DevicePolicyManager.java revision b8ec470617590fa2025db869e8e80dcce8eaec23
1d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn/* 2d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Copyright (C) 2010 The Android Open Source Project 3d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * 4d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Licensed under the Apache License, Version 2.0 (the "License"); 5d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * you may not use this file except in compliance with the License. 6d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * You may obtain a copy of the License at 7d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * 8d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * http://www.apache.org/licenses/LICENSE-2.0 9d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * 10d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Unless required by applicable law or agreed to in writing, software 11d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * distributed under the License is distributed on an "AS IS" BASIS, 12d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * See the License for the specific language governing permissions and 14d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * limitations under the License. 15d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 16d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 1787bba1ee14279bb14a28d42e27c4ef66d9967bf8Dianne Hackbornpackage android.app.admin; 18d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 19d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport org.xmlpull.v1.XmlPullParserException; 20d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 21d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport android.annotation.SdkConstant; 22d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport android.annotation.SdkConstant.SdkConstantType; 23d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport android.content.ComponentName; 24d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport android.content.Context; 25d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport android.content.pm.ActivityInfo; 26d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport android.content.pm.PackageManager; 27d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport android.content.pm.ResolveInfo; 28d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport android.os.Handler; 298ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackbornimport android.os.RemoteCallback; 30d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport android.os.RemoteException; 31d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport android.os.ServiceManager; 32d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport android.util.Log; 33d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 34d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport java.io.IOException; 3569238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayorimport java.net.InetSocketAddress; 3669238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayorimport java.net.Proxy; 37d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackbornimport java.util.List; 38d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 39d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn/** 40d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Public interface for managing policies enforced on a device. Most clients 41ef6b22fc04a8d5ab26e13efac8069c097e0da7c9Dianne Hackborn * of this class must have published a {@link DeviceAdminReceiver} that the user 42d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * has currently enabled. 433aef8e1d1b2f0b87d470bcccf37ba4ebb6560c45Joe Fernandez * 443aef8e1d1b2f0b87d470bcccf37ba4ebb6560c45Joe Fernandez * <div class="special reference"> 453aef8e1d1b2f0b87d470bcccf37ba4ebb6560c45Joe Fernandez * <h3>Developer Guides</h3> 463aef8e1d1b2f0b87d470bcccf37ba4ebb6560c45Joe Fernandez * <p>For more information about managing policies for device adminstration, read the 473aef8e1d1b2f0b87d470bcccf37ba4ebb6560c45Joe Fernandez * <a href="{@docRoot}guide/topics/admin/device-admin.html">Device Administration</a> 483aef8e1d1b2f0b87d470bcccf37ba4ebb6560c45Joe Fernandez * developer guide.</p> 493aef8e1d1b2f0b87d470bcccf37ba4ebb6560c45Joe Fernandez * </div> 50d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 51d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornpublic class DevicePolicyManager { 52d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn private static String TAG = "DevicePolicyManager"; 53d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 54d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn private final Context mContext; 55d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn private final IDevicePolicyManager mService; 563255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 5721f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn private DevicePolicyManager(Context context, Handler handler) { 58d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn mContext = context; 59d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn mService = IDevicePolicyManager.Stub.asInterface( 60d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn ServiceManager.getService(Context.DEVICE_POLICY_SERVICE)); 61d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 62d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 6387bba1ee14279bb14a28d42e27c4ef66d9967bf8Dianne Hackborn /** @hide */ 6487bba1ee14279bb14a28d42e27c4ef66d9967bf8Dianne Hackborn public static DevicePolicyManager create(Context context, Handler handler) { 6521f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn DevicePolicyManager me = new DevicePolicyManager(context, handler); 6621f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn return me.mService != null ? me : null; 6721f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn } 683255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 69d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 70d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Activity action: ask the user to add a new device administrator to the system. 71d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * The desired policy is the ComponentName of the policy in the 72d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * {@link #EXTRA_DEVICE_ADMIN} extra field. This will invoke a UI to 73d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * bring the user through adding the device administrator to the system (or 74d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * allowing them to reject it). 753255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * 768ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn * <p>You can optionally include the {@link #EXTRA_ADD_EXPLANATION} 778ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn * field to provide the user with additional explanation (in addition 788ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn * to your component's description) about what is being added. 79c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler * 80c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler * <p>If your administrator is already active, this will ordinarily return immediately (without 81c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler * user intervention). However, if your administrator has been updated and is requesting 82c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler * additional uses-policy flags, the user will be presented with the new list. New policies 83c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler * will not be available to the updated administrator until the user has accepted the new list. 84d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 85d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn @SdkConstant(SdkConstantType.ACTIVITY_INTENT_ACTION) 86d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn public static final String ACTION_ADD_DEVICE_ADMIN 87d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn = "android.app.action.ADD_DEVICE_ADMIN"; 883255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 89d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 90284b62e1b8c3419bfd02c6fea5ba0a68146c06f8Jim Miller * Activity action: send when any policy admin changes a policy. 91284b62e1b8c3419bfd02c6fea5ba0a68146c06f8Jim Miller * This is generally used to find out when a new policy is in effect. 