1 /*
2  * Copyright (C) 2018 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 package android.hardware.face;
17 
18 import android.hardware.biometrics.IBiometricSensorReceiver;
19 import android.hardware.biometrics.IBiometricServiceLockoutResetCallback;
20 import android.hardware.biometrics.IInvalidationCallback;
21 import android.hardware.biometrics.ITestSession;
22 import android.hardware.biometrics.ITestSessionCallback;
23 import android.hardware.face.IFaceServiceReceiver;
24 import android.hardware.face.Face;
25 import android.hardware.face.FaceSensorPropertiesInternal;
26 import android.view.Surface;
27 
28 /**
29  * Communication channel from client to the face service. These methods are all require the
30  * MANAGE_BIOMETRIC signature permission.
31  * @hide
32  */
33 interface IFaceService {
34 
35     // Creates a test session with the specified sensorId
createTestSession(int sensorId, ITestSessionCallback callback, String opPackageName)36     ITestSession createTestSession(int sensorId, ITestSessionCallback callback, String opPackageName);
37 
38     // Requests a proto dump of the specified sensor
dumpSensorServiceStateProto(int sensorId, boolean clearSchedulerBuffer)39     byte[] dumpSensorServiceStateProto(int sensorId, boolean clearSchedulerBuffer);
40 
41     // Retrieve static sensor properties for all face sensors
getSensorPropertiesInternal(String opPackageName)42     List<FaceSensorPropertiesInternal> getSensorPropertiesInternal(String opPackageName);
43 
44     // Retrieve static sensor properties for the specified sensor
getSensorProperties(int sensorId, String opPackageName)45     FaceSensorPropertiesInternal getSensorProperties(int sensorId, String opPackageName);
46 
47     // Authenticate with a face. A requestId is returned that can be used to cancel this operation.
authenticate(IBinder token, long operationId, int userId, IFaceServiceReceiver receiver, String opPackageName, boolean isKeyguardBypassEnabled)48     long authenticate(IBinder token, long operationId, int userId, IFaceServiceReceiver receiver,
49             String opPackageName, boolean isKeyguardBypassEnabled);
50 
51     // Uses the face hardware to detect for the presence of a face, without giving details
52     // about accept/reject/lockout. A requestId is returned that can be used to cancel this
53     // operation.
detectFace(IBinder token, int userId, IFaceServiceReceiver receiver, String opPackageName)54     long detectFace(IBinder token, int userId, IFaceServiceReceiver receiver, String opPackageName);
55 
56     // This method prepares the service to start authenticating, but doesn't start authentication.
57     // This is protected by the MANAGE_BIOMETRIC signatuer permission. This method should only be
58     // called from BiometricService. The additional uid, pid, userId arguments should be determined
59     // by BiometricService. To start authentication after the clients are ready, use
60     // startPreparedClient().
prepareForAuthentication(int sensorId, boolean requireConfirmation, IBinder token, long operationId, int userId, IBiometricSensorReceiver sensorReceiver, String opPackageName, long requestId, int cookie, boolean allowBackgroundAuthentication)61     void prepareForAuthentication(int sensorId, boolean requireConfirmation, IBinder token,
62             long operationId, int userId, IBiometricSensorReceiver sensorReceiver,
63             String opPackageName, long requestId, int cookie,
64             boolean allowBackgroundAuthentication);
65 
66     // Starts authentication with the previously prepared client.
startPreparedClient(int sensorId, int cookie)67     void startPreparedClient(int sensorId, int cookie);
68 
69     // Cancel authentication for the given requestId.
cancelAuthentication(IBinder token, String opPackageName, long requestId)70     void cancelAuthentication(IBinder token, String opPackageName, long requestId);
71 
72     // Cancel face detection for the given requestId.
cancelFaceDetect(IBinder token, String opPackageName, long requestId)73     void cancelFaceDetect(IBinder token, String opPackageName, long requestId);
74 
75     // Same as above, with extra arguments.
