Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / frameworks / base / 80db9baf9766dc40f9d1b6bf60797ee5cc64a48c / . / services / core / java / com / android / server / fingerprint / FingerprintService.java
blob: 0faccc634afae00ca52dc6211f735128b7f5c228 [file] [log] [blame]
Jim Millera75961472014-06-06 15:00:49 -0700[diff] [blame]1/**
2 * Copyright (C) 2014 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17package com.android.server.fingerprint;
18
Sasha Levitskiy80db9ba2015-05-08 14:31:48 -0700[diff] [blame^]19import android.app.ActivityManager;
Svetoslav4af76a52015-04-29 15:29:46 -0700[diff] [blame]20import android.app.AppOpsManager;
Jim Miller9f0753f2015-03-23 23:59:22 -0700[diff] [blame]21import android.content.ContentResolver;
Jim Millera75961472014-06-06 15:00:49 -0700[diff] [blame]22import android.content.Context;
Svetoslav4af76a52015-04-29 15:29:46 -0700[diff] [blame]23import android.os.Binder;
Sasha Levitskiy80db9ba2015-05-08 14:31:48 -0700[diff] [blame^]24import android.os.Environment;
Jim Millera75961472014-06-06 15:00:49 -0700[diff] [blame]25import android.os.Handler;
26import android.os.IBinder;
Jim Millerba67aee2015-02-20 16:21:26 -0800[diff] [blame]27import android.os.Looper;
28import android.os.MessageQueue;
Jim Millera75961472014-06-06 15:00:49 -0700[diff] [blame]29import android.os.RemoteException;
Jim Millera75961472014-06-06 15:00:49 -0700[diff] [blame]30import android.util.Slog;
31
32import com.android.server.SystemService;
33
Jim Millerebbf2052015-03-31 17:24:34 -0700[diff] [blame]34import android.hardware.fingerprint.FingerprintUtils;
35import android.hardware.fingerprint.Fingerprint;
36import android.hardware.fingerprint.FingerprintManager;
37import android.hardware.fingerprint.IFingerprintService;
38import android.hardware.fingerprint.IFingerprintServiceReceiver;
Jim Miller9f0753f2015-03-23 23:59:22 -0700[diff] [blame]39
Jim Millerba67aee2015-02-20 16:21:26 -0800[diff] [blame]40import static android.Manifest.permission.MANAGE_FINGERPRINT;
41import static android.Manifest.permission.USE_FINGERPRINT;
Jim Millera75961472014-06-06 15:00:49 -0700[diff] [blame]42
Sasha Levitskiy80db9ba2015-05-08 14:31:48 -0700[diff] [blame^]43import java.io.File;
Jim Miller9f0753f2015-03-23 23:59:22 -0700[diff] [blame]44import java.util.ArrayList;
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]45import java.util.Arrays;
Svetoslav4af76a52015-04-29 15:29:46 -0700[diff] [blame]46import java.util.Collections;
Jim Miller9f0753f2015-03-23 23:59:22 -0700[diff] [blame]47import java.util.List;
Jim Millera75961472014-06-06 15:00:49 -0700[diff] [blame]48
49/**
50 * A service to manage multiple clients that want to access the fingerprint HAL API.
51 * The service is responsible for maintaining a list of clients and dispatching all
52 * fingerprint -related events.
53 *
54 * @hide
55 */
56public class FingerprintService extends SystemService {
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]57 private static final String TAG = "FingerprintService";
Jim Millera75961472014-06-06 15:00:49 -0700[diff] [blame]58 private static final boolean DEBUG = true;
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]59 private ClientMonitor mAuthClient = null;
60 private ClientMonitor mEnrollClient = null;
61 private ClientMonitor mRemoveClient = null;
Jim Millera75961472014-06-06 15:00:49 -0700[diff] [blame]62
Svetoslav4af76a52015-04-29 15:29:46 -0700[diff] [blame]63 private final AppOpsManager mAppOps;
64
Jim Millera75961472014-06-06 15:00:49 -0700[diff] [blame]65 private static final int MSG_NOTIFY = 10;
66
Jim Miller9f0753f2015-03-23 23:59:22 -0700[diff] [blame]67 private static final int ENROLLMENT_TIMEOUT_MS = 60 * 1000; // 1 minute
68
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]69 // Message types. Used internally to dispatch messages to the correct callback.
