1 /*
2 * Copyright (C) 2023 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #undef LOG_TAG
18 #define LOG_TAG "FaceVirtualHalEngine"
19
20 #include "FakeFaceEngine.h"
21
22 #include <android-base/logging.h>
23
24 #include <face.sysprop.h>
25
26 #include "Face.h"
27 #include "util/CancellationSignal.h"
28 #include "util/Util.h"
29
30 using namespace ::android::face::virt;
31
32 namespace aidl::android::hardware::biometrics::face {
33
GetSensorType()34 FaceSensorType FakeFaceEngine::GetSensorType() {
35 std::string type = Face::cfg().get<std::string>("type");
36 if (type == "IR") {
37 return FaceSensorType::IR;
38 } else {
39 Face::cfg().set<std::string>("type", "RGB");
40 return FaceSensorType::RGB;
41 }
42 }
43
GetSensorStrength()44 common::SensorStrength FakeFaceEngine::GetSensorStrength() {
45 std::string strength = Face::cfg().get<std::string>("strength");
46 if (strength == "convenience") {
47 return common::SensorStrength::CONVENIENCE;
48 } else if (strength == "weak") {
49 return common::SensorStrength::WEAK;
50 } else {
51 // Face::cfg().set<std::string>("strength", "strong");
52 return common::SensorStrength::STRONG;
53 }
54 }
55
generateChallengeImpl(ISessionCallback * cb)56 void FakeFaceEngine::generateChallengeImpl(ISessionCallback* cb) {
57 BEGIN_OP(0);
58 std::uniform_int_distribution<int64_t> dist;
59 auto challenge = dist(mRandom);
60 Face::cfg().set<int64_t>("challenge", challenge);
61 cb->onChallengeGenerated(challenge);
62 }
63
revokeChallengeImpl(ISessionCallback * cb,int64_t challenge)64 void FakeFaceEngine::revokeChallengeImpl(ISessionCallback* cb, int64_t challenge) {
65 BEGIN_OP(0);
66 Face::cfg().set<int64_t>("challenge", 0);
67 cb->onChallengeRevoked(challenge);
68 }
getEnrollmentConfigImpl(ISessionCallback *,std::vector<EnrollmentStageConfig> *)69 void FakeFaceEngine::getEnrollmentConfigImpl(ISessionCallback* /*cb*/,
70 std::vector<EnrollmentStageConfig>* /*return_val*/) {}
enrollImpl(ISessionCallback * cb,const keymaster::HardwareAuthToken & hat,EnrollmentType,const std::vector<Feature> &,const std::future<void> & cancel)71 void FakeFaceEngine::enrollImpl(ISessionCallback* cb, const keymaster::HardwareAuthToken& hat,
72 EnrollmentType /*enrollmentType*/,
73 const std::vector<Feature>& /*features*/,
74 const std::future<void>& cancel) {
75 BEGIN_OP(getLatency(Face::cfg().getopt<OptIntVec>("operation_enroll_latency")));
76
77 // Do proper HAT verification in the real implementation.