923e5d3fd7e172ee85a7bb67baa01acbc3549dfdb6Jim Miller * 93284b62e1b8c3419bfd02c6fea5ba0a68146c06f8Jim Miller * @hide 94284b62e1b8c3419bfd02c6fea5ba0a68146c06f8Jim Miller */ 95284b62e1b8c3419bfd02c6fea5ba0a68146c06f8Jim Miller public static final String ACTION_DEVICE_POLICY_MANAGER_STATE_CHANGED 96284b62e1b8c3419bfd02c6fea5ba0a68146c06f8Jim Miller = "android.app.action.DEVICE_POLICY_MANAGER_STATE_CHANGED"; 97284b62e1b8c3419bfd02c6fea5ba0a68146c06f8Jim Miller 98284b62e1b8c3419bfd02c6fea5ba0a68146c06f8Jim Miller /** 99d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * The ComponentName of the administrator component. 100d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * 101d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * @see #ACTION_ADD_DEVICE_ADMIN 102d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 103d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn public static final String EXTRA_DEVICE_ADMIN = "android.app.extra.DEVICE_ADMIN"; 1043255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 105d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 1068ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn * An optional CharSequence providing additional explanation for why the 1078ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn * admin is being added. 1088ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn * 1098ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn * @see #ACTION_ADD_DEVICE_ADMIN 1108ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn */ 1118ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn public static final String EXTRA_ADD_EXPLANATION = "android.app.extra.ADD_EXPLANATION"; 1123255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 1133255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev /** 1143255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * Activity action: have the user enter a new password. This activity should 1153255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * be launched after using {@link #setPasswordQuality(ComponentName, int)}, 1163255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * or {@link #setPasswordMinimumLength(ComponentName, int)} to have the user 1173255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * enter a new password that meets the current requirements. You can use 1183255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * {@link #isActivePasswordSufficient()} to determine whether you need to 1193255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * have the user select a new password in order to meet the current 1203255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * constraints. Upon being resumed from this activity, you can check the new 1213255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * password characteristics to see if they are sufficient. 122d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 123d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn @SdkConstant(SdkConstantType.ACTIVITY_INTENT_ACTION) 124d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn public static final String ACTION_SET_NEW_PASSWORD 125d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn = "android.app.action.SET_NEW_PASSWORD"; 1263255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 127d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 128d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Return true if the given administrator component is currently 129d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * active (enabled) in the system. 130d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 131d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn public boolean isAdminActive(ComponentName who) { 132d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 133d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 134d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn return mService.isAdminActive(who); 135d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 136d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 137d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 138d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 139d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn return false; 140d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 1413255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 142d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 143d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn * Return a list of all currently active device administrator's component 144d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn * names. Note that if there are no administrators than null may be 145d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn * returned. 146d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn */ 147d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn public List<ComponentName> getActiveAdmins() { 148d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn if (mService != null) { 149d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn try { 150d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn return mService.getActiveAdmins(); 151d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn } catch (RemoteException e) { 152d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 153d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn } 154d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn } 155d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn return null; 156d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn } 1573255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 158d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn /** 15921f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn * @hide 16021f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn */ 16121f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn public boolean packageHasActiveAdmins(String packageName) { 16221f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn if (mService != null) { 16321f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn try { 16421f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn return mService.packageHasActiveAdmins(packageName); 16521f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn } catch (RemoteException e) { 16621f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 16721f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn } 16821f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn } 16921f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn return false; 17021f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn } 1713255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 17221f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn /** 173d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Remove a current administration component. This can only be called 174d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * by the application that owns the administration component; if you 175d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * try to remove someone else's component, a security exception will be 176d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * thrown. 177d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 178d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn public void removeActiveAdmin(ComponentName who) { 179d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 180d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 181d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn mService.removeActiveAdmin(who); 182d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 183d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 184d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 185d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 186d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 1873255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 188d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 189c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler * Returns true if an administrator has been granted a particular device policy. This can 190c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler * be used to check if the administrator was activated under an earlier set of policies, 191c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler * but requires additional policies after an upgrade. 