1/* 2 * Copyright (c) 2022 Huawei Device Co., Ltd. 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 /** 17 * @addtogroup HdfUserAuth 18 * @{ 19 * 20 * @brief Provides APIs for the user auth driver. 21 * 22 * The user auth driver provides a unified interface for the user auth service to access the user auth driver. 23 24 * 25 * @since 3.2 26 */ 27 28 package ohos.hdi.user_auth.v1_0; 29 30 /** 31 * Enumerates credential type for authentication. 32 * 33 * @since 3.2 34 * @version 1.0 35 */ 36enum AuthType : int { 37 ALL = 0, /**< Indicates authentication type is ALL. */ 38 PIN = 1, /**< Indicates authentication type is PIN. */ 39 FACE = 2, /**< Indicates authentication type is face. */ 40 FINGERPRINT = 4, /**< Indicates authentication type is fingerprint. */ 41}; 42 43/** 44 * Enumerates executor role. 45 * 46 * @since 3.2 47 * @version 1.0 48 */ 49enum ExecutorRole : int { 50 COLLECTOR = 1, /**< Indicates executor role is collector. */ 51 VERIFIER = 2, /**< Indicates executor role is verifier. */ 52 ALL_IN_ONE = 3, /**< Indicates executor role is combination of collector and verifier. */ 53}; 54 55/** 56 * Enumerates executor secure level. 57 * 58 * @since 3.2 59 * @version 1.0 60 */ 61enum ExecutorSecureLevel : int { 62 ESL0 = 0, /**< Indicates executor secure level is ESL0. */ 63 ESL1 = 1, /**< Indicates executor secure level is ESL1. */ 64 ESL2 = 2, /**< Indicates executor secure level is ESL2. */ 65 ESL3 = 3, /**< Indicates executor secure level is ESL3. */ 66}; 67 68/** 69 * Pin auth's subtype. 70 * 71 * @since 3.2 72 * @version 1.0 73 */ 74enum PinSubType : int { 75 PIN_SIX = 10000, /**< Indicates 6 digit pin. */ 76 PIN_NUMBER = 10001, /**< Indicates digit pin. */ 77 PIN_MIX = 10002, /**< Indicates mixing pin. */ 78}; 79 80/** 81 * Schedule mode. 82 * 83 * @since 3.2 84 * @version 1.0 85 */ 86enum ScheduleMode : int { 87 ENROLL = 0, /**< Indicates schedule mode is enrollment. */ 88 AUTH = 1, /**< Indicates schedule mode is authentication. */ 89 IDENTIFY = 2, /**< Indicates schedule mode is identification. */ 90}; 91 92struct ExecutorRegisterInfo { 93 enum AuthType authType; /**< Indicates authentication type, see @{AuthType}. */ 94 enum ExecutorRole executorRole; /**< Indicates executor role, see @{ExecutorRole}. */ 95 unsigned int executorSensorHint; /**< Indicates executor sensor hint under the same authentication type, 0 is not allowed. */ 96 unsigned int executorMatcher; /**< Indicates executor matcher. */ 97 enum ExecutorSecureLevel esl; /**< Indicates executor secure level, see @{ExecutorSecureLevel}. */ 98 unsigned char[] publicKey; /**< Indicates publicKey. */ 99}; 100 101struct ExecutorInfo { 102 unsigned long executorIndex; /**< Indicates executor index under the authentication frameworks. */ 103 struct ExecutorRegisterInfo info; /**< Indicates executor registration information, see @{ExecutorRegisterInfo}. */ 104}; 105 106struct ScheduleInfo { 107 unsigned long scheduleId; /**< Indicates schedule id of authentication. */ 108 unsigned long[] templateIds; /**< Indicates the templates to authenticate. */ 109 enum AuthType authType; /**< Indicates authentication type, see @{AuthType}. */ 110 unsigned int executorMatcher; /**< Indicates executor matcher. */ 111 enum ScheduleMode scheduleMode; /**< Indicates schedule mode, see @{ScheduleMode}. */ 112 struct ExecutorInfo[] executors; /**< Indicates executor information, see @{ExecutorInfo}. */ 113}; 114 115struct AuthSolution { 116 int userId; /**< Indicates user id. */ 117 unsigned int authTrustLevel; /**< Indicates authentication trust level of authentication. */ 118 enum AuthType authType; /**< Indicates authentication type, see @{AuthType}. */ 119 unsigned int executorSensorHint; /**< Indicates executor sensor hint, 0 indicates that no value is specified. */ 120 unsigned char[] challenge; /**< Indicates challenge of authentication. */ 121}; 122 123struct ExecutorSendMsg { 124 unsigned long executorIndex; /**< Indicates executor index under the authentication frameworks. */ 125 int commandId; /**< Indicates command id. */ 126 unsigned char[] msg; /**< Indicates executor msg to send. */ 127}; 128 129struct AuthResultInfo { 130 int result; /**< Indicates result. */ 131 int lockoutDuration; /**< Indicates lockout duration in seconds. */ 132 int remainAttempts; /**< Indicates remaining authentication times before a lockout. */ 133 struct ExecutorSendMsg[] msgs; /**< Indicates executor msgs, see @{ExecutorSendMsg}. */ 134 unsigned char[] token; /**< Indicates authentication token. */ 135 unsigned char[] rootSecret; /**< Indicates protection key for user file key. */ 136}; 137 138struct IdentifyResultInfo { 139 int result; /**< Indicates result. */ 140 int userId; /**< Indicates user id. */ 141 unsigned char[] token; /**< Indicates identification token. */ 142}; 143 144struct EnrollParam { 145 enum AuthType authType; /**< Indicates authentication type, see @{AuthType}. */ 146 unsigned int executorSensorHint; /**< Indicates executor sensor hint, 0 indicates that no value is specified. */ 147}; 148 149struct CredentialInfo { 150 unsigned long credentialId; /**< Indicates credential Id. */ 151 unsigned long executorIndex; /**< Indicates executor index under the authentication frameworks. */ 152 unsigned long templateId; /**< Indicates template Id. */ 153 enum AuthType authType; /**< Indicates authentication type, see @{AuthType}. */ 154 unsigned int executorMatcher; /**< Indicates executor matcher. */ 155 unsigned int executorSensorHint; /**< Indicates executor sensor hint under the same authentication type. */ 156}; 157 158struct EnrolledInfo { 159 unsigned long enrolledId; /**< Indicates enrolled id. */ 160 enum AuthType authType; /**< Indicates authentication type, see @{AuthType}. */ 161}; 162 163struct EnrollResultInfo { 164 unsigned long credentialId; /**< Indicates credential id. */ 165 struct CredentialInfo oldInfo; /**< Indicates old credential information, see {@link CredentialInfo}. */ 166 unsigned char[] rootSecret; /**< Indicates protection key for user file key. */ 167};