78 if (hat.mac.empty()) {
79 LOG(ERROR) << "Fail: hat";
80 cb->onError(Error::UNABLE_TO_PROCESS, 0 /* vendorError */);
81 return;
82 }
83
84 // Format:
85 // <id>:<progress_ms-[acquiredInfo,...],...:<success>
86 // -------:--------------------------------------------------:--------------
87 // | | |--->enrollment
88 // success (true/false) | |--> progress_steps
89 // |
90 // |-->enrollment id
91 //
92 //
93 // progress_steps:
94 // <progress_duration>-[acquiredInfo,...]+
95 // ---------------------------- ---------------------
96 // | |-> sequence of acquiredInfo code
97 // | --> time duration of the step in ms
98 //
99 // E.g. 1:2000-[21,1108,5,6,1],1000-[1113,4,1]:true
100 // A success enrollement of id 1 by 2 steps
101 // 1st step lasts 2000ms with acquiredInfo codes (21,1108,5,6,1)
102 // 2nd step lasts 1000ms with acquiredInfo codes (1113,4,1)
103 //
104 std::string defaultNextEnrollment =
105 "1:1000-[21,7,1,1103],1500-[1108,1],2000-[1113,1],2500-[1118,1]:true";
106 auto nextEnroll = Face::cfg().get<std::string>("next_enrollment");
107 auto parts = Util::split(nextEnroll, ":");
108 if (parts.size() != 3) {
109 LOG(ERROR) << "Fail: invalid next_enrollment:" << nextEnroll;
110 cb->onError(Error::VENDOR, 0 /* vendorError */);
111 return;
112 }
113 auto enrollmentId = std::stoi(parts[0]);
114 auto progress = Util::parseEnrollmentCapture(parts[1]);
115 for (size_t i = 0; i < progress.size(); i += 2) {
116 auto left = (progress.size() - i) / 2 - 1;
117 auto duration = progress[i][0];
118 auto acquired = progress[i + 1];
119 auto N = acquired.size();
120
121 for (int j = 0; j < N; j++) {
122 SLEEP_MS(duration / N);
123
124 if (shouldCancel(cancel)) {
125 LOG(ERROR) << "Fail: cancel";
126 cb->onError(Error::CANCELED, 0 /* vendorCode */);
127 return;
128 }
129 EnrollmentFrame frame = {};
130 auto ac = convertAcquiredInfo(acquired[j]);
131 frame.data.acquiredInfo = ac.first;
132 frame.data.vendorCode = ac.second;
133 frame.stage = (i == 0 && j == 0) ? EnrollmentStage::FIRST_FRAME_RECEIVED
134 : (i == progress.size() - 2 && j == N - 1)
135 ? EnrollmentStage::ENROLLMENT_FINISHED
136 : EnrollmentStage::WAITING_FOR_CENTERING;
137 cb->onEnrollmentFrame(frame);
138 }
139
140 if (left == 0 && !IS_TRUE(parts[2])) { // end and failed
141 LOG(ERROR) << "Fail: requested by caller: " << nextEnroll;
142 Face::cfg().setopt<OptString>("next_enrollment", std::nullopt);
143 cb->onError(Error::UNABLE_TO_PROCESS, 0 /* vendorCode */);
144 } else { // progress and update props if last time
145 LOG(INFO) << "onEnroll: " << enrollmentId << " left: " << left;
146 if (left == 0) {
147 auto enrollments = Face::cfg().getopt<OptIntVec>("enrollments");
148 enrollments.emplace_back(enrollmentId);
149 Face::cfg().setopt<OptIntVec>("enrollments", enrollments);
150 Face::cfg().setopt<OptString>("next_enrollment", std::nullopt);
151 // change authenticatorId after new enrollment
152 auto id = Face::cfg().get<std::int64_t>("authenticator_id");
153 auto newId = id + 1;
154 Face::cfg().set<std::int64_t>("authenticator_id", newId);
155 LOG(INFO) << "Enrolled: " << enrollmentId;
156 }
157 cb->onEnrollmentProgress(enrollmentId, left);
158 }
159 }
160 }
161
authenticateImpl(ISessionCallback * cb,int64_t,const std::future<void> & cancel)162 void FakeFaceEngine::authenticateImpl(ISessionCallback* cb, int64_t /*operationId*/,
163 const std::future<void>& cancel) {
164 BEGIN_OP(getLatency(Face::cfg().getopt<OptIntVec>("operation_authenticate_latency")));
165
