Adrian Roos | 82142c2 | 2014-03-27 14:56:59 +0100 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (C) 2014 The Android Open Source Project |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License |
| 15 | */ |
| 16 | |
| 17 | package android.app.trust; |
| 18 | |
Clara Bayarri | 00a9b89 | 2016-01-13 16:17:09 +0000 | [diff] [blame] | 19 | import android.Manifest; |
Clara Bayarri | 00a9b89 | 2016-01-13 16:17:09 +0000 | [diff] [blame] | 20 | import android.annotation.RequiresPermission; |
Adrian Roos | 82142c2 | 2014-03-27 14:56:59 +0100 | [diff] [blame] | 21 | import android.os.Handler; |
| 22 | import android.os.IBinder; |
| 23 | import android.os.Looper; |
| 24 | import android.os.Message; |
| 25 | import android.os.RemoteException; |
| 26 | import android.util.ArrayMap; |
Jeff Sharkey | f888056 | 2016-02-26 13:03:01 -0700 | [diff] [blame] | 27 | |
| 28 | import com.android.internal.widget.LockPatternUtils; |
Adrian Roos | 82142c2 | 2014-03-27 14:56:59 +0100 | [diff] [blame] | 29 | |
| 30 | /** |
| 31 | * See {@link com.android.server.trust.TrustManagerService} |
| 32 | * @hide |
| 33 | */ |
| 34 | public class TrustManager { |
| 35 | |
| 36 | private static final int MSG_TRUST_CHANGED = 1; |
Adrian Roos | 7861c66 | 2014-07-25 15:37:28 +0200 | [diff] [blame] | 37 | private static final int MSG_TRUST_MANAGED_CHANGED = 2; |
Adrian Roos | 82142c2 | 2014-03-27 14:56:59 +0100 | [diff] [blame] | 38 | |
| 39 | private static final String TAG = "TrustManager"; |
Adrian Roos | 94e15a5 | 2015-04-16 12:23:18 -0700 | [diff] [blame] | 40 | private static final String DATA_FLAGS = "initiatedByUser"; |
Adrian Roos | 82142c2 | 2014-03-27 14:56:59 +0100 | [diff] [blame] | 41 | |
| 42 | private final ITrustManager mService; |
| 43 | private final ArrayMap<TrustListener, ITrustListener> mTrustListeners; |
| 44 | |
| 45 | public TrustManager(IBinder b) { |
| 46 | mService = ITrustManager.Stub.asInterface(b); |
| 47 | mTrustListeners = new ArrayMap<TrustListener, ITrustListener>(); |
| 48 | } |
| 49 | |
| 50 | /** |
Clara Bayarri | 56878a9 | 2015-10-29 15:43:55 +0000 | [diff] [blame] | 51 | * Changes the lock status for the given user. This is only applicable to Managed Profiles, |
| 52 | * other users should be handled by Keyguard. |
| 53 | * |
Clara Bayarri | 00a9b89 | 2016-01-13 16:17:09 +0000 | [diff] [blame] | 54 | * Requires the {@link android.Manifest.permission#ACCESS_KEYGUARD_SECURE_STORAGE} permission. |
| 55 | * |
Clara Bayarri | 56878a9 | 2015-10-29 15:43:55 +0000 | [diff] [blame] | 56 | * @param userId The id for the user to be locked/unlocked. |
| 57 | * @param locked The value for that user's locked state. |
| 58 | */ |
Clara Bayarri | 00a9b89 | 2016-01-13 16:17:09 +0000 | [diff] [blame] | 59 | @RequiresPermission(Manifest.permission.ACCESS_KEYGUARD_SECURE_STORAGE) |
Clara Bayarri | 56878a9 | 2015-10-29 15:43:55 +0000 | [diff] [blame] | 60 | public void setDeviceLockedForUser(int userId, boolean locked) { |
| 61 | try { |
| 62 | mService.setDeviceLockedForUser(userId, locked); |
| 63 | } catch (RemoteException e) { |
Jeff Sharkey | f888056 | 2016-02-26 13:03:01 -0700 | [diff] [blame] | 64 | throw e.rethrowFromSystemServer(); |
Clara Bayarri | 56878a9 | 2015-10-29 15:43:55 +0000 | [diff] [blame] | 65 | } |
| 66 | } |
| 67 | |
| 68 | /** |
Adrian Roos | 82142c2 | 2014-03-27 14:56:59 +0100 | [diff] [blame] | 69 | * Reports that user {@param userId} has tried to unlock the device. |
| 70 | * |
| 71 | * @param successful if true, the unlock attempt was successful. |
| 72 | * |
| 73 | * Requires the {@link android.Manifest.permission#ACCESS_KEYGUARD_SECURE_STORAGE} permission. |
| 74 | */ |
| 75 | public void reportUnlockAttempt(boolean successful, int userId) { |
