Add timeout parameter to generateChallenge Fixes: 115925222 Test: builds Change-Id: Idac1730b36eadb5acdb6420cc330585ebb2f3197

commit: 2acfd2aab67f3b5e6aae69510f4c830d296eb002 [log] [tgz]
author: Kevin Chyn <kchyn@google.com> Thu Sep 20 18:42:09 2018 -0700
committer: Kevin Chyn <kchyn@google.com> Mon Sep 24 15:27:03 2018 -0700
tree: e20784fdce9cf882963323e56bdeda8ae56dc5e3
parent: d8ffb064061b88c9438f3472cb564c5f686d4a17 [diff] [blame]
diff --git a/biometrics/face/1.0/IBiometricsFace.hal b/biometrics/face/1.0/IBiometricsFace.hal
index f39eaeb..1c7bfb9 100644
--- a/biometrics/face/1.0/IBiometricsFace.hal
+++ b/biometrics/face/1.0/IBiometricsFace.hal

@@ -78,11 +78,15 @@
      * template if the operation was preceded by some kind of strong credential
      * confirmation (e.g. device password).
      *
+     * @param challengeTimeoutSec A timeout in seconds, after which the driver
+     *     must invalidate the challenge. This is to prevent bugs or crashes in
+     *     the system from leaving a challenge enabled indefinitely.
      * @return result, with its "value" parameter representing a "challenge": a
      *     unique and cryptographically secure random token.
      */
     @callflow(next={"enroll", "revokeChallenge", "setRequireAttention"})
-    generateChallenge() generates (OptionalUint64 result);
+    generateChallenge(uint32_t challengeTimeoutSec)
+        generates (OptionalUint64 result);
 
     /**
      * Enrolls a user's face.
commit	2acfd2aab67f3b5e6aae69510f4c830d296eb002	[log] [tgz]
author	Kevin Chyn <kchyn@google.com>	Thu Sep 20 18:42:09 2018 -0700
committer	Kevin Chyn <kchyn@google.com>	Mon Sep 24 15:27:03 2018 -0700
tree	e20784fdce9cf882963323e56bdeda8ae56dc5e3
parent	d8ffb064061b88c9438f3472cb564c5f686d4a17 [diff] [blame]