166 // SLEEP_MS(3000); //emulate hw HAL
167
168 auto id = Face::cfg().get<std::int32_t>("enrollment_hit");
169 auto enrolls = Face::cfg().getopt<OptIntVec>("enrollments");
170 auto isEnrolled = std::find(enrolls.begin(), enrolls.end(), id) != enrolls.end();
171
172 auto vec2str = [](std::vector<AcquiredInfo> va) {
173 std::stringstream ss;
174 bool isFirst = true;
175 for (auto ac : va) {
176 if (!isFirst) ss << ",";
177 ss << std::to_string((int8_t)ac);
178 isFirst = false;
179 }
180 return ss.str();
181 };
182
183 // default behavior mimic face sensor in U
184 int64_t defaultAuthDuration = 500;
185 std::string defaultAcquiredInfo =
186 vec2str({AcquiredInfo::START, AcquiredInfo::FIRST_FRAME_RECEIVED});
187 if (!isEnrolled) {
188 std::vector<AcquiredInfo> v;
189 for (int i = 0; i < 56; i++) v.push_back(AcquiredInfo::NOT_DETECTED);
190 defaultAcquiredInfo += "," + vec2str(v);
191 defaultAuthDuration = 2100;
192 } else {
193 defaultAcquiredInfo += "," + vec2str({AcquiredInfo::TOO_BRIGHT, AcquiredInfo::TOO_BRIGHT,
194 AcquiredInfo::TOO_BRIGHT, AcquiredInfo::TOO_BRIGHT,
195 AcquiredInfo::GOOD, AcquiredInfo::GOOD});
196 }
197
198 int64_t now = Util::getSystemNanoTime();
199 int64_t duration = Face::cfg().get<std::int32_t>("operation_authenticate_duration");
200 auto acquired = Face::cfg().get<std::string>("operation_authenticate_acquired");
201 if (acquired.empty()) {
202 Face::cfg().set<std::string>("operation_authenticate_acquired", defaultAcquiredInfo);
203 acquired = defaultAcquiredInfo;
204 }
205 auto acquiredInfos = Util::parseIntSequence(acquired);
206 int N = acquiredInfos.size();
207
208 if (N == 0) {
209 LOG(ERROR) << "Fail to parse authentiate acquired info: " + acquired;
210 cb->onError(Error::UNABLE_TO_PROCESS, 0 /* vendorError */);
211 return;
212 }
213
214 if (mLockoutTracker.checkIfLockout(cb)) {
215 return;
216 }
217
218 int i = 0;
219 do {
220 if (Face::cfg().get<bool>("lockout")) {
221 LOG(ERROR) << "Fail: lockout";
222 cb->onLockoutPermanent();
223 cb->onError(Error::HW_UNAVAILABLE, 0 /* vendorError */);
224 return;
225 }
226
227 if (Face::cfg().get<bool>("operation_authenticate_fails")) {
228 LOG(ERROR) << "Fail: operation_authenticate_fails";
229 mLockoutTracker.addFailedAttempt(cb);
230 cb->onAuthenticationFailed();
231 return;
232 }
233
234 auto err = Face::cfg().get<std::int32_t>("operation_authenticate_error");
235 if (err != 0) {
236 LOG(ERROR) << "Fail: operation_authenticate_error";
237 auto ec = convertError(err);
238 cb->onError(ec.first, ec.second);
239 return; /* simply terminating current operation for any user inserted error,
240 revisit if tests need*/
241 }
242
243 if (shouldCancel(cancel)) {
244 LOG(ERROR) << "Fail: cancel";
245 cb->onError(Error::CANCELED, 0 /* vendorCode */);
246 return;
247 }
248
249 if (i < N) {
250 auto ac = convertAcquiredInfo(acquiredInfos[i]);
251 AuthenticationFrame frame;
252 frame.data.acquiredInfo = ac.first;
253 frame.data.vendorCode = ac.second;
254 cb->onAuthenticationFrame(frame);
255 LOG(INFO) << "AcquiredInfo:" << i << ": (" << (int)ac.first << "," << (int)ac.second
256 << ")";
257 i++;
258
259 // the captured face id may change during authentication period
260 auto idnew = Face::cfg().get<std::int32_t>("enrollment_hit");
261 if (id != idnew) {
262 isEnrolled = std::find(enrolls.begin(), enrolls.end(), idnew) != enrolls.end();
263 LOG(INFO) << "enrollment_hit changed from " << id << " to " << idnew;
264 id = idnew;
265 break;
266 }
267 }
268
269 SLEEP_MS(duration / N);