192c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler * 193c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler * @param admin Which {@link DeviceAdminReceiver} this request is associated with. Must be 194c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler * an active administrator, or an exception will be thrown. 195c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler * @param usesPolicy Which uses-policy to check, as defined in {@link DeviceAdminInfo}. 196c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler */ 197c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler public boolean hasGrantedPolicy(ComponentName admin, int usesPolicy) { 198c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler if (mService != null) { 199c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler try { 200c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler return mService.hasGrantedPolicy(admin, usesPolicy); 201c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler } catch (RemoteException e) { 202c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler Log.w(TAG, "Failed talking with device policy service", e); 203c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler } 204c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler } 205c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler return false; 206c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler } 207c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler 208c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler /** 2099327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * Constant for {@link #setPasswordQuality}: the policy has no requirements 2109327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * for the password. Note that quality constants are ordered so that higher 211df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * values are more restrictive. 212d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 2139327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn public static final int PASSWORD_QUALITY_UNSPECIFIED = 0; 2143255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 215d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 2163e5d3fd7e172ee85a7bb67baa01acbc3549dfdb6Jim Miller * Constant for {@link #setPasswordQuality}: the policy allows for low-security biometric 2173e5d3fd7e172ee85a7bb67baa01acbc3549dfdb6Jim Miller * recognition technology. This implies technologies that can recognize the identity of 2183e5d3fd7e172ee85a7bb67baa01acbc3549dfdb6Jim Miller * an individual to about a 3 digit PIN (false detection is less than 1 in 1,000). 2193e5d3fd7e172ee85a7bb67baa01acbc3549dfdb6Jim Miller * Note that quality constants are ordered so that higher values are more restrictive. 2203e5d3fd7e172ee85a7bb67baa01acbc3549dfdb6Jim Miller */ 2213e5d3fd7e172ee85a7bb67baa01acbc3549dfdb6Jim Miller public static final int PASSWORD_QUALITY_BIOMETRIC_WEAK = 0x8000; 2223e5d3fd7e172ee85a7bb67baa01acbc3549dfdb6Jim Miller 2233e5d3fd7e172ee85a7bb67baa01acbc3549dfdb6Jim Miller /** 2249327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * Constant for {@link #setPasswordQuality}: the policy requires some kind 2259327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * of password, but doesn't care what it is. Note that quality constants 226df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * are ordered so that higher values are more restrictive. 227df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn */ 2289327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn public static final int PASSWORD_QUALITY_SOMETHING = 0x10000; 2293255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 230df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn /** 2319327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * Constant for {@link #setPasswordQuality}: the user must have entered a 2329327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * password containing at least numeric characters. Note that quality 2339327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * constants are ordered so that higher values are more restrictive. 234d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 2359327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn public static final int PASSWORD_QUALITY_NUMERIC = 0x20000; 2363255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 237d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 2389327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * Constant for {@link #setPasswordQuality}: the user must have entered a 23985f2c9ce5a0e074df2429a5d66e1754e368a0430Dianne Hackborn * password containing at least alphabetic (or other symbol) characters. 24085f2c9ce5a0e074df2429a5d66e1754e368a0430Dianne Hackborn * Note that quality constants are ordered so that higher values are more 24185f2c9ce5a0e074df2429a5d66e1754e368a0430Dianne Hackborn * restrictive. 24285f2c9ce5a0e074df2429a5d66e1754e368a0430Dianne Hackborn */ 24385f2c9ce5a0e074df2429a5d66e1754e368a0430Dianne Hackborn public static final int PASSWORD_QUALITY_ALPHABETIC = 0x40000; 2443255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 24585f2c9ce5a0e074df2429a5d66e1754e368a0430Dianne Hackborn /** 24685f2c9ce5a0e074df2429a5d66e1754e368a0430Dianne Hackborn * Constant for {@link #setPasswordQuality}: the user must have entered a 2479327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * password containing at least <em>both></em> numeric <em>and</em> 24885f2c9ce5a0e074df2429a5d66e1754e368a0430Dianne Hackborn * alphabetic (or other symbol) characters. Note that quality constants are 2499327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * ordered so that higher values are more restrictive. 250d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 25185f2c9ce5a0e074df2429a5d66e1754e368a0430Dianne Hackborn public static final int PASSWORD_QUALITY_ALPHANUMERIC = 0x50000; 2523255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 253d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 254a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * Constant for {@link #setPasswordQuality}: the user must have entered a 255c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * password containing at least a letter, a numerical digit and a special 256c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * symbol, by default. With this password quality, passwords can be 257c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * restricted to contain various sets of characters, like at least an 258c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * uppercase letter, etc. These are specified using various methods, 259c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * like {@link #setPasswordMinimumLowerCase(ComponentName, int)}. Note 260c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * that quality constants are ordered so that higher values are more 261c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * restrictive. 262a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev */ 263a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev public static final int PASSWORD_QUALITY_COMPLEX = 0x60000; 264a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev 265a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev /** 266d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Called by an application that is administering the device to set the 267d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * password restrictions it is imposing. After setting this, the user 268d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * will not be able to enter a new password that is not at least as 269d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * restrictive as what has been set. Note that the current password 270d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * will remain until the user has set a new one, so the change does not 271d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * take place immediately. To prompt the user for a new password, use 272d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * {@link #ACTION_SET_NEW_PASSWORD} after setting this value. 2733255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * 2749327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * <p>Quality constants are ordered so that higher values are more restrictive; 2759327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * thus the highest requested quality constant (between the policy set here, 276df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * the user's preference, and any other considerations) is the one that 277df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * is in effect. 