70 // Must agree with the list in fingerprint.h
71 private static final int FINGERPRINT_ERROR = -1;
72 private static final int FINGERPRINT_ACQUIRED = 1;
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]73 private static final int FINGERPRINT_TEMPLATE_ENROLLING = 3;
74 private static final int FINGERPRINT_TEMPLATE_REMOVED = 4;
75 private static final int FINGERPRINT_AUTHENTICATED = 5;
Jim Milleraf281ca2015-04-20 19:04:21 -0700[diff] [blame]76 private static final long MS_PER_SEC = 1000;
77 private static final long FAIL_LOCKOUT_TIMEOUT_MS = 30*1000;
78 private static final int MAX_FAILED_ATTEMPTS = 5;
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]79
Jim Millera75961472014-06-06 15:00:49 -0700[diff] [blame]80 Handler mHandler = new Handler() {
81 public void handleMessage(android.os.Message msg) {
82 switch (msg.what) {
83 case MSG_NOTIFY:
Jim Miller9f0753f2015-03-23 23:59:22 -0700[diff] [blame]84 FpHalMsg m = (FpHalMsg) msg.obj;
85 handleNotify(m.type, m.arg1, m.arg2, m.arg3);
Jim Millera75961472014-06-06 15:00:49 -0700[diff] [blame]86 break;
87
88 default:
89 Slog.w(TAG, "Unknown message:" + msg.what);
90 }
91 }
92 };
93 private Context mContext;
Jim Millerba67aee2015-02-20 16:21:26 -0800[diff] [blame]94 private int mHalDeviceId;
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]95 private int mFailedAttempts;
96 private final Runnable mLockoutReset = new Runnable() {
97 @Override
98 public void run() {
99 resetFailedAttempts();
100 }
101 };
Jim Millera75961472014-06-06 15:00:49 -0700[diff] [blame]102
Jim Millera75961472014-06-06 15:00:49 -0700[diff] [blame]103 public FingerprintService(Context context) {
104 super(context);
105 mContext = context;
Svetoslav4af76a52015-04-29 15:29:46 -0700[diff] [blame]106 mAppOps = context.getSystemService(AppOpsManager.class);
Jim Millerba67aee2015-02-20 16:21:26 -0800[diff] [blame]107 nativeInit(Looper.getMainLooper().getQueue(), this);
Jim Millera75961472014-06-06 15:00:49 -0700[diff] [blame]108 }
109
110 // TODO: Move these into separate process
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]111 // JNI methods to communicate from FingerprintService to HAL
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]112 static native int nativeEnroll(byte [] token, int groupId, int timeout);
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]113 static native long nativePreEnroll();
114 static native int nativeStopEnrollment();
Jim Miller9f0753f2015-03-23 23:59:22 -0700[diff] [blame]115 static native int nativeAuthenticate(long sessionId, int groupId);
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]116 static native int nativeStopAuthentication();
Jim Miller9f0753f2015-03-23 23:59:22 -0700[diff] [blame]117 static native int nativeRemove(int fingerId, int groupId);
Jim Millerba67aee2015-02-20 16:21:26 -0800[diff] [blame]118 static native int nativeOpenHal();
119 static native int nativeCloseHal();
120 static native void nativeInit(MessageQueue queue, FingerprintService service);
Andres Morales4d41a202015-04-16 14:12:38 -0700[diff] [blame]121 static native long nativeGetAuthenticatorId();
Sasha Levitskiy80db9ba2015-05-08 14:31:48 -0700[diff] [blame^]122 static native int nativeSetActiveGroup(int gid, byte[] storePath);
Jim Millera75961472014-06-06 15:00:49 -0700[diff] [blame]123
Jim Miller9f0753f2015-03-23 23:59:22 -0700[diff] [blame]124 static final class FpHalMsg {
125 int type; // Type of the message. One of the constants in fingerprint.h
126 int arg1; // optional arguments
127 int arg2;
128 int arg3;
129
130 FpHalMsg(int type, int arg1, int arg2, int arg3) {
131 this.type = type;
132 this.arg1 = arg1;
133 this.arg2 = arg2;
134 this.arg3 = arg3;
135 }
Jim Millera75961472014-06-06 15:00:49 -0700[diff] [blame]136 }
137
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]138 /**
139 * Called from JNI to communicate messages from fingerprint HAL.
