Revert "Define biometrics.face@1.1 with remote enrollment"
This reverts commit ec0b6e26ea45a07ee00ca0127fdf7e3749ab515c.
Reason for revert: this interface is untested in R.
Bug: 151331855
Bug: 149502271
Change-Id: I5d63c6e52c540af328fe108bff1861d16990a6b4
diff --git a/biometrics/face/1.1/Android.bp b/biometrics/face/1.1/Android.bp
deleted file mode 100644
index 2206597..0000000
--- a/biometrics/face/1.1/Android.bp
+++ /dev/null
@@ -1,17 +0,0 @@
-// This file is autogenerated by hidl-gen -Landroidbp.
-
-hidl_interface {
- name: "android.hardware.biometrics.face@1.1",
- root: "android.hardware",
- vndk: {
- enabled: true,
- },
- srcs: [
- "IBiometricsFace.hal",
- ],
- interfaces: [
- "android.hardware.biometrics.face@1.0",
- "android.hidl.base@1.0",
- ],
- gen_java: true,
-}
diff --git a/biometrics/face/1.1/IBiometricsFace.hal b/biometrics/face/1.1/IBiometricsFace.hal
deleted file mode 100644
index 975001f..0000000
--- a/biometrics/face/1.1/IBiometricsFace.hal
+++ /dev/null
@@ -1,82 +0,0 @@
-/*
- * Copyright (C) 2019 The Android Open Source Project
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package android.hardware.biometrics.face@1.1;
-import @1.0::IBiometricsFace;
-import @1.0::Status;
-import @1.0::Feature;
-
-/**
- * The HAL interface for biometric face authentication.
- */
-interface IBiometricsFace extends @1.0::IBiometricsFace {
- /**
- * Enrolls a user's face for a remote client, for example Android Auto.
- *
- * The HAL implementation is responsible for creating a secure communication
- * channel and receiving the enrollment images from a mobile device with
- * face authentication hardware.
- *
- * Note that the Hardware Authentication Token must be valid for the
- * duration of enrollment and thus should be explicitly invalidated by a
- * call to revokeChallenge() when enrollment is complete, to reduce the
- * window of opportunity to re-use the challenge and HAT. For example,
- * Settings calls generateChallenge() once to allow the user to enroll one
- * or more faces or toggle secure settings without having to re-enter the
- * PIN/pattern/password. Once the user completes the operation, Settings
- * invokes revokeChallenge() to close the transaction. If the HAT is expired,
- * the implementation must invoke onError with UNABLE_TO_PROCESS.
- *
- * Requirements for using this API:
- * - Mobile devices MUST NOT delegate enrollment to another device by calling
- * this API. This feature is intended only to allow enrollment on devices
- * where it is impossible to enroll locally on the device.
- * - The path MUST be protected by a secret key with rollback protection.
- * - Synchronizing between devices MUST be accomplished by having both
- * devices agree on a secret PIN entered by the user (similar to BT
- * pairing procedure) and use a salted version of that PIN plus other secret
- * to encrypt traffic.
- * - All communication to/from the remote device MUST be encrypted and signed
- * to prevent image injection and other man-in-the-middle type attacks.
- * - generateChallenge() and revokeChallenge() MUST be implemented on both
- * remote and local host (e.g. hash the result of the remote host with a
- * local secret before responding to the API call) and any transmission of
- * the challenge between hosts MUST be signed to prevent man-in-the-middle
- * attacks.
- * - In the event of a lost connection, the result of the last
- * generateChallenge() MUST be invalidated and the process started over.
- * - Both the remote and local host MUST honor the timeout and invalidate the
- * challenge.
- *
- * This method triggers the IBiometricsFaceClientCallback#onEnrollResult()
- * method.
- *
- * @param hat A valid Hardware Authentication Token, generated as a result
- * of a generateChallenge() challenge being wrapped by the gatekeeper
- * after a successful strong authentication request.
- * @param timeoutSec A timeout in seconds, after which this enroll
- * attempt is cancelled. Note that the framework can continue
- * enrollment by calling this again with a valid HAT. This timeout is
- * expected to be used to limit power usage if the device becomes idle
- * during enrollment. The implementation is expected to send
- * ERROR_TIMEOUT if this happens.
- * @param disabledFeatures A list of features to be disabled during
- * enrollment. Note that all features are enabled by default.
- * @return status The status of this method call.
- */
- enrollRemotely(vec<uint8_t> hat, uint32_t timeoutSec,
- vec<Feature> disabledFeatures) generates (Status status);
-};