| 76 | try { |
| 77 | mService.reportUnlockAttempt(successful, userId); |
| 78 | } catch (RemoteException e) { |
Jeff Sharkey | f888056 | 2016-02-26 13:03:01 -0700 | [diff] [blame] | 79 | throw e.rethrowFromSystemServer(); |
Adrian Roos | 82142c2 | 2014-03-27 14:56:59 +0100 | [diff] [blame] | 80 | } |
| 81 | } |
| 82 | |
| 83 | /** |
| 84 | * Reports that the list of enabled trust agents changed for user {@param userId}. |
| 85 | * |
| 86 | * Requires the {@link android.Manifest.permission#ACCESS_KEYGUARD_SECURE_STORAGE} permission. |
| 87 | */ |
| 88 | public void reportEnabledTrustAgentsChanged(int userId) { |
| 89 | try { |
| 90 | mService.reportEnabledTrustAgentsChanged(userId); |
| 91 | } catch (RemoteException e) { |
Jeff Sharkey | f888056 | 2016-02-26 13:03:01 -0700 | [diff] [blame] | 92 | throw e.rethrowFromSystemServer(); |
Adrian Roos | 82142c2 | 2014-03-27 14:56:59 +0100 | [diff] [blame] | 93 | } |
| 94 | } |
| 95 | |
| 96 | /** |
Adrian Roos | 481a6df | 2014-11-20 19:48:56 +0100 | [diff] [blame] | 97 | * Reports that the visibility of the keyguard has changed. |
| 98 | * |
| 99 | * Requires the {@link android.Manifest.permission#ACCESS_KEYGUARD_SECURE_STORAGE} permission. |
| 100 | */ |
| 101 | public void reportKeyguardShowingChanged() { |
| 102 | try { |
| 103 | mService.reportKeyguardShowingChanged(); |
| 104 | } catch (RemoteException e) { |
Jeff Sharkey | f888056 | 2016-02-26 13:03:01 -0700 | [diff] [blame] | 105 | throw e.rethrowFromSystemServer(); |
Adrian Roos | 481a6df | 2014-11-20 19:48:56 +0100 | [diff] [blame] | 106 | } |
| 107 | } |
| 108 | |
| 109 | /** |
Adrian Roos | 82142c2 | 2014-03-27 14:56:59 +0100 | [diff] [blame] | 110 | * Registers a listener for trust events. |
| 111 | * |
| 112 | * Requires the {@link android.Manifest.permission#TRUST_LISTENER} permission. |
| 113 | */ |
| 114 | public void registerTrustListener(final TrustListener trustListener) { |
| 115 | try { |
| 116 | ITrustListener.Stub iTrustListener = new ITrustListener.Stub() { |
| 117 | @Override |
Adrian Roos | 94e15a5 | 2015-04-16 12:23:18 -0700 | [diff] [blame] | 118 | public void onTrustChanged(boolean enabled, int userId, int flags) { |
Adrian Roos | 3c9a350 | 2014-08-06 19:09:45 +0200 | [diff] [blame] | 119 | Message m = mHandler.obtainMessage(MSG_TRUST_CHANGED, (enabled ? 1 : 0), userId, |
| 120 | trustListener); |
Adrian Roos | 94e15a5 | 2015-04-16 12:23:18 -0700 | [diff] [blame] | 121 | if (flags != 0) { |
| 122 | m.getData().putInt(DATA_FLAGS, flags); |
Adrian Roos | 3c9a350 | 2014-08-06 19:09:45 +0200 | [diff] [blame] | 123 | } |
| 124 | m.sendToTarget(); |
Adrian Roos | 82142c2 | 2014-03-27 14:56:59 +0100 | [diff] [blame] | 125 | } |
Adrian Roos | 7861c66 | 2014-07-25 15:37:28 +0200 | [diff] [blame] | 126 | |
| 127 | @Override |
Adrian Roos | 3c9a350 | 2014-08-06 19:09:45 +0200 | [diff] [blame] | 128 | public void onTrustManagedChanged(boolean managed, int userId) { |
Adrian Roos | 7861c66 | 2014-07-25 15:37:28 +0200 | [diff] [blame] | 129 | mHandler.obtainMessage(MSG_TRUST_MANAGED_CHANGED, (managed ? 1 : 0), userId, |
| 130 | trustListener).sendToTarget(); |
| 131 | } |
Adrian Roos | 82142c2 | 2014-03-27 14:56:59 +0100 | [diff] [blame] | 132 | }; |
| 133 | mService.registerTrustListener(iTrustListener); |
| 134 | mTrustListeners.put(trustListener, iTrustListener); |
| 135 | } catch (RemoteException e) { |
Jeff Sharkey | f888056 | 2016-02-26 13:03:01 -0700 | [diff] [blame] | 136 | throw e.rethrowFromSystemServer(); |
Adrian Roos | 82142c2 | 2014-03-27 14:56:59 +0100 | [diff] [blame] | 137 | } |
| 138 | } |
| 139 | |
| 140 | /** |
| 141 | * Unregisters a listener for trust events. |
| 142 | * |