140 */
Jim Miller9f0753f2015-03-23 23:59:22 -0700[diff] [blame]141 void notify(int type, int arg1, int arg2, int arg3) {
142 mHandler.obtainMessage(MSG_NOTIFY, new FpHalMsg(type, arg1, arg2, arg3)).sendToTarget();
143 }
144
145 void handleNotify(int type, int arg1, int arg2, int arg3) {
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]146 Slog.v(TAG, "handleNotify(type=" + type + ", arg1=" + arg1 + ", arg2=" + arg2 + ")"
147 + ", mAuthClients = " + mAuthClient + ", mEnrollClient = " + mEnrollClient);
148 if (mEnrollClient != null) {
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]149 final IBinder token = mEnrollClient.token;
Jim Miller13041372015-04-16 14:48:55 -0700[diff] [blame]150 if (dispatchNotify(mEnrollClient, type, arg1, arg2, arg3)) {
151 stopEnrollment(token, false);
152 removeClient(mEnrollClient);
Jim Millera75961472014-06-06 15:00:49 -0700[diff] [blame]153 }
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]154 }
155 if (mAuthClient != null) {
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]156 final IBinder token = mAuthClient.token;
Jim Miller13041372015-04-16 14:48:55 -0700[diff] [blame]157 if (dispatchNotify(mAuthClient, type, arg1, arg2, arg3)) {
158 stopAuthentication(token, false);
159 removeClient(mAuthClient);
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]160 }
161 }
162 if (mRemoveClient != null) {
Jim Miller13041372015-04-16 14:48:55 -0700[diff] [blame]163 if (dispatchNotify(mRemoveClient, type, arg1, arg2, arg3)) {
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]164 removeClient(mRemoveClient);
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]165 }
166 }
167 }
168
Jim Miller13041372015-04-16 14:48:55 -0700[diff] [blame]169 /*
170 * Dispatch notify events to clients.
171 *
172 * @return true if the operation is done, i.e. authentication completed
173 */
174 boolean dispatchNotify(ClientMonitor clientMonitor, int type, int arg1, int arg2, int arg3) {
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]175 ContentResolver contentResolver = mContext.getContentResolver();
176 boolean operationCompleted = false;
Jim Miller13041372015-04-16 14:48:55 -0700[diff] [blame]177 int fpId;
178 int groupId;
179 int remaining;
180 int acquireInfo;
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]181 switch (type) {
182 case FINGERPRINT_ERROR:
Jim Miller13041372015-04-16 14:48:55 -0700[diff] [blame]183 fpId = arg1;
184 operationCompleted = clientMonitor.sendError(fpId);
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]185 break;
186 case FINGERPRINT_ACQUIRED:
Jim Miller13041372015-04-16 14:48:55 -0700[diff] [blame]187 acquireInfo = arg1;
188 operationCompleted = clientMonitor.sendAcquired(acquireInfo);
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]189 break;
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]190 case FINGERPRINT_AUTHENTICATED:
Jim Miller13041372015-04-16 14:48:55 -0700[diff] [blame]191 fpId = arg1;
192 groupId = arg2;
193 operationCompleted = clientMonitor.sendAuthenticated(fpId, groupId);
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]194 break;
195 case FINGERPRINT_TEMPLATE_ENROLLING:
Jim Miller13041372015-04-16 14:48:55 -0700[diff] [blame]196 fpId = arg1;
197 groupId = arg2;
198 remaining = arg3;
199 operationCompleted = clientMonitor.sendEnrollResult(fpId, groupId, remaining);
200 if (remaining == 0) {
201 addTemplateForUser(clientMonitor, contentResolver, fpId);
202 operationCompleted = true; // enroll completed
Jim Millera75961472014-06-06 15:00:49 -0700[diff] [blame]203 }
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]204 break;
205 case FINGERPRINT_TEMPLATE_REMOVED:
Jim Miller13041372015-04-16 14:48:55 -0700[diff] [blame]206 fpId = arg1;
207 groupId = arg2;
208 operationCompleted = clientMonitor.sendRemoved(fpId, groupId);
209 if (fpId != 0) {
210 removeTemplateForUser(clientMonitor, contentResolver, fpId);
Jim Millera75961472014-06-06 15:00:49 -0700[diff] [blame]211 }
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]212 break;
213 }
214 return operationCompleted;
215 }
216
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]217 private void removeClient(ClientMonitor clientMonitor) {
218 if (clientMonitor == null) return;
219 clientMonitor.destroy();
220 if (clientMonitor == mAuthClient) {
221 mAuthClient = null;
222 } else if (clientMonitor == mEnrollClient) {
223 mEnrollClient = null;
224 } else if (clientMonitor == mRemoveClient) {
225 mRemoveClient = null;
226 }
227 }
228
229 private boolean inLockoutMode() {
230 return mFailedAttempts > MAX_FAILED_ATTEMPTS;
231 }
232
233 private void resetFailedAttempts() {
Jim Miller13041372015-04-16 14:48:55 -0700[diff] [blame]234 if (DEBUG && inLockoutMode()) {
235 Slog.v(TAG, "Reset fingerprint lockout");
236 }
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]237 mFailedAttempts = 0;
238 }
239
240 private boolean handleFailedAttempt(ClientMonitor clientMonitor) {
241 mFailedAttempts++;
242 if (mFailedAttempts > MAX_FAILED_ATTEMPTS) {
243 // Failing multiple times will continue to push out the lockout time.