2783255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * 2798aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * <p>The calling device admin must have requested 2808aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call 2818aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * this method; if it has not, a security exception will be thrown. 2823255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * 283ef6b22fc04a8d5ab26e13efac8069c097e0da7c9Dianne Hackborn * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 2849327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * @param quality The new desired quality. One of 2859327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * {@link #PASSWORD_QUALITY_UNSPECIFIED}, {@link #PASSWORD_QUALITY_SOMETHING}, 28685f2c9ce5a0e074df2429a5d66e1754e368a0430Dianne Hackborn * {@link #PASSWORD_QUALITY_NUMERIC}, {@link #PASSWORD_QUALITY_ALPHABETIC}, 287a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * {@link #PASSWORD_QUALITY_ALPHANUMERIC} or {@link #PASSWORD_QUALITY_COMPLEX}. 288d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 2899327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn public void setPasswordQuality(ComponentName admin, int quality) { 290d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 291d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 2929327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn mService.setPasswordQuality(admin, quality); 293d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 294d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 295d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 296d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 297d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 2983255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 299d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 3009327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * Retrieve the current minimum password quality for all admins 301254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * or a particular one. 302254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * @param admin The name of the admin component to check, or null to aggregate 303254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * all admins. 304d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 3059327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn public int getPasswordQuality(ComponentName admin) { 306d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 307d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 3089327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn return mService.getPasswordQuality(admin); 309d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 310d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 311d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 312d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 3139327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn return PASSWORD_QUALITY_UNSPECIFIED; 314d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 3153255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 316d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 317d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Called by an application that is administering the device to set the 318d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * minimum allowed password length. After setting this, the user 319d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * will not be able to enter a new password that is not at least as 320d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * restrictive as what has been set. Note that the current password 321d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * will remain until the user has set a new one, so the change does not 322d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * take place immediately. To prompt the user for a new password, use 323d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * {@link #ACTION_SET_NEW_PASSWORD} after setting this value. This 324d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * constraint is only imposed if the administrator has also requested either 325a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * {@link #PASSWORD_QUALITY_NUMERIC}, {@link #PASSWORD_QUALITY_ALPHABETIC} 326a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * {@link #PASSWORD_QUALITY_ALPHANUMERIC}, or {@link #PASSWORD_QUALITY_COMPLEX} 3279327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * with {@link #setPasswordQuality}. 3283255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * 3298aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * <p>The calling device admin must have requested 3308aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call 3318aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * this method; if it has not, a security exception will be thrown. 3323255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * 333ef6b22fc04a8d5ab26e13efac8069c097e0da7c9Dianne Hackborn * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 334d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * @param length The new desired minimum password length. A value of 0 335d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * means there is no restriction. 336d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 337254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn public void setPasswordMinimumLength(ComponentName admin, int length) { 338d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 339d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 340254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn mService.setPasswordMinimumLength(admin, length); 341d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 342d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 343d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 344d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 345d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 3463255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 347d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 348254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * Retrieve the current minimum password length for all admins 349254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * or a particular one. 350254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * @param admin The name of the admin component to check, or null to aggregate 351254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * all admins. 352d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 353254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn public int getPasswordMinimumLength(ComponentName admin) { 354d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 355d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 356254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn return mService.getPasswordMinimumLength(admin); 357d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 358d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 359d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 360d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 361d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn return 0; 362d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 3633255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 364a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev /** 365a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * Called by an application that is administering the device to set the 366a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * minimum number of upper case letters required in the password. After 367a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * setting this, the user will not be able to enter a new password that is 368a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * not at least as restrictive as what has been set. Note that the current 369a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * password will remain until the user has set a new one, so the change does 370a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * not take place immediately. To prompt the user for a new password, use 371a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * {@link #ACTION_SET_NEW_PASSWORD} after setting this value. This 372a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * constraint is only imposed if the administrator has also requested 373c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * {@link #PASSWORD_QUALITY_COMPLEX} with {@link #setPasswordQuality}. The 374c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * default value is 0. 