1 /* 2 * Copyright (C) 2019 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package android.hardware.biometrics; 18 19 import android.hardware.biometrics.IBiometricEnabledOnKeyguardCallback; 20 import android.hardware.biometrics.IBiometricServiceReceiver; 21 import android.hardware.biometrics.IInvalidationCallback; 22 import android.hardware.biometrics.ITestSession; 23 import android.hardware.biometrics.ITestSessionCallback; 24 import android.hardware.biometrics.PromptInfo; 25 import android.hardware.biometrics.SensorPropertiesInternal; 26 27 /** 28 * Communication channel from BiometricPrompt and BiometricManager to AuthService. The 29 * interface does not expose specific biometric modalities. The system will use the default 30 * biometric for apps. On devices with more than one, the choice is dictated by user preference in 31 * Settings. 32 * @hide 33 */ 34 interface IAuthService { 35 // Creates a test session with the specified sensorId createTestSession(int sensorId, ITestSessionCallback callback, String opPackageName)36 ITestSession createTestSession(int sensorId, ITestSessionCallback callback, String opPackageName); 37 38 // Retrieve static sensor properties for all biometric sensors getSensorProperties(String opPackageName)39 List<SensorPropertiesInternal> getSensorProperties(String opPackageName); 40 41 // Retrieve the package where BIometricOrompt's UI is implemented getUiPackage()42 String getUiPackage(); 43 44 // Requests authentication. The service chooses the appropriate biometric to use, and shows 45 // the corresponding BiometricDialog. A requestId is returned that can be used to cancel 46 // this operation. authenticate(IBinder token, long sessionId, int userId, IBiometricServiceReceiver receiver, String opPackageName, in PromptInfo promptInfo)47 long authenticate(IBinder token, long sessionId, int userId, 48 IBiometricServiceReceiver receiver, String opPackageName, in PromptInfo promptInfo); 49 50 // Cancel authentication for the given requestId. cancelAuthentication(IBinder token, String opPackageName, long requestId)51 void cancelAuthentication(IBinder token, String opPackageName, long requestId); 52 53 // TODO(b/141025588): Make userId the first arg to be consistent with hasEnrolledBiometrics. 54 // Checks if biometrics can be used. canAuthenticate(String opPackageName, int userId, int authenticators)55 int canAuthenticate(String opPackageName, int userId, int authenticators); 56 57 // Checks if any biometrics are enrolled. hasEnrolledBiometrics(int userId, String opPackageName)58 boolean hasEnrolledBiometrics(int userId, String opPackageName); 59 60 // Register callback for when keyguard biometric eligibility changes. registerEnabledOnKeyguardCallback(IBiometricEnabledOnKeyguardCallback callback)61 void registerEnabledOnKeyguardCallback(IBiometricEnabledOnKeyguardCallback callback); 62 63 // Requests all BIOMETRIC_STRONG sensors to have their authenticatorId invalidated for the 64 // specified user. This happens when enrollments have been added on devices with multiple 65 // biometric sensors. invalidateAuthenticatorIds(int userId, int fromSensorId, IInvalidationCallback callback)66 void invalidateAuthenticatorIds(int userId, int fromSensorId, IInvalidationCallback callback); 67 68 // Get a list of AuthenticatorIDs for authenticators which have enrolled templates and meet 69 // the requirements for integrating with Keystore. The AuthenticatorID are known in Keystore 70 // land as SIDs, and are used during key generation. 71 // If userId is not equal to the calling user ID, the caller must have the 72 // USE_BIOMETRIC_INTERNAL permission. getAuthenticatorIds(in int userId)73 long[] getAuthenticatorIds(in int userId); 74 75 // See documentation in BiometricManager. resetLockoutTimeBound(IBinder token, String opPackageName, int fromSensorId, int userId, in byte[] hardwareAuthToken)76 void resetLockoutTimeBound(IBinder token, String opPackageName, int fromSensorId, int userId, 77 in byte[] hardwareAuthToken); 78 79 // Provides a localized string that may be used as the label for a button that invokes 80 // BiometricPrompt. getButtonLabel(int userId, String opPackageName, int authenticators)81 CharSequence getButtonLabel(int userId, String opPackageName, int authenticators); 82 83 // Provides a localized string that may be shown while the user is authenticating with 84 // BiometricPrompt. getPromptMessage(int userId, String opPackageName, int authenticators)85 CharSequence getPromptMessage(int userId, String opPackageName, int authenticators); 86 87 // Provides a localized string that may be shown as the title for an app setting that enables 88 // biometric authentication. getSettingName(int userId, String opPackageName, int authenticators)89 CharSequence getSettingName(int userId, String opPackageName, int authenticators); 90 } 91