244 mHandler.removeCallbacks(mLockoutReset);
245 mHandler.postDelayed(mLockoutReset, FAIL_LOCKOUT_TIMEOUT_MS);
246 if (clientMonitor != null
247 && !clientMonitor.sendError(FingerprintManager.FINGERPRINT_ERROR_LOCKOUT)) {
248 Slog.w(TAG, "Cannot send lockout message to client");
249 }
250 return true;
251 }
252 return false;
253 }
254
255 private void removeTemplateForUser(ClientMonitor clientMonitor, ContentResolver contentResolver,
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]256 final int fingerId) {
257 FingerprintUtils.removeFingerprintIdForUser(fingerId, contentResolver,
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]258 clientMonitor.userId);
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]259 }
260
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]261 private void addTemplateForUser(ClientMonitor clientMonitor, ContentResolver contentResolver,
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]262 final int fingerId) {
263 FingerprintUtils.addFingerprintIdForUser(contentResolver, fingerId,
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]264 clientMonitor.userId);
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]265 }
266
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]267 void startEnrollment(IBinder token, byte[] cryptoToken, int groupId,
268 IFingerprintServiceReceiver receiver, int flags) {
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]269 stopPendingOperations();
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]270 mEnrollClient = new ClientMonitor(token, receiver, groupId);
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]271 final int timeout = (int) (ENROLLMENT_TIMEOUT_MS / MS_PER_SEC);
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]272 final int result = nativeEnroll(cryptoToken, groupId, timeout);
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]273 if (result != 0) {
274 Slog.w(TAG, "startEnroll failed, result=" + result);
Jim Millera75961472014-06-06 15:00:49 -0700[diff] [blame]275 }
276 }
277
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]278 public long startPreEnroll(IBinder token) {
279 return nativePreEnroll();
280 }
281
282 private void stopPendingOperations() {
283 if (mEnrollClient != null) {
Jim Miller13041372015-04-16 14:48:55 -0700[diff] [blame]284 stopEnrollment(mEnrollClient.token, true);
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]285 }
286 if (mAuthClient != null) {
Jim Miller13041372015-04-16 14:48:55 -0700[diff] [blame]287 stopAuthentication(mAuthClient.token, true);
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]288 }
289 // mRemoveClient is allowed to continue
290 }
291
Jim Miller13041372015-04-16 14:48:55 -0700[diff] [blame]292 void stopEnrollment(IBinder token, boolean notify) {
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]293 final ClientMonitor client = mEnrollClient;
294 if (client == null || client.token != token) return;
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]295 int result = nativeStopEnrollment();
Jim Miller13041372015-04-16 14:48:55 -0700[diff] [blame]296 if (notify) {
297 client.sendError(FingerprintManager.FINGERPRINT_ERROR_CANCELED);
298 }
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]299 removeClient(mEnrollClient);
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]300 if (result != 0) {
301 Slog.w(TAG, "startEnrollCancel failed, result=" + result);
Jim Miller9f0753f2015-03-23 23:59:22 -0700[diff] [blame]302 }
303 }
304
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]305 void startAuthentication(IBinder token, long opId, int groupId,
306 IFingerprintServiceReceiver receiver, int flags) {
307 stopPendingOperations();
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]308 mAuthClient = new ClientMonitor(token, receiver, groupId);
309 if (inLockoutMode()) {
310 Slog.v(TAG, "In lockout mode; disallowing authentication");
311 if (!mAuthClient.sendError(FingerprintManager.FINGERPRINT_ERROR_LOCKOUT)) {
312 Slog.w(TAG, "Cannot send timeout message to client");
313 }
314 mAuthClient = null;
315 return;
316 }
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]317 final int timeout = (int) (ENROLLMENT_TIMEOUT_MS / MS_PER_SEC);
318 final int result = nativeAuthenticate(opId, groupId);
319 if (result != 0) {
320 Slog.w(TAG, "startAuthentication failed, result=" + result);
Jim Millera75961472014-06-06 15:00:49 -0700[diff] [blame]321 }
322 }
323
Jim Miller13041372015-04-16 14:48:55 -0700[diff] [blame]324 void stopAuthentication(IBinder token, boolean notify) {
