Deprecating the aidl for Android Protected Confirmation

Android Protected Confirmation is deprecated due to the high
support/maintenance cost for Android device makers and low adoption rate
among app developers. APC requires Android device makers to have a
substantial amount of device-specific UI code running in the trusted
execution environment. That has proven to be expensive to maintain and
non-scalable, as there cannot be a single implementations device makers
can share or use as a reference. Additionally, app developers have not
adopted this feature, as the Android platform offers other mechanisms
for authentication a user's intent. These mechanisms, such as
authentication-bound Keystore keys, are less secure than Trusted UI, but
are more wide-spread. While we explore alternatives to APC that are
viable to the device makers ecosystem, we sunset the APC API.

Bug: 313856313
Test: atest keystore2_test && atest CtsKeystoreTestCases
Change-Id: If065697ed13e3de706b8dde5cc5e2b6018592018

keystore2/aidl/android/security/apc/IConfirmationCallback.aidl

diff --git a/keystore2/aidl/android/security/apc/IConfirmationCallback.aidl b/keystore2/aidl/android/security/apc/IConfirmationCallback.aidl
index 277b9dd..5b22be0 100644
--- a/keystore2/aidl/android/security/apc/IConfirmationCallback.aidl
+++ b/keystore2/aidl/android/security/apc/IConfirmationCallback.aidl
@@ -27,6 +27,10 @@
     /**
      * This callback gets called by the implementing service when a pending confirmation prompt
      * gets finalized.
+     * @deprecated Android Protected Confirmation had a low adoption rate among Android device
+     *             makers and developers alike. Given the lack of devices supporting the feature,
+     *             it is deprecated. Developers can use auth-bound Keystore keys as a partial
+     *             replacement.
      *
      * @param result
      *  - ResponseCode.OK On success. In this case dataConfirmed must be non null.

keystore2/aidl/android/security/apc/IProtectedConfirmation.aidl

diff --git a/keystore2/aidl/android/security/apc/IProtectedConfirmation.aidl b/keystore2/aidl/android/security/apc/IProtectedConfirmation.aidl
index 3162224..9f97847 100644
--- a/keystore2/aidl/android/security/apc/IProtectedConfirmation.aidl
+++ b/keystore2/aidl/android/security/apc/IProtectedConfirmation.aidl
@@ -35,6 +35,10 @@
     /**
      * Present the confirmation prompt. The caller must implement IConfirmationCallback and pass
      * it to this function as listener.
+     * @deprecated Android Protected Confirmation had a low adoption rate among Android device
+     *             makers and developers alike. Given the lack of devices supporting the
+     *             feature, it is deprecated. Developers can use auth-bound Keystore keys
+     *             as a partial replacement.
      *
      * @param listener Must implement IConfirmationCallback. Doubles as session identifier when
      *           passed to cancelPrompt.
@@ -55,6 +59,11 @@
 
     /**
      * Cancel an ongoing prompt.
+     * @deprecated Android Protected Confirmation had a low adoption rate among Android device
+     *             makers and developers alike. Given the lack of devices supporting the 
+     *             feature, it is deprecated. Developers can use auth-bound Keystore keys as
+     *             a partial replacement.
+     *
      *
      * @param listener Must implement IConfirmationCallback, although in this context this binder
      *            token is only used to identify the session that is to be cancelled.
@@ -66,6 +75,10 @@
 
     /**
      * Returns true if the device supports Android Protected Confirmation.
+     * @deprecated Android Protected Confirmation had a low adoption rate among Android device
+     *             makers and developers alike. Given the lack of devices supporting the
+     *             feature, it is deprecated. Developers can use auth-bound Keystore keys
+     *             as a partial replacement.
      */
     boolean isSupported();
 }