Define initial trust agent API
Adds the minimal API needed to define a useful trust agent.
Bug: 13723878
Change-Id: Ib24440bab7b16d0b656bde8b059e7d42cab2c7dc
diff --git a/Android.mk b/Android.mk
index 58eae8a..442c716 100644
--- a/Android.mk
+++ b/Android.mk
@@ -190,6 +190,8 @@
core/java/android/service/dreams/IDozeHardware.aidl \
core/java/android/service/dreams/IDreamManager.aidl \
core/java/android/service/dreams/IDreamService.aidl \
+ core/java/android/service/trust/ITrustAgentService.aidl \
+ core/java/android/service/trust/ITrustAgentServiceCallback.aidl \
core/java/android/service/wallpaper/IWallpaperConnection.aidl \
core/java/android/service/wallpaper/IWallpaperEngine.aidl \
core/java/android/service/wallpaper/IWallpaperService.aidl \
diff --git a/api/current.txt b/api/current.txt
index 4265417..bf97836 100644
--- a/api/current.txt
+++ b/api/current.txt
@@ -28,6 +28,7 @@
field public static final java.lang.String BIND_PRINT_SERVICE = "android.permission.BIND_PRINT_SERVICE";
field public static final java.lang.String BIND_REMOTEVIEWS = "android.permission.BIND_REMOTEVIEWS";
field public static final java.lang.String BIND_TEXT_SERVICE = "android.permission.BIND_TEXT_SERVICE";
+ field public static final java.lang.String BIND_TRUST_AGENT_SERVICE = "android.permission.BIND_TRUST_AGENT_SERVICE";
field public static final java.lang.String BIND_VPN_SERVICE = "android.permission.BIND_VPN_SERVICE";
field public static final java.lang.String BIND_WALLPAPER = "android.permission.BIND_WALLPAPER";
field public static final java.lang.String BLUETOOTH = "android.permission.BLUETOOTH";
@@ -24387,6 +24388,20 @@
}
+package android.service.trust {
+
+ public class TrustAgentService extends android.app.Service {
+ ctor public TrustAgentService();
+ method protected final void enableTrust(java.lang.String, long, boolean);
+ method public final android.os.IBinder onBind(android.content.Intent);
+ method protected void onUnlockAttempt(boolean);
+ method protected final void revokeTrust();
+ field public static final java.lang.String SERVICE_INTERFACE = "android.service.trust.TrustAgentService";
+ field public static final java.lang.String TRUST_AGENT_META_DATA = "android.service.trust.trustagent";
+ }
+
+}
+
package android.service.wallpaper {
public abstract class WallpaperService extends android.app.Service {
diff --git a/core/java/android/service/trust/ITrustAgentService.aidl b/core/java/android/service/trust/ITrustAgentService.aidl
new file mode 100644
index 0000000..863a249
--- /dev/null
+++ b/core/java/android/service/trust/ITrustAgentService.aidl
@@ -0,0 +1,28 @@
+/*
+ * Copyright (C) 2014 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.service.trust;
+
+import android.os.Bundle;
+import android.service.trust.ITrustAgentServiceCallback;
+
+/**
+ * Communication channel from TrustManagerService to the TrustAgent.
+ * @hide
+ */
+oneway interface ITrustAgentService {
+ void onUnlockAttempt(boolean successful);
+ void setCallback(ITrustAgentServiceCallback callback);
+}
diff --git a/core/java/android/service/trust/ITrustAgentServiceCallback.aidl b/core/java/android/service/trust/ITrustAgentServiceCallback.aidl
new file mode 100644
index 0000000..c346771
--- /dev/null
+++ b/core/java/android/service/trust/ITrustAgentServiceCallback.aidl
@@ -0,0 +1,28 @@
+/*
+ * Copyright (C) 2014 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package android.service.trust;
+
+import android.os.Bundle;
+import android.os.UserHandle;
+
+/**
+ * Communication channel from the TrustAgentService back to TrustManagerService.