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]325 final ClientMonitor client = mAuthClient;
326 if (client == null || client.token != token) return;
327 int result = nativeStopAuthentication();
Jim Miller13041372015-04-16 14:48:55 -0700[diff] [blame]328 if (notify) {
329 client.sendError(FingerprintManager.FINGERPRINT_ERROR_CANCELED);
330 }
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]331 removeClient(mAuthClient);
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]332 if (result != 0) {
333 Slog.w(TAG, "stopAuthentication failed, result=" + result);
Jim Millera75961472014-06-06 15:00:49 -0700[diff] [blame]334 }
335 }
336
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]337 void startRemove(IBinder token, int fingerId, int userId,
338 IFingerprintServiceReceiver receiver) {
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]339 mRemoveClient = new ClientMonitor(token, receiver, userId);
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]340 // The fingerprint template ids will be removed when we get confirmation from the HAL
341 final int result = nativeRemove(fingerId, userId);
342 if (result != 0) {
343 Slog.w(TAG, "startRemove with id = " + fingerId + " failed with result=" + result);
Jim Millera75961472014-06-06 15:00:49 -0700[diff] [blame]344 }
345 }
346
Jim Miller9f0753f2015-03-23 23:59:22 -0700[diff] [blame]347 public List<Fingerprint> getEnrolledFingerprints(int groupId) {
348 ContentResolver resolver = mContext.getContentResolver();
349 int[] ids = FingerprintUtils.getFingerprintIdsForUser(resolver, groupId);
350 List<Fingerprint> result = new ArrayList<Fingerprint>();
351 for (int i = 0; i < ids.length; i++) {
352 // TODO: persist names in Settings
353 CharSequence name = "Finger" + ids[i];
354 final int group = 0; // TODO
355 final int fingerId = ids[i];
356 final long deviceId = 0; // TODO
357 Fingerprint item = new Fingerprint(name, 0, ids[i], 0);
358 result.add(item);
359 }
360 return result;
361 }
362
Jorim Jaggi2aad7ee2015-04-14 15:25:06 -0700[diff] [blame]363 public boolean hasEnrolledFingerprints(int groupId) {
364 ContentResolver resolver = mContext.getContentResolver();
365 return FingerprintUtils.getFingerprintIdsForUser(resolver, groupId).length > 0;
366 }
367
Jim Millerba67aee2015-02-20 16:21:26 -0800[diff] [blame]368 void checkPermission(String permission) {
Jim Miller9f0753f2015-03-23 23:59:22 -0700[diff] [blame]369 getContext().enforceCallingOrSelfPermission(permission,
370 "Must have " + permission + " permission.");
Jim Millera75961472014-06-06 15:00:49 -0700[diff] [blame]371 }
372
Svetoslav4af76a52015-04-29 15:29:46 -0700[diff] [blame]373 private boolean canUserFingerPrint(String opPackageName) {
374 checkPermission(USE_FINGERPRINT);
375
376 return mAppOps.noteOp(AppOpsManager.OP_USE_FINGERPRINT, Binder.getCallingUid(),
377 opPackageName) == AppOpsManager.MODE_ALLOWED;
378 }
379
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]380 private class ClientMonitor implements IBinder.DeathRecipient {
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]381 IBinder token;
Jim Millerb21e1b22015-04-24 16:59:11 -0700[diff] [blame]382 IFingerprintServiceReceiver receiver;
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]383 int userId;
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]384
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]385 public ClientMonitor(IBinder token, IFingerprintServiceReceiver receiver, int userId) {
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]386 this.token = token;
Jim Millerb21e1b22015-04-24 16:59:11 -0700[diff] [blame]387 this.receiver = receiver;
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]388 this.userId = userId;
389 try {
390 token.linkToDeath(this, 0);
391 } catch (RemoteException e) {
392 Slog.w(TAG, "caught remote exception in linkToDeath: ", e);
393 }
394 }
395
396 public void destroy() {
397 if (token != null) {
398 token.unlinkToDeath(this, 0);
399 token = null;
400 }
401 receiver = null;
402 }
403
404 public void binderDied() {
405 token = null;
406 removeClient(this);
Jim Millerb21e1b22015-04-24 16:59:11 -0700[diff] [blame]407 receiver = null;
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]408 }
409
410 protected void finalize() throws Throwable {
411 try {
412 if (token != null) {
413 if (DEBUG) Slog.w(TAG, "removing leaked reference: " + token);
414 removeClient(this);
415 }
416 } finally {
417 super.finalize();
418 }
419 }
420
Jim Miller13041372015-04-16 14:48:55 -0700[diff] [blame]421 /*
422 * @return true if we're done.