270 } while (!Util::hasElapsed(now, duration));
271
272 if (id > 0 && isEnrolled) {
273 mLockoutTracker.reset();
274 cb->onAuthenticationSucceeded(id, {} /* hat */);
275 return;
276 } else {
277 LOG(ERROR) << "Fail: face not enrolled";
278 mLockoutTracker.addFailedAttempt(cb);
279 cb->onAuthenticationFailed();
280 cb->onError(Error::TIMEOUT, 0 /* vendorError*/);
281 return;
282 }
283 }
284
convertAcquiredInfo(int32_t code)285 std::pair<AcquiredInfo, int32_t> FakeFaceEngine::convertAcquiredInfo(int32_t code) {
286 std::pair<AcquiredInfo, int32_t> res;
287 if (code > FACE_ACQUIRED_VENDOR_BASE) {
288 res.first = AcquiredInfo::VENDOR;
289 res.second = code - FACE_ACQUIRED_VENDOR_BASE;
290 } else {
291 res.first = (AcquiredInfo)code;
292 res.second = 0;
293 }
294 return res;
295 }
296
convertError(int32_t code)297 std::pair<Error, int32_t> FakeFaceEngine::convertError(int32_t code) {
298 std::pair<Error, int32_t> res;
299 if (code > FACE_ERROR_VENDOR_BASE) {
300 res.first = Error::VENDOR;
301 res.second = code - FACE_ERROR_VENDOR_BASE;
302 } else {
303 res.first = (Error)code;
304 res.second = 0;
305 }
306 return res;
307 }
308
detectInteractionImpl(ISessionCallback * cb,const std::future<void> & cancel)309 void FakeFaceEngine::detectInteractionImpl(ISessionCallback* cb, const std::future<void>& cancel) {
310 BEGIN_OP(getLatency(Face::cfg().getopt<OptIntVec>("operation_detect_interaction_latency")));
311
312 if (Face::cfg().get<bool>("operation_detect_interaction_fails")) {
313 LOG(ERROR) << "Fail: operation_detect_interaction_fails";
314 cb->onError(Error::VENDOR, 0 /* vendorError */);
315 return;
316 }
317
318 if (shouldCancel(cancel)) {
319 LOG(ERROR) << "Fail: cancel";
320 cb->onError(Error::CANCELED, 0 /* vendorCode */);
321 return;
322 }
323
324 auto id = Face::cfg().get<std::int32_t>("enrollment_hit");
325 auto enrolls = Face::cfg().getopt<OptIntVec>("enrollments");
326 auto isEnrolled = std::find(enrolls.begin(), enrolls.end(), id) != enrolls.end();
327 if (id <= 0 || !isEnrolled) {
328 LOG(ERROR) << "Fail: not enrolled";
329 cb->onError(Error::UNABLE_TO_PROCESS, 0 /* vendorError */);
330 return;
331 }
332
333 cb->onInteractionDetected();
334 }
335
enumerateEnrollmentsImpl(ISessionCallback * cb)336 void FakeFaceEngine::enumerateEnrollmentsImpl(ISessionCallback* cb) {
337 BEGIN_OP(0);
338 std::vector<int32_t> enrollments;
339 for (const auto& enrollmentId : Face::cfg().getopt<OptIntVec>("enrollments")) {
340 if (enrollmentId) {
341 enrollments.push_back(*enrollmentId);
342 }
343 }
344 cb->onEnrollmentsEnumerated(enrollments);
345 }
346
removeEnrollmentsImpl(ISessionCallback * cb,const std::vector<int32_t> & enrollmentIds)347 void FakeFaceEngine::removeEnrollmentsImpl(ISessionCallback* cb,
348 const std::vector<int32_t>& enrollmentIds) {
349 BEGIN_OP(0);
350
351 std::vector<std::optional<int32_t>> newEnrollments;
352 for (const auto& enrollment : Face::cfg().getopt<OptIntVec>("enrollments")) {
353 auto id = enrollment.value_or(0);
354 if (std::find(enrollmentIds.begin(), enrollmentIds.end(), id) == enrollmentIds.end()) {
355 newEnrollments.emplace_back(id);
356 }
357 }
358 Face::cfg().setopt<OptIntVec>("enrollments", newEnrollments);
359 cb->onEnrollmentsRemoved(enrollmentIds);
360 }
361
getFeaturesImpl(ISessionCallback * cb)362 void FakeFaceEngine::getFeaturesImpl(ISessionCallback* cb) {
363 BEGIN_OP(0);
364
365 if (Face::cfg().getopt<OptIntVec>("enrollments").empty()) {
366 cb->onError(Error::UNABLE_TO_PROCESS, 0 /* vendorCode */);