+ * @hide
+ */
+oneway interface ITrustAgentServiceCallback {
+ void enableTrust(String message, long durationMs, boolean initiatedByUser);
+ void revokeTrust();
+}
diff --git a/core/java/android/service/trust/TrustAgentService.java b/core/java/android/service/trust/TrustAgentService.java
new file mode 100644
index 0000000..d5ce429
--- /dev/null
+++ b/core/java/android/service/trust/TrustAgentService.java
@@ -0,0 +1,148 @@
+/**
+ * Copyright (C) 2014 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package android.service.trust;
+
+import android.annotation.SdkConstant;
+import android.app.Service;
+import android.content.Intent;
+import android.os.Handler;
+import android.os.IBinder;
+import android.os.RemoteException;
+import android.util.Slog;
+
+/**
+ * A service that notifies the system about whether it believes the environment of the device
+ * to be trusted.
+ *
+ * <p>To extend this class, you must declare the service in your manifest file with
+ * the {@link android.Manifest.permission#BIND_TRUST_AGENT_SERVICE} permission
+ * and include an intent filter with the {@link #SERVICE_INTERFACE} action. For example:</p>
+ * <pre>
+ * <service android:name=".TrustAgent"
+ * android:label="@string/service_name"
+ * android:permission="android.permission.BIND_TRUST_AGENT_SERVICE">
+ * <intent-filter>
+ * <action android:name="android.service.trust.TrustAgentService" />
+ * </intent-filter>
+ * <meta-data android:name="android.service.trust.trustagent"
+ * android:value="@xml/trust_agent" />
+ * </service></pre>
+ *
+ * <p>The associated meta-data file can specify an activity that is accessible through Settings
+ * and should allow configuring the trust agent, as defined in
+ * {@link android.R.styleable#TrustAgent}. For example:</p>
+ *
+ * <pre>
+ * <trust_agent xmlns:android="http://schemas.android.com/apk/res/android"
+ * android:settingsActivity=".TrustAgentSettings" /></pre>
+ */
+public class TrustAgentService extends Service {
+ private final String TAG = TrustAgentService.class.getSimpleName() +
+ "[" + getClass().getSimpleName() + "]";
+
+ /**
+ * The {@link Intent} that must be declared as handled by the service.
+ */
+ @SdkConstant(SdkConstant.SdkConstantType.SERVICE_ACTION)
+ public static final String SERVICE_INTERFACE
+ = "android.service.trust.TrustAgentService";
+
+ /**
+ * The name of the {@code meta-data} tag pointing to additional configuration of the trust
+ * agent.
+ */
+ public static final String TRUST_AGENT_META_DATA = "android.service.trust.trustagent";
+
+ private static final int MSG_UNLOCK_ATTEMPT = 1;
+
+ private static final boolean DEBUG = false;
+
+ private ITrustAgentServiceCallback mCallback;
+
+ private Handler mHandler = new Handler() {
+ public void handleMessage(android.os.Message msg) {
+ switch (msg.what) {
+ case MSG_UNLOCK_ATTEMPT:
+ onUnlockAttempt(msg.arg1 != 0);
+ break;
+ }
+ };
+ };
+
+ /**
+ * Called when the user attempted to authenticate on the device.
+ *
+ * @param successful true if the attempt succeeded
+ */
+ protected void onUnlockAttempt(boolean successful) {
+ }
+
+ private void onError(String msg) {
+ Slog.v(TAG, "Remote exception while " + msg);
+ }
+
+ /**
+ * Call to enable trust on the device.
+ *
+ * @param message describes why the device is trusted, e.g. "Trusted by location".
+ * @param durationMs amount of time in milliseconds to keep the device in a trusted state. Trust
+ * for this agent will automatically be revoked when the timeout expires.
+ * @param initiatedByUser indicates that the user has explicitly initiated an action that proves
+ * the user is about to use the device.