423 */
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]424 private boolean sendRemoved(int fingerId, int groupId) {
Jim Millerb21e1b22015-04-24 16:59:11 -0700[diff] [blame]425 if (receiver == null) return true; // client not listening
Jim Miller13041372015-04-16 14:48:55 -0700[diff] [blame]426 try {
Jim Millerb21e1b22015-04-24 16:59:11 -0700[diff] [blame]427 receiver.onRemoved(mHalDeviceId, fingerId, groupId);
Jim Miller13041372015-04-16 14:48:55 -0700[diff] [blame]428 return fingerId == 0;
429 } catch (RemoteException e) {
430 Slog.w(TAG, "Failed to notify Removed:", e);
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]431 }
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]432 return false;
433 }
434
Jim Miller13041372015-04-16 14:48:55 -0700[diff] [blame]435 /*
436 * @return true if we're done.
437 */
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]438 private boolean sendEnrollResult(int fpId, int groupId, int remaining) {
Jim Millerb21e1b22015-04-24 16:59:11 -0700[diff] [blame]439 if (receiver == null) return true; // client not listening
Jim Milleraf281ca2015-04-20 19:04:21 -0700[diff] [blame]440 FingerprintUtils.vibrateFingerprintSuccess(getContext());
Jim Miller13041372015-04-16 14:48:55 -0700[diff] [blame]441 try {
Jim Millerb21e1b22015-04-24 16:59:11 -0700[diff] [blame]442 receiver.onEnrollResult(mHalDeviceId, fpId, groupId, remaining);
Jim Miller13041372015-04-16 14:48:55 -0700[diff] [blame]443 return remaining == 0;
444 } catch (RemoteException e) {
445 Slog.w(TAG, "Failed to notify EnrollResult:", e);
446 return true;
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]447 }
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]448 }
449
Jim Miller13041372015-04-16 14:48:55 -0700[diff] [blame]450 /*
451 * @return true if we're done.
452 */
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]453 private boolean sendAuthenticated(int fpId, int groupId) {
Jim Miller13041372015-04-16 14:48:55 -0700[diff] [blame]454 boolean result = false;
Jim Millerb21e1b22015-04-24 16:59:11 -0700[diff] [blame]455 if (receiver != null) {
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]456 try {
Jim Millerb21e1b22015-04-24 16:59:11 -0700[diff] [blame]457 receiver.onAuthenticated(mHalDeviceId, fpId, groupId);
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]458 } catch (RemoteException e) {
Jim Miller13041372015-04-16 14:48:55 -0700[diff] [blame]459 Slog.w(TAG, "Failed to notify Authenticated:", e);
460 result = true; // client failed
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]461 }
Jim Miller13041372015-04-16 14:48:55 -0700[diff] [blame]462 } else {
463 result = true; // client not listening
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]464 }
Jim Miller13041372015-04-16 14:48:55 -0700[diff] [blame]465 if (fpId <= 0) {
Jim Milleraf281ca2015-04-20 19:04:21 -0700[diff] [blame]466 FingerprintUtils.vibrateFingerprintError(getContext());
Jim Miller13041372015-04-16 14:48:55 -0700[diff] [blame]467 result |= handleFailedAttempt(this);
468 } else {
Jim Milleraf281ca2015-04-20 19:04:21 -0700[diff] [blame]469 FingerprintUtils.vibrateFingerprintSuccess(getContext());
Jim Miller13041372015-04-16 14:48:55 -0700[diff] [blame]470 result |= true; // we have a valid fingerprint
471 mLockoutReset.run();
472 }
473 return result;
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]474 }
475
Jim Miller13041372015-04-16 14:48:55 -0700[diff] [blame]476 /*
477 * @return true if we're done.
478 */
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]479 private boolean sendAcquired(int acquiredInfo) {
Jim Millerb21e1b22015-04-24 16:59:11 -0700[diff] [blame]480 if (receiver == null) return true; // client not listening
Jim Miller13041372015-04-16 14:48:55 -0700[diff] [blame]481 try {
Jim Millerb21e1b22015-04-24 16:59:11 -0700[diff] [blame]482 receiver.onAcquired(mHalDeviceId, acquiredInfo);
Jim Miller13041372015-04-16 14:48:55 -0700[diff] [blame]483 return false; // acquisition continues...