367 return;
368 }
369
370 std::vector<Feature> featuresToReturn = {};
371 for (const auto& feature : FaceHalProperties::features()) {
372 if (feature) {
373 featuresToReturn.push_back((Feature)(*feature));
374 }
375 }
376 cb->onFeaturesRetrieved(featuresToReturn);
377 }
378
setFeatureImpl(ISessionCallback * cb,const keymaster::HardwareAuthToken & hat,Feature feature,bool enabled)379 void FakeFaceEngine::setFeatureImpl(ISessionCallback* cb, const keymaster::HardwareAuthToken& hat,
380 Feature feature, bool enabled) {
381 BEGIN_OP(0);
382
383 if (Face::cfg().getopt<OptIntVec>("enrollments").empty()) {
384 LOG(ERROR) << "Unable to set feature, enrollments are empty";
385 cb->onError(Error::UNABLE_TO_PROCESS, 0 /* vendorCode */);
386 return;
387 }
388
389 if (hat.mac.empty()) {
390 LOG(ERROR) << "Unable to set feature, invalid hat";
391 cb->onError(Error::UNABLE_TO_PROCESS, 0 /* vendorCode */);
392 return;
393 }
394
395 auto features = Face::cfg().getopt<OptIntVec>("features");
396
397 auto itr = std::find_if(features.begin(), features.end(), [feature](const auto& theFeature) {
398 return *theFeature == (int)feature;
399 });
400
401 if (!enabled && (itr != features.end())) {
402 features.erase(itr);
403 } else if (enabled && (itr == features.end())) {
404 features.push_back((int)feature);
405 }
406
407 Face::cfg().setopt<OptIntVec>("features", features);
408 cb->onFeatureSet(feature);
409 }
410
getAuthenticatorIdImpl(ISessionCallback * cb)411 void FakeFaceEngine::getAuthenticatorIdImpl(ISessionCallback* cb) {
412 BEGIN_OP(0);
413 // If this is a weak HAL return 0 per the spec.
414 if (GetSensorStrength() != common::SensorStrength::STRONG) {
415 cb->onAuthenticatorIdRetrieved(0);
416 } else {
417 cb->onAuthenticatorIdRetrieved(Face::cfg().get<std::int64_t>("authenticator_id"));
418 }
419 }
420
invalidateAuthenticatorIdImpl(ISessionCallback * cb)421 void FakeFaceEngine::invalidateAuthenticatorIdImpl(ISessionCallback* cb) {
422 BEGIN_OP(0);
423 int64_t authenticatorId = Face::cfg().get<std::int64_t>("authenticator_id");
424 int64_t newId = authenticatorId + 1;
425 Face::cfg().set<std::int64_t>("authenticator_id", newId);
426 cb->onAuthenticatorIdInvalidated(newId);
427 }
428
resetLockoutImpl(ISessionCallback * cb,const keymaster::HardwareAuthToken &)429 void FakeFaceEngine::resetLockoutImpl(ISessionCallback* cb,
430 const keymaster::HardwareAuthToken& /*hat*/) {
431 BEGIN_OP(0);
432 Face::cfg().set<bool>("lockout", false);
433 mLockoutTracker.reset();
434 cb->onLockoutCleared();
435 }
436
getRandomInRange(int32_t bound1,int32_t bound2)437 int32_t FakeFaceEngine::getRandomInRange(int32_t bound1, int32_t bound2) {
438 std::uniform_int_distribution<int32_t> dist(std::min(bound1, bound2), std::max(bound1, bound2));
439 return dist(mRandom);
440 }
441
getLatency(const std::vector<std::optional<std::int32_t>> & latencyIn)442 int32_t FakeFaceEngine::getLatency(const std::vector<std::optional<std::int32_t>>& latencyIn) {
443 int32_t res = DEFAULT_LATENCY;
444
445 std::vector<int32_t> latency;
446 for (auto x : latencyIn)
447 if (x.has_value()) latency.push_back(*x);
448
449 switch (latency.size()) {
450 case 0:
451 break;
452 case 1:
453 res = latency[0];
454 break;
455 case 2:
456 res = getRandomInRange(latency[0], latency[1]);
457 break;
458 default:
459 LOG(ERROR) << "ERROR: unexpected input of size " << latency.size();
460 break;
461 }
462
463 return res;
464 }
465
466 } // namespace aidl::android::hardware::biometrics::face
467