1 /* 2 * Copyright (C) 2019 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package android.hardware.biometrics; 18 19 import android.hardware.biometrics.IBiometricEnabledOnKeyguardCallback; 20 import android.hardware.biometrics.IBiometricServiceReceiver; 21 import android.hardware.biometrics.IInvalidationCallback; 22 import android.hardware.biometrics.ITestSession; 23 import android.hardware.biometrics.ITestSessionCallback; 24 import android.hardware.biometrics.PromptInfo; 25 import android.hardware.biometrics.SensorPropertiesInternal; 26 27 /** 28 * Communication channel from BiometricPrompt and BiometricManager to AuthService. The 29 * interface does not expose specific biometric modalities. The system will use the default 30 * biometric for apps. On devices with more than one, the choice is dictated by user preference in 31 * Settings. 32 * @hide 33 */ 34 interface IAuthService { 35 // Creates a test session with the specified sensorId 36 @EnforcePermission("TEST_BIOMETRIC") createTestSession(int sensorId, ITestSessionCallback callback, String opPackageName)37 ITestSession createTestSession(int sensorId, ITestSessionCallback callback, String opPackageName); 38 39 // Retrieve static sensor properties for all biometric sensors 40 @EnforcePermission("TEST_BIOMETRIC") getSensorProperties(String opPackageName)41 List<SensorPropertiesInternal> getSensorProperties(String opPackageName); 42 43 // Retrieve the package where BIometricOrompt's UI is implemented 44 @EnforcePermission("TEST_BIOMETRIC") getUiPackage()45 String getUiPackage(); 46 47 // Requests authentication. The service chooses the appropriate biometric to use, and shows 48 // the corresponding BiometricDialog. A requestId is returned that can be used to cancel 49 // this operation. authenticate(IBinder token, long sessionId, int userId, IBiometricServiceReceiver receiver, String opPackageName, in PromptInfo promptInfo)50 long authenticate(IBinder token, long sessionId, int userId, 51 IBiometricServiceReceiver receiver, String opPackageName, in PromptInfo promptInfo); 52 53 // Cancel authentication for the given requestId. cancelAuthentication(IBinder token, String opPackageName, long requestId)54 void cancelAuthentication(IBinder token, String opPackageName, long requestId); 55 56 // TODO(b/141025588): Make userId the first arg to be consistent with hasEnrolledBiometrics. 57 // Checks if biometrics can be used. canAuthenticate(String opPackageName, int userId, int authenticators)58 int canAuthenticate(String opPackageName, int userId, int authenticators); 59 60 // Checks if any biometrics are enrolled. hasEnrolledBiometrics(int userId, String opPackageName)61 boolean hasEnrolledBiometrics(int userId, String opPackageName); 62 63 // Register callback for when keyguard biometric eligibility changes. registerEnabledOnKeyguardCallback(IBiometricEnabledOnKeyguardCallback callback)64 void registerEnabledOnKeyguardCallback(IBiometricEnabledOnKeyguardCallback callback); 65 66 // Requests all BIOMETRIC_STRONG sensors to have their authenticatorId invalidated for the 67 // specified user. This happens when enrollments have been added on devices with multiple 68 // biometric sensors. invalidateAuthenticatorIds(int userId, int fromSensorId, IInvalidationCallback callback)69 void invalidateAuthenticatorIds(int userId, int fromSensorId, IInvalidationCallback callback); 70 71 // Get a list of AuthenticatorIDs for authenticators which have enrolled templates and meet 72 // the requirements for integrating with Keystore. The AuthenticatorID are known in Keystore 73 // land as SIDs, and are used during key generation. 74 // If userId is not equal to the calling user ID, the caller must have the 75 // USE_BIOMETRIC_INTERNAL permission. getAuthenticatorIds(in int userId)76 long[] getAuthenticatorIds(in int userId); 77 78 // See documentation in BiometricManager. resetLockoutTimeBound(IBinder token, String opPackageName, int fromSensorId, int userId, in byte[] hardwareAuthToken)79 void resetLockoutTimeBound(IBinder token, String opPackageName, int fromSensorId, int userId, 80 in byte[] hardwareAuthToken); 81 82 // See documentation in BiometricManager. resetLockout(int userId, in byte[] hardwareAuthToken)83 void resetLockout(int userId, in byte[] hardwareAuthToken); 84 85 // Provides a localized string that may be used as the label for a button that invokes 86 // BiometricPrompt. getButtonLabel(int userId, String opPackageName, int authenticators)87 CharSequence getButtonLabel(int userId, String opPackageName, int authenticators); 88 89 // Provides a localized string that may be shown while the user is authenticating with 90 // BiometricPrompt. getPromptMessage(int userId, String opPackageName, int authenticators)91 CharSequence getPromptMessage(int userId, String opPackageName, int authenticators); 92 93 // Provides a localized string that may be shown as the title for an app setting that enables 94 // biometric authentication. getSettingName(int userId, String opPackageName, int authenticators)95 CharSequence getSettingName(int userId, String opPackageName, int authenticators); 96 } 97