484 } catch (RemoteException e) {
485 Slog.w(TAG, "Failed to invoke sendAcquired:", e);
486 return true; // client failed
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]487 }
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]488 }
489
Jim Miller13041372015-04-16 14:48:55 -0700[diff] [blame]490 /*
491 * @return true if we're done.
492 */
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]493 private boolean sendError(int error) {
Jim Millerb21e1b22015-04-24 16:59:11 -0700[diff] [blame]494 if (receiver != null) {
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]495 try {
Jim Millerb21e1b22015-04-24 16:59:11 -0700[diff] [blame]496 receiver.onError(mHalDeviceId, error);
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]497 } catch (RemoteException e) {
Jim Miller13041372015-04-16 14:48:55 -0700[diff] [blame]498 Slog.w(TAG, "Failed to invoke sendError:", e);
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]499 }
500 }
Jim Miller13041372015-04-16 14:48:55 -0700[diff] [blame]501 return true; // errors always terminate progress
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]502 }
503 }
504
Jim Millera75961472014-06-06 15:00:49 -0700[diff] [blame]505 private final class FingerprintServiceWrapper extends IFingerprintService.Stub {
Jim Miller9f0753f2015-03-23 23:59:22 -0700[diff] [blame]506 @Override
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]507 public long preEnroll(IBinder token) {
Jim Millerba67aee2015-02-20 16:21:26 -0800[diff] [blame]508 checkPermission(MANAGE_FINGERPRINT);
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]509 return startPreEnroll(token);
Jim Millera75961472014-06-06 15:00:49 -0700[diff] [blame]510 }
511
Jim Millerebbf2052015-03-31 17:24:34 -0700[diff] [blame]512 @Override
Jim Miller9f0753f2015-03-23 23:59:22 -0700[diff] [blame]513 // Binder call
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]514 public void enroll(final IBinder token, final byte[] cryptoToken, final int groupId,
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]515 final IFingerprintServiceReceiver receiver, final int flags) {
516 checkPermission(MANAGE_FINGERPRINT);
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]517 final byte [] cryptoClone = Arrays.copyOf(cryptoToken, cryptoToken.length);
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]518 mHandler.post(new Runnable() {
519 @Override
520 public void run() {
Jim Millerfe6439f2015-04-11 18:07:57 -0700[diff] [blame]521 startEnrollment(token, cryptoClone, groupId, receiver, flags);
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]522 }
523 });
524 }
525
526 @Override
527 // Binder call
528 public void cancelEnrollment(final IBinder token) {
529 checkPermission(MANAGE_FINGERPRINT);
530 mHandler.post(new Runnable() {
531 @Override
532 public void run() {
Jim Miller13041372015-04-16 14:48:55 -0700[diff] [blame]533 stopEnrollment(token, true);
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]534 }
535 });
536 }
537
538 @Override
539 // Binder call
540 public void authenticate(final IBinder token, final long opId, final int groupId,
Svetoslav4af76a52015-04-29 15:29:46 -0700[diff] [blame]541 final IFingerprintServiceReceiver receiver, final int flags, String opPackageName) {
Jim Millera75961472014-06-06 15:00:49 -0700[diff] [blame]542 checkPermission(USE_FINGERPRINT);
Svetoslav4af76a52015-04-29 15:29:46 -0700[diff] [blame]543 if (!canUserFingerPrint(opPackageName)) {
544 return;
545 }
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]546 mHandler.post(new Runnable() {
547 @Override
548 public void run() {
549 startAuthentication(token, opId, groupId, receiver, flags);
550 }
551 });
552 }
553
554 @Override
555
556 // Binder call
Svetoslav4af76a52015-04-29 15:29:46 -0700[diff] [blame]557 public void cancelAuthentication(final IBinder token, String opPackageName) {
558 if (!canUserFingerPrint(opPackageName)) {
559 return;
560 }
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]561 mHandler.post(new Runnable() {