375a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * <p> 376a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * The calling device admin must have requested 377a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call 378a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * this method; if it has not, a security exception will be thrown. 379a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * 380a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * @param admin Which {@link DeviceAdminReceiver} this request is associated 381a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * with. 382a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * @param length The new desired minimum number of upper case letters 383a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * required in the password. A value of 0 means there is no 384a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * restriction. 385a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev */ 386a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev public void setPasswordMinimumUpperCase(ComponentName admin, int length) { 387a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev if (mService != null) { 388a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev try { 389a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev mService.setPasswordMinimumUpperCase(admin, length); 390a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } catch (RemoteException e) { 391a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev Log.w(TAG, "Failed talking with device policy service", e); 392a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 393a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 394a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 395a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev 396a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev /** 397a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * Retrieve the current number of upper case letters required in the 398c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * password for all admins or a particular one. This is the same value as 399c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * set by {#link {@link #setPasswordMinimumUpperCase(ComponentName, int)} 400c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * and only applies when the password quality is 401c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * {@link #PASSWORD_QUALITY_COMPLEX}. 402a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * 403a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * @param admin The name of the admin component to check, or null to 404a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * aggregate all admins. 405a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * @return The minimum number of upper case letters required in the 406a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * password. 407a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev */ 408a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev public int getPasswordMinimumUpperCase(ComponentName admin) { 409a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev if (mService != null) { 410a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev try { 411a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev return mService.getPasswordMinimumUpperCase(admin); 412a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } catch (RemoteException e) { 413a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev Log.w(TAG, "Failed talking with device policy service", e); 414a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 415a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 416a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev return 0; 417a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 418a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev 419a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev /** 420a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * Called by an application that is administering the device to set the 421a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * minimum number of lower case letters required in the password. After 422a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * setting this, the user will not be able to enter a new password that is 423a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * not at least as restrictive as what has been set. Note that the current 424a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * password will remain until the user has set a new one, so the change does 425a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * not take place immediately. To prompt the user for a new password, use 426a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * {@link #ACTION_SET_NEW_PASSWORD} after setting this value. This 427a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * constraint is only imposed if the administrator has also requested 428c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * {@link #PASSWORD_QUALITY_COMPLEX} with {@link #setPasswordQuality}. The 429c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * default value is 0. 430a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * <p> 431a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * The calling device admin must have requested 432a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call 433a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * this method; if it has not, a security exception will be thrown. 434a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * 435a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * @param admin Which {@link DeviceAdminReceiver} this request is associated 436a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * with. 437a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * @param length The new desired minimum number of lower case letters 438a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * required in the password. A value of 0 means there is no 439a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * restriction. 440a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev */ 441a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev public void setPasswordMinimumLowerCase(ComponentName admin, int length) { 442a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev if (mService != null) { 443a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev try { 444a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev mService.setPasswordMinimumLowerCase(admin, length); 445a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } catch (RemoteException e) { 446a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev Log.w(TAG, "Failed talking with device policy service", e); 447a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 448a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 449a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 450a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev 451a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev /** 452a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * Retrieve the current number of lower case letters required in the 453c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * password for all admins or a particular one. This is the same value as 454c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * set by {#link {@link #setPasswordMinimumLowerCase(ComponentName, int)} 455c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * and only applies when the password quality is 456c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * {@link #PASSWORD_QUALITY_COMPLEX}. 457a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * 458a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * @param admin The name of the admin component to check, or null to 459a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * aggregate all admins. 460a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * @return The minimum number of lower case letters required in the 461a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * password. 