Merge "Remove timeout from IFace generateChallenge" into sc-dev am: 279d9068

package android.hardware.biometrics.face;

@VintfStability

interface ISession {

  void generateChallenge(in int cookie, in int timeoutSec);

  void generateChallenge(in int cookie);

  void revokeChallenge(in int cookie, in long challenge);

  android.hardware.biometrics.common.ICancellationSignal enroll(in int cookie, in android.hardware.keymaster.HardwareAuthToken hat, in android.hardware.biometrics.face.EnrollmentType type, in android.hardware.biometrics.face.Feature[] features, in android.hardware.common.NativeHandle previewSurface);

  android.hardware.biometrics.common.ICancellationSignal authenticate(in int cookie, in long operationId);

     *      to allow addition of biometric enrollments.

     * To secure this path, the following path is taken:

     *   1) Upon user requesting face enroll, the framework requests

     *      IFace#generateChallenge

     *      ISession#generateChallenge

     *   2) Framework sends the challenge to the credential subsystem, and upon credential

     *      confirmation, a HAT is created, containing the challenge in the "challenge" field.

     *   3) Framework sends the HAT to the HAL, e.g. ISession#enroll.

     *   5) Implementation now has confidence that the user entered their credential to allow

     *      biometric enrollment.

     *

     * Note that the interface allows multiple in-flight challenges. For example, invoking

     * generateChallenge(0, 0, timeoutSec) twice does not invalidate the first challenge. The

     * challenge is invalidated only when:

     *   1) The provided timeout expires, or

     *   2) IFace#revokeChallenge is invoked

     * Note that this interface allows multiple in-flight challenges. Invoking generateChallenge

     * twice does not invalidate the first challenge. The challenge is invalidated only when:

     *   1) Its lifespan exceeds the HAL's internal challenge timeout

     *   2) IFingerprint#revokeChallenge is invoked

     *

     * For example, the following is a possible table of valid challenges:

     * ----------------------------------------------

     * ----------------------------------------------

     *

     * @param cookie A unique number identifying this operation

     * @param timeoutSec Duration for which the challenge is valid for

     */

    void generateChallenge(in int cookie, in int timeoutSec);

    void generateChallenge(in int cookie);

    /**

     * revokeChallenge:

     *

     * Before capturing face data, the implementation must first verify the authenticity and

     * integrity of the provided HardwareAuthToken. In addition, it must check that the challenge

     * within the provided HardwareAuthToken is valid. See IFace#generateChallenge. If any of

     * within the provided HardwareAuthToken is valid. See ISession#generateChallenge. If any of

     * the above checks fail, the framework must be notified via ISessionCallback#onError and the

     * HAL must notify the framework when it returns to the idle state. See

     * Error::UNABLE_TO_PROCESS.

Session::Session(std::shared_ptr<ISessionCallback> cb) : cb_(std::move(cb)) {}

ndk::ScopedAStatus Session::generateChallenge(int32_t /*cookie*/, int32_t /*timeoutSec*/) {

ndk::ScopedAStatus Session::generateChallenge(int32_t /*cookie*/) {

    LOG(INFO) << "generateChallenge";

    if (cb_) {

        cb_->onStateChanged(0, SessionState::GENERATING_CHALLENGE);

  public:

    explicit Session(std::shared_ptr<ISessionCallback> cb);

    ndk::ScopedAStatus generateChallenge(int32_t cookie, int32_t timeoutSec) override;

    ndk::ScopedAStatus generateChallenge(int32_t cookie) override;

    ndk::ScopedAStatus revokeChallenge(int32_t cookie, int64_t challenge) override;