1 /* 2 * Copyright (C) 2018 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 package android.hardware.face; 17 18 import android.hardware.biometrics.IBiometricSensorReceiver; 19 import android.hardware.biometrics.IBiometricServiceLockoutResetCallback; 20 import android.hardware.biometrics.IInvalidationCallback; 21 import android.hardware.biometrics.ITestSession; 22 import android.hardware.biometrics.ITestSessionCallback; 23 import android.hardware.face.IFaceServiceReceiver; 24 import android.hardware.face.Face; 25 import android.hardware.face.FaceSensorPropertiesInternal; 26 import android.view.Surface; 27 28 /** 29 * Communication channel from client to the face service. These methods are all require the 30 * MANAGE_BIOMETRIC signature permission. 31 * @hide 32 */ 33 interface IFaceService { 34 35 // Creates a test session with the specified sensorId createTestSession(int sensorId, ITestSessionCallback callback, String opPackageName)36 ITestSession createTestSession(int sensorId, ITestSessionCallback callback, String opPackageName); 37 38 // Requests a proto dump of the specified sensor dumpSensorServiceStateProto(int sensorId, boolean clearSchedulerBuffer)39 byte[] dumpSensorServiceStateProto(int sensorId, boolean clearSchedulerBuffer); 40 41 // Retrieve static sensor properties for all face sensors getSensorPropertiesInternal(String opPackageName)42 List<FaceSensorPropertiesInternal> getSensorPropertiesInternal(String opPackageName); 43 44 // Retrieve static sensor properties for the specified sensor getSensorProperties(int sensorId, String opPackageName)45 FaceSensorPropertiesInternal getSensorProperties(int sensorId, String opPackageName); 46 47 // Authenticate the given sessionId with a face authenticate(IBinder token, long operationId, int userId, IFaceServiceReceiver receiver, String opPackageName, boolean isKeyguardBypassEnabled)48 void authenticate(IBinder token, long operationId, int userId, IFaceServiceReceiver receiver, 49 String opPackageName, boolean isKeyguardBypassEnabled); 50 51 // Uses the face hardware to detect for the presence of a face, without giving details 52 // about accept/reject/lockout. detectFace(IBinder token, int userId, IFaceServiceReceiver receiver, String opPackageName)53 void detectFace(IBinder token, int userId, IFaceServiceReceiver receiver, String opPackageName); 54 55 // This method prepares the service to start authenticating, but doesn't start authentication. 56 // This is protected by the MANAGE_BIOMETRIC signatuer permission. This method should only be 57 // called from BiometricService. The additional uid, pid, userId arguments should be determined 58 // by BiometricService. To start authentication after the clients are ready, use 59 // startPreparedClient(). prepareForAuthentication(int sensorId, boolean requireConfirmation, IBinder token, long operationId, int userId, IBiometricSensorReceiver sensorReceiver, String opPackageName, int cookie, boolean allowBackgroundAuthentication)60 void prepareForAuthentication(int sensorId, boolean requireConfirmation, IBinder token, long operationId, 61 int userId, IBiometricSensorReceiver sensorReceiver, String opPackageName, 62 int cookie, boolean allowBackgroundAuthentication); 63 64 // Starts authentication with the previously prepared client. startPreparedClient(int sensorId, int cookie)65 void startPreparedClient(int sensorId, int cookie); 66 67 // Cancel authentication for the given sessionId cancelAuthentication(IBinder token, String opPackageName)68 void cancelAuthentication(IBinder token, String opPackageName); 69 70 // Cancel face detection cancelFaceDetect(IBinder token, String opPackageName)71 void cancelFaceDetect(IBinder token, String opPackageName); 72 73 // Same as above, with extra arguments. cancelAuthenticationFromService(int sensorId, IBinder token, String opPackageName)74 void cancelAuthenticationFromService(int sensorId, IBinder token, String opPackageName); 75 76 // Start face enrollment enroll(int userId, IBinder token, in byte [] hardwareAuthToken, IFaceServiceReceiver receiver, String opPackageName, in int [] disabledFeatures, in Surface previewSurface, boolean debugConsent)77 void enroll(int userId, IBinder token, in byte [] hardwareAuthToken, IFaceServiceReceiver receiver, 78 String opPackageName, in int [] disabledFeatures, in Surface