+ */
+ protected final void enableTrust(String message, long durationMs, boolean initiatedByUser) {
+ if (mCallback != null) {
+ try {
+ mCallback.enableTrust(message, durationMs, initiatedByUser);
+ } catch (RemoteException e) {
+ onError("calling enableTrust()");
+ }
+ }
+ }
+
+ /**
+ * Call to revoke trust on the device.
+ */
+ protected final void revokeTrust() {
+ if (mCallback != null) {
+ try {
+ mCallback.revokeTrust();
+ } catch (RemoteException e) {
+ onError("calling revokeTrust()");
+ }
+ }
+ }
+
+ @Override
+ public final IBinder onBind(Intent intent) {
+ if (DEBUG) Slog.v(TAG, "onBind() intent = " + intent);
+ return new TrustAgentServiceWrapper();
+ }
+
+ private final class TrustAgentServiceWrapper extends ITrustAgentService.Stub {
+ @Override
+ public void onUnlockAttempt(boolean successful) {
+ mHandler.obtainMessage(MSG_UNLOCK_ATTEMPT, successful ? 1 : 0, 0)
+ .sendToTarget();
+ }
+
+ public void setCallback(ITrustAgentServiceCallback callback) {
+ mCallback = callback;
+ }
+ }
+
+}
diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml
index 2168bd1..2e0ac08 100644
--- a/core/res/AndroidManifest.xml
+++ b/core/res/AndroidManifest.xml
@@ -2548,6 +2548,14 @@
android:description="@string/permdesc_control_keyguard" />
<!-- Must be required by an {@link
+ android.service.trust.TrustAgentService},
+ to ensure that only the system can bind to it. -->
+ <permission android:name="android.permission.BIND_TRUST_AGENT_SERVICE"
+ android:protectionLevel="signature"
+ android:label="@string/permlab_bind_trust_agent_service"
+ android:description="@string/permdesc_bind_trust_agent_service" />
+
+ <!-- Must be required by an {@link
android.service.notification.NotificationListenerService},
to ensure that only the system can bind to it. -->
<permission android:name="android.permission.BIND_NOTIFICATION_LISTENER_SERVICE"
diff --git a/core/res/res/values/attrs.xml b/core/res/res/values/attrs.xml
index 999bc57..bd53e49 100644
--- a/core/res/res/values/attrs.xml
+++ b/core/res/res/values/attrs.xml
@@ -5925,6 +5925,16 @@
<attr name="settingsActivity" />
</declare-styleable>
+ <!-- Use <code>trust_agent</code> as the root tag of the XML resource that
+ describes an {@link android.service.trust.TrustAgentService}, which is
+ referenced from its {@link android.service.trust.TrustAgentService#TRUST_AGENT_META_DATA}
+ meta-data entry. Described here are the attributes that can be included in that tag. -->
+ <declare-styleable name="TrustAgent">
+ <!-- Component name of an activity that allows the user to modify
+ the settings for this TrustAgent. -->
+ <attr name="settingsActivity" />
+ </declare-styleable>
+
<!-- =============================== -->
<!-- Accounts package class attributes -->
<!-- =============================== -->
diff --git a/core/res/res/values/strings.xml b/core/res/res/values/strings.xml
index 0699e8b..eb16bbd 100644
--- a/core/res/res/values/strings.xml
+++ b/core/res/res/values/strings.xml
@@ -3651,6 +3651,11 @@
<!-- Description of an application permission that lets it control keyguard. -->
<string name="permdesc_control_keyguard">Allows an application to control keguard.</string>
+ <!-- Title of an application permission that lets it bind to a trust agent service. -->
+ <string name="permlab_bind_trust_agent_service">Bind to a trust agent service</string>
+ <!-- Description of an application permission that lets it bind to a trust agent service. -->
+ <string name="permdesc_bind_trust_agent_service">Allows an application to bind to a trust agent service.</string>
+
<!-- Title of an application permission that lets it interact with recovery. -->
<string name="permlab_recovery">Interact with update and recovery system</string>
<!-- Description of an application permission that lets it control keyguard. -->