462a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev */ 463a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev public int getPasswordMinimumLowerCase(ComponentName admin) { 464a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev if (mService != null) { 465a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev try { 466a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev return mService.getPasswordMinimumLowerCase(admin); 467a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } catch (RemoteException e) { 468a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev Log.w(TAG, "Failed talking with device policy service", e); 469a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 470a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 471a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev return 0; 472a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 473a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev 474a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev /** 475a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * Called by an application that is administering the device to set the 476a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * minimum number of letters required in the password. After setting this, 477a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * the user will not be able to enter a new password that is not at least as 478a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * restrictive as what has been set. Note that the current password will 479a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * remain until the user has set a new one, so the change does not take 480a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * place immediately. To prompt the user for a new password, use 481a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * {@link #ACTION_SET_NEW_PASSWORD} after setting this value. This 482a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * constraint is only imposed if the administrator has also requested 483c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * {@link #PASSWORD_QUALITY_COMPLEX} with {@link #setPasswordQuality}. The 484c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * default value is 1. 485a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * <p> 486a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * The calling device admin must have requested 487a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call 488a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * this method; if it has not, a security exception will be thrown. 489a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * 490a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * @param admin Which {@link DeviceAdminReceiver} this request is associated 491a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * with. 492a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * @param length The new desired minimum number of letters required in the 493a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * password. A value of 0 means there is no restriction. 494a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev */ 495a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev public void setPasswordMinimumLetters(ComponentName admin, int length) { 496a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev if (mService != null) { 497a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev try { 498a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev mService.setPasswordMinimumLetters(admin, length); 499a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } catch (RemoteException e) { 500a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev Log.w(TAG, "Failed talking with device policy service", e); 501a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 502a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 503a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 504a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev 505a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev /** 506a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * Retrieve the current number of letters required in the password for all 507c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * admins or a particular one. This is the same value as 508c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * set by {#link {@link #setPasswordMinimumLetters(ComponentName, int)} 509c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * and only applies when the password quality is 510c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * {@link #PASSWORD_QUALITY_COMPLEX}. 511a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * 512a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * @param admin The name of the admin component to check, or null to 513a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * aggregate all admins. 514a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * @return The minimum number of letters required in the password. 515a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev */ 516a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev public int getPasswordMinimumLetters(ComponentName admin) { 517a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev if (mService != null) { 518a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev try { 519a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev return mService.getPasswordMinimumLetters(admin); 520a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } catch (RemoteException e) { 521a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev Log.w(TAG, "Failed talking with device policy service", e); 522a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 523a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 524a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev return 0; 525a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 526a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev 527a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev /** 528a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * Called by an application that is administering the device to set the 529a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * minimum number of numerical digits required in the password. After 530a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * setting this, the user will not be able to enter a new password that is 531a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * not at least as restrictive as what has been set. Note that the current 532a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * password will remain until the user has set a new one, so the change does 533a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * not take place immediately. To prompt the user for a new password, use 534a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * {@link #ACTION_SET_NEW_PASSWORD} after setting this value. This 535a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * constraint is only imposed if the administrator has also requested 536c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * {@link #PASSWORD_QUALITY_COMPLEX} with {@link #setPasswordQuality}. The 537c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * default value is 1. 538a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * <p> 539a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * The calling device admin must have requested 540a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call 541a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * this method; if it has not, a security exception will be thrown. 542a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * 543a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * @param admin Which {@link DeviceAdminReceiver} this request is associated 544a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * with. 545a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * @param length The new desired minimum number of numerical digits required 546a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * in the password. A value of 0 means there is no restriction. 547a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev */ 548a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev public void setPasswordMinimumNumeric(ComponentName admin, int length) { 549a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev if (mService != null) { 550a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev try { 551a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev mService.setPasswordMinimumNumeric(admin, length); 552a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } catch (RemoteