoutResetCallback callback, String opPackageName)163     void addLockoutResetCallback(IBiometricServiceLockoutResetCallback callback, String opPackageName);
164 
165     // Check if a client request is currently being handled
166     @EnforcePermission("MANAGE_FINGERPRINT")
isClientActive()167     boolean isClientActive();
168 
169     // Add a callback which gets notified when the service starts and stops handling client requests
170     @EnforcePermission("MANAGE_FINGERPRINT")
addClientActiveCallback(IFingerprintClientActiveCallback callback)171     void addClientActiveCallback(IFingerprintClientActiveCallback callback);
172 
173     // Removes a callback set by addClientActiveCallback
174     @EnforcePermission("MANAGE_FINGERPRINT")
removeClientActiveCallback(IFingerprintClientActiveCallback callback)175     void removeClientActiveCallback(IFingerprintClientActiveCallback callback);
176 
177     //Register all available fingerprint sensors.
178     @EnforcePermission("USE_BIOMETRIC_INTERNAL")
registerAuthenticators(in FingerprintSensorConfigurations fingerprintSensorConfigurations)179     void registerAuthenticators(in FingerprintSensorConfigurations fingerprintSensorConfigurations);
180 
181     // Adds a callback which gets called when the service registers all of the fingerprint
182     // authenticators. The callback is automatically removed after it's invoked.
183     @EnforcePermission("USE_BIOMETRIC_INTERNAL")
addAuthenticatorsRegisteredCallback(IFingerprintAuthenticatorsRegisteredCallback callback)184     void addAuthenticatorsRegisteredCallback(IFingerprintAuthenticatorsRegisteredCallback callback);
185 
186     // Notifies about a finger touching the sensor area.
187     @EnforcePermission("USE_BIOMETRIC_INTERNAL")
onPointerDown(long requestId, int sensorId, in PointerContext pc)188     void onPointerDown(long requestId, int sensorId, in PointerContext pc);
189 
190     // Notifies about a finger leaving the sensor area.
191     @EnforcePermission("USE_BIOMETRIC_INTERNAL")
onPointerUp(long requestId, int sensorId, in PointerContext pc)192     void onPointerUp(long requestId, int sensorId, in PointerContext pc);
193 
194     // Notifies about the fingerprint UI being ready (e.g. HBM illumination is enabled).
195     @EnforcePermission("USE_BIOMETRIC_INTERNAL")
onUdfpsUiEvent(int event, long requestId, int sensorId)196     void onUdfpsUiEvent(int event, long requestId, int sensorId);
197 
198     @EnforcePermission("USE_BIOMETRIC_INTERNAL")
setIgnoreDisplayTouches(long requestId, int sensorId, boolean ignoreTouches)199     void setIgnoreDisplayTouches(long requestId, int sensorId, boolean ignoreTouches);
200 
201     // Sets the controller for managing the UDFPS overlay.
202     @EnforcePermission("USE_BIOMETRIC_INTERNAL")
setUdfpsOverlayController(in IUdfpsOverlayController controller)203     void setUdfpsOverlayController(in IUdfpsOverlayController controller);
204 
205     // Registers AuthenticationStateListener.
206     @EnforcePermission("USE_BIOMETRIC_INTERNAL")
registerAuthenticationStateListener(AuthenticationStateListener listener)207     void registerAuthenticationStateListener(AuthenticationStateListener listener);
208 
209     // Unregisters AuthenticationStateListener.
210     @EnforcePermission("USE_BIOMETRIC_INTERNAL")
unregisterAuthenticationStateListener(AuthenticationStateListener listener)211     void unregisterAuthenticationStateListener(AuthenticationStateListener listener);
212 
213     // Registers BiometricStateListener.
214     @EnforcePermission("USE_BIOMETRIC_INTERNAL")
registerBiometricStateListener(IBiometricStateListener listener)215     void registerBiometricStateListener(IBiometricStateListener listener);
216 
217     // Sends a power button pressed event to all listeners.
218     @EnforcePermission("USE_BIOMETRIC_INTERNAL")
onPowerPressed()219     oneway void onPowerPressed();
220 
221     // Internal operation used to clear fingerprint biometric scheduler.
222     // Ensures that the scheduler is not stuck.
223     @EnforcePermission("USE_BIOMETRIC_INTERNAL")
scheduleWatchdog()224     oneway void scheduleWatchdog();
225 }
226