cancelAuthenticationFromService(int sensorId, IBinder token, String opPackageName, long requestId)76     void cancelAuthenticationFromService(int sensorId, IBinder token, String opPackageName, long requestId);
77 
78     // Start face enrollment
enroll(int userId, IBinder token, in byte [] hardwareAuthToken, IFaceServiceReceiver receiver, String opPackageName, in int [] disabledFeatures, in Surface previewSurface, boolean debugConsent)79     long enroll(int userId, IBinder token, in byte [] hardwareAuthToken, IFaceServiceReceiver receiver,
80             String opPackageName, in int [] disabledFeatures,
81             in Surface previewSurface, boolean debugConsent);
82 
83     // Start remote face enrollment
enrollRemotely(int userId, IBinder token, in byte [] hardwareAuthToken, IFaceServiceReceiver receiver, String opPackageName, in int [] disabledFeatures)84     long enrollRemotely(int userId, IBinder token, in byte [] hardwareAuthToken, IFaceServiceReceiver receiver,
85             String opPackageName, in int [] disabledFeatures);
86 
87     // Cancel enrollment in progress
cancelEnrollment(IBinder token, long requestId)88     void cancelEnrollment(IBinder token, long requestId);
89 
90     // Removes the specified face enrollment for the specified userId.
remove(IBinder token, int faceId, int userId, IFaceServiceReceiver receiver, String opPackageName)91     void remove(IBinder token, int faceId, int userId, IFaceServiceReceiver receiver,
92             String opPackageName);
93 
94     // Removes all face enrollments for the specified userId.
removeAll(IBinder token, int userId, IFaceServiceReceiver receiver, String opPackageName)95     void removeAll(IBinder token, int userId, IFaceServiceReceiver receiver, String opPackageName);
96 
97     // Get the enrolled face for user.
getEnrolledFaces(int sensorId, int userId, String opPackageName)98     List<Face> getEnrolledFaces(int sensorId, int userId, String opPackageName);
99 
100     // Determine if HAL is loaded and ready
isHardwareDetected(int sensorId, String opPackageName)101     boolean isHardwareDetected(int sensorId, String opPackageName);
102 
103     // Get a pre-enrollment authentication token
generateChallenge(IBinder token, int sensorId, int userId, IFaceServiceReceiver receiver, String opPackageName)104     void generateChallenge(IBinder token, int sensorId, int userId, IFaceServiceReceiver receiver, String opPackageName);
105 
106     // Finish an enrollment sequence and invalidate the authentication token
revokeChallenge(IBinder token, int sensorId, int userId, String opPackageName, long challenge)107     void revokeChallenge(IBinder token, int sensorId, int userId, String opPackageName, long challenge);
108 
109     // Determine if a user has at least one enrolled face
hasEnrolledFaces(int sensorId, int userId, String opPackageName)110     boolean hasEnrolledFaces(int sensorId, int userId, String opPackageName);
111 
112     // Return the LockoutTracker status for the specified user
getLockoutModeForUser(int sensorId, int userId)113     int getLockoutModeForUser(int sensorId, int userId);
114 
115     // Requests for the specified sensor+userId's authenticatorId to be invalidated
invalidateAuthenticatorId(int sensorId, int userId, IInvalidationCallback callback)116     void invalidateAuthenticatorId(int sensorId, int userId, IInvalidationCallback callback);
117 
118     // Gets the authenticator ID for face
getAuthenticatorId(int sensorId, int callingUserId)119     long getAuthenticatorId(int sensorId, int callingUserId);
120 
121     // Reset the lockout when user authenticates with strong auth (e.g. PIN, pattern or password)
resetLockout(IBinder token, int sensorId, int userId, in byte [] hardwareAuthToken, String opPackageName)122     void resetLockout(IBinder token, int sensorId, int userId, in byte [] hardwareAuthToken, String opPackageName);
123 
124     // Add a callback which gets notified when the face lockout period expired.
addLockoutResetCallback(IBiometricServiceLockoutResetCallback callback, String opPackageName)125     void addLockoutResetCallback(IBiometricServiceLockoutResetCallback callback, String opPackageName);
126 
setFeature(IBinder token, int userId, int feature, boolean enabled, in byte [] hardwareAuthToken, IFaceServiceReceiver receiver, String opPackageName)127     void setFeature(IBinder token, int userId, int feature, boolean enabled,
128             in byte [] hardwareAuthToken, IFaceServiceReceiver receiver, String opPackageName);
129 
getFeature(IBinder token, int userId, int feature, IFaceServiceReceiver receiver, String opPackageName)130     void getFeature(IBinder token, int userId, int feature, IFaceServiceReceiver receiver,
131             String opPackageName);
132 
133     // Registers all HIDL and AIDL sensors. Only HIDL sensor properties need to be provided, because
134     // AIDL sensor properties are retrieved directly from the available HALs. If no HIDL HALs exist,
135     // hidlSensors must be non-null and empty. See AuthService.java
registerAuthenticators(in List<FaceSensorPropertiesInternal> hidlSensors)136     void registerAuthenticators(in List<FaceSensorPropertiesInternal> hidlSensors);
137 }
138