| 143 | * Requires the {@link android.Manifest.permission#TRUST_LISTENER} permission. |
| 144 | */ |
| 145 | public void unregisterTrustListener(final TrustListener trustListener) { |
| 146 | ITrustListener iTrustListener = mTrustListeners.remove(trustListener); |
| 147 | if (iTrustListener != null) { |
| 148 | try { |
| 149 | mService.unregisterTrustListener(iTrustListener); |
| 150 | } catch (RemoteException e) { |
Jeff Sharkey | f888056 | 2016-02-26 13:03:01 -0700 | [diff] [blame] | 151 | throw e.rethrowFromSystemServer(); |
Adrian Roos | 82142c2 | 2014-03-27 14:56:59 +0100 | [diff] [blame] | 152 | } |
| 153 | } |
| 154 | } |
| 155 | |
Adrian Roos | c13723f | 2016-01-12 20:29:03 +0100 | [diff] [blame] | 156 | /** |
Adrian Roos | c8d807a | 2016-01-25 14:09:01 -0800 | [diff] [blame] | 157 | * @return whether {@param userId} has enabled and configured trust agents. Ignores short-term |
Adrian Roos | c13723f | 2016-01-12 20:29:03 +0100 | [diff] [blame] | 158 | * unavailability of trust due to {@link LockPatternUtils.StrongAuthTracker}. |
| 159 | */ |
| 160 | @RequiresPermission(android.Manifest.permission.TRUST_LISTENER) |
| 161 | public boolean isTrustUsuallyManaged(int userId) { |
| 162 | try { |
| 163 | return mService.isTrustUsuallyManaged(userId); |
| 164 | } catch (RemoteException e) { |
Jeff Sharkey | f888056 | 2016-02-26 13:03:01 -0700 | [diff] [blame] | 165 | throw e.rethrowFromSystemServer(); |
Adrian Roos | c13723f | 2016-01-12 20:29:03 +0100 | [diff] [blame] | 166 | } |
| 167 | } |
| 168 | |
Adrian Roos | 82142c2 | 2014-03-27 14:56:59 +0100 | [diff] [blame] | 169 | private final Handler mHandler = new Handler(Looper.getMainLooper()) { |
| 170 | @Override |
| 171 | public void handleMessage(Message msg) { |
| 172 | switch(msg.what) { |
| 173 | case MSG_TRUST_CHANGED: |
Adrian Roos | 94e15a5 | 2015-04-16 12:23:18 -0700 | [diff] [blame] | 174 | int flags = msg.peekData() != null ? msg.peekData().getInt(DATA_FLAGS) : 0; |
| 175 | ((TrustListener)msg.obj).onTrustChanged(msg.arg1 != 0, msg.arg2, flags); |
Adrian Roos | 82142c2 | 2014-03-27 14:56:59 +0100 | [diff] [blame] | 176 | break; |
Adrian Roos | 7861c66 | 2014-07-25 15:37:28 +0200 | [diff] [blame] | 177 | case MSG_TRUST_MANAGED_CHANGED: |
| 178 | ((TrustListener)msg.obj).onTrustManagedChanged(msg.arg1 != 0, msg.arg2); |
Adrian Roos | 82142c2 | 2014-03-27 14:56:59 +0100 | [diff] [blame] | 179 | } |
| 180 | } |
| 181 | }; |
| 182 | |
| 183 | public interface TrustListener { |
| 184 | |
| 185 | /** |
| 186 | * Reports that the trust state has changed. |
| 187 | * @param enabled if true, the system believes the environment to be trusted. |
| 188 | * @param userId the user, for which the trust changed. |
Adrian Roos | 94e15a5 | 2015-04-16 12:23:18 -0700 | [diff] [blame] | 189 | * @param flags flags specified by the trust agent when granting trust. See |
| 190 | * {@link android.service.trust.TrustAgentService#grantTrust(CharSequence, long, int) |
| 191 | * TrustAgentService.grantTrust(CharSequence, long, int)}. |
Adrian Roos | 82142c2 | 2014-03-27 14:56:59 +0100 | [diff] [blame] | 192 | */ |
Adrian Roos | 94e15a5 | 2015-04-16 12:23:18 -0700 | [diff] [blame] | 193 | void onTrustChanged(boolean enabled, int userId, int flags); |
Adrian Roos | 7861c66 | 2014-07-25 15:37:28 +0200 | [diff] [blame] | 194 | |
| 195 | /** |
| 196 | * Reports that whether trust is managed has changed |
| 197 | * @param enabled if true, at least one trust agent is managing trust. |
| 198 | * @param userId the user, for which the state changed. |
| 199 | */ |
| 200 | void onTrustManagedChanged(boolean enabled, int userId); |
Adrian Roos | 82142c2 | 2014-03-27 14:56:59 +0100 | [diff] [blame] | 201 | } |
| 202 | } |