previewSurface, boolean debugConsent); 79 80 // Start remote face enrollment enrollRemotely(int userId, IBinder token, in byte [] hardwareAuthToken, IFaceServiceReceiver receiver, String opPackageName, in int [] disabledFeatures)81 void enrollRemotely(int userId, IBinder token, in byte [] hardwareAuthToken, IFaceServiceReceiver receiver, 82 String opPackageName, in int [] disabledFeatures); 83 84 // Cancel enrollment in progress cancelEnrollment(IBinder token)85 void cancelEnrollment(IBinder token); 86 87 // Removes the specified face enrollment for the specified userId. remove(IBinder token, int faceId, int userId, IFaceServiceReceiver receiver, String opPackageName)88 void remove(IBinder token, int faceId, int userId, IFaceServiceReceiver receiver, 89 String opPackageName); 90 91 // Removes all face enrollments for the specified userId. removeAll(IBinder token, int userId, IFaceServiceReceiver receiver, String opPackageName)92 void removeAll(IBinder token, int userId, IFaceServiceReceiver receiver, String opPackageName); 93 94 // Get the enrolled face for user. getEnrolledFaces(int sensorId, int userId, String opPackageName)95 List<Face> getEnrolledFaces(int sensorId, int userId, String opPackageName); 96 97 // Determine if HAL is loaded and ready isHardwareDetected(int sensorId, String opPackageName)98 boolean isHardwareDetected(int sensorId, String opPackageName); 99 100 // Get a pre-enrollment authentication token generateChallenge(IBinder token, int sensorId, int userId, IFaceServiceReceiver receiver, String opPackageName)101 void generateChallenge(IBinder token, int sensorId, int userId, IFaceServiceReceiver receiver, String opPackageName); 102 103 // Finish an enrollment sequence and invalidate the authentication token revokeChallenge(IBinder token, int sensorId, int userId, String opPackageName, long challenge)104 void revokeChallenge(IBinder token, int sensorId, int userId, String opPackageName, long challenge); 105 106 // Determine if a user has at least one enrolled face hasEnrolledFaces(int sensorId, int userId, String opPackageName)107 boolean hasEnrolledFaces(int sensorId, int userId, String opPackageName); 108 109 // Return the LockoutTracker status for the specified user getLockoutModeForUser(int sensorId, int userId)110 int getLockoutModeForUser(int sensorId, int userId); 111 112 // Requests for the specified sensor+userId's authenticatorId to be invalidated invalidateAuthenticatorId(int sensorId, int userId, IInvalidationCallback callback)113 void invalidateAuthenticatorId(int sensorId, int userId, IInvalidationCallback callback); 114 115 // Gets the authenticator ID for face getAuthenticatorId(int sensorId, int callingUserId)116 long getAuthenticatorId(int sensorId, int callingUserId); 117 118 // Reset the lockout when user authenticates with strong auth (e.g. PIN, pattern or password) resetLockout(IBinder token, int sensorId, int userId, in byte [] hardwareAuthToken, String opPackageName)119 void resetLockout(IBinder token, int sensorId, int userId, in byte [] hardwareAuthToken, String opPackageName); 120 121 // Add a callback which gets notified when the face lockout period expired. addLockoutResetCallback(IBiometricServiceLockoutResetCallback callback, String opPackageName)122 void addLockoutResetCallback(IBiometricServiceLockoutResetCallback callback, String opPackageName); 123 setFeature(IBinder token, int userId, int feature, boolean enabled, in byte [] hardwareAuthToken, IFaceServiceReceiver receiver, String opPackageName)124 void setFeature(IBinder token, int userId, int feature, boolean enabled, 125 in byte [] hardwareAuthToken, IFaceServiceReceiver receiver, String opPackageName); 126 getFeature(IBinder token, int userId, int feature, IFaceServiceReceiver receiver, String opPackageName)127 void getFeature(IBinder token, int userId, int feature, IFaceServiceReceiver receiver, 128 String opPackageName); 129 130 // Registers all HIDL and AIDL sensors. Only HIDL sensor properties need to be provided, because 131 // AIDL sensor properties are retrieved directly from the available HALs. If no HIDL HALs exist, 132 // hidlSensors must be non-null and empty. See AuthService.java registerAuthenticators(in List<FaceSensorPropertiesInternal> hidlSensors)133 void registerAuthenticators(in List<FaceSensorPropertiesInternal> hidlSensors); 134 } 135