562 @Override
563 public void run() {
Jim Miller13041372015-04-16 14:48:55 -0700[diff] [blame]564 stopAuthentication(token, true);
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]565 }
566 });
Jim Millerba67aee2015-02-20 16:21:26 -0800[diff] [blame]567 }
Jim Miller99d60192015-03-11 17:41:58 -0700[diff] [blame]568
569 @Override
Jim Miller9f0753f2015-03-23 23:59:22 -0700[diff] [blame]570 // Binder call
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]571 public void remove(final IBinder token, final int fingerId, final int groupId,
572 final IFingerprintServiceReceiver receiver) {
Jim Miller9f0753f2015-03-23 23:59:22 -0700[diff] [blame]573 checkPermission(MANAGE_FINGERPRINT); // TODO: Maybe have another permission
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]574 mHandler.post(new Runnable() {
575 @Override
576 public void run() {
577 startRemove(token, fingerId, groupId, receiver);
578 }
579 });
Jim Miller9f0753f2015-03-23 23:59:22 -0700[diff] [blame]580
Jim Miller9f0753f2015-03-23 23:59:22 -0700[diff] [blame]581 }
582
583 @Override
584 // Binder call
Svetoslav4af76a52015-04-29 15:29:46 -0700[diff] [blame]585 public boolean isHardwareDetected(long deviceId, String opPackageName) {
586 if (!canUserFingerPrint(opPackageName)) {
587 return false;
588 }
Jim Miller9f0753f2015-03-23 23:59:22 -0700[diff] [blame]589 return mHalDeviceId != 0; // TODO
590 }
591
592 @Override
593 // Binder call
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]594 public void rename(final int fingerId, final int groupId, final String name) {
Jim Miller99d60192015-03-11 17:41:58 -0700[diff] [blame]595 checkPermission(MANAGE_FINGERPRINT);
Jim Millerce7eb6d2015-04-03 19:29:13 -0700[diff] [blame]596 mHandler.post(new Runnable() {
597 @Override
598 public void run() {
599 Slog.w(TAG, "rename id=" + fingerId + ",gid=" + groupId + ",name=" + name);
600 }
601 });
Jim Miller99d60192015-03-11 17:41:58 -0700[diff] [blame]602 }
Jim Miller9f0753f2015-03-23 23:59:22 -0700[diff] [blame]603
604 @Override
605 // Binder call
Svetoslav4af76a52015-04-29 15:29:46 -0700[diff] [blame]606 public List<Fingerprint> getEnrolledFingerprints(int groupId, String opPackageName) {
607 if (!canUserFingerPrint(opPackageName)) {
608 return Collections.emptyList();
609 }
Jim Miller9f0753f2015-03-23 23:59:22 -0700[diff] [blame]610 return FingerprintService.this.getEnrolledFingerprints(groupId);
611 }
Jorim Jaggi2aad7ee2015-04-14 15:25:06 -0700[diff] [blame]612
613 @Override
614 // Binder call
Svetoslav4af76a52015-04-29 15:29:46 -0700[diff] [blame]615 public boolean hasEnrolledFingerprints(int groupId, String opPackageName) {
616 if (!canUserFingerPrint(opPackageName)) {
617 return false;
618 }
Jorim Jaggi2aad7ee2015-04-14 15:25:06 -0700[diff] [blame]619 return FingerprintService.this.hasEnrolledFingerprints(groupId);
620 }
Andres Morales4d41a202015-04-16 14:12:38 -0700[diff] [blame]621
622 @Override
Svetoslav4af76a52015-04-29 15:29:46 -0700[diff] [blame]623 public long getAuthenticatorId(String opPackageName) {
624 if (!canUserFingerPrint(opPackageName)) {
625 return 0;
626 }
Andres Morales4d41a202015-04-16 14:12:38 -0700[diff] [blame]627 return nativeGetAuthenticatorId();
628 }
Jim Millera75961472014-06-06 15:00:49 -0700[diff] [blame]629 }
630
631 @Override
632 public void onStart() {
Jim Miller9f0753f2015-03-23 23:59:22 -0700[diff] [blame]633 publishBinderService(Context.FINGERPRINT_SERVICE, new FingerprintServiceWrapper());
634 mHalDeviceId = nativeOpenHal();
Sasha Levitskiy80db9ba2015-05-08 14:31:48 -0700[diff] [blame^]635 if (mHalDeviceId != 0) {
636 int userId = ActivityManager.getCurrentUser();
637 File path = Environment.getUserSystemDirectory(userId);
638 nativeSetActiveGroup(0, path.getAbsolutePath().getBytes());
639 }
Jim Miller9f0753f2015-03-23 23:59:22 -0700[diff] [blame]640 if (DEBUG) Slog.v(TAG, "Fingerprint HAL id: " + mHalDeviceId);
Jim Millera75961472014-06-06 15:00:49 -0700[diff] [blame]641 }
642
643}