Edit

Share via

Adapter Workflow

  • Article

This section describes the enrollment workflow from the perspective of the adapter plugins.

In Windows 10, we have implemented a V4 engine interface that provides 2 new engine adapter functions, EngineAdapterCreateKey and EngineAdapterIdentifyFeatureSetSecure. These new functions allow support for secure biometrics using TPM 2.0. The following table shows the adapter-side enrollment workflow.

Client API Adapter Methods
WinBioGetProperty(EXTENDED_ENGINE_INFO) EngineAdapterQueryExtendedInfo
WinBioEnrollBegin
  1. StorageAdapterQueryBySubject
  2. SensorAdapterClearContext
  3. EngineAdapterClearContext
  4. StorageAdapterClearContext
  5. EngineAdapterCreateEnrollment
  6. EngineAdapterSetEnrollmentParameters
WinBioEnrollCapture
  1. SensorAdapterStartCapture
  2. SensorAdapterFinishCapture
  3. SensorAdapterPushDataToEngine[->EngineAdapterAcceptSampleData]
  4. If S_OK or WINBIO_I_MORE_DATA
    1. EngineAdapterUpdateEnrollment
    2. [Caller continues enrollment]
  5. Else if WINBIO_E_BAD_CAPTURE [Caller displays reject feedback, continues enrollment]
  6. Else if other ERROR
    1. EngineAdapterClearContext
    2. StorageAdapterClearContext
    3. [Bio service aborts enrollment]
WinBioGetProperty (EXTENDED_ENROLLMENT_STATUS) EngineAdapterQueryExtendedEnrollmentStatus
WinBioEnrollCommit
  1. EngineAdapterCheckForDuplicate
  2. If REMOVABLE DATABASE
    1. EngineAdapterGetEnrollmentHash
    2. EngineAdapterCommitEnrollment
  3. ElseEngineAdapterCommitEnrollment
WinBioEnrollDiscard
  1. EngineAdapterDiscardEnrollment
  2. EngineAdapterClearContext
  3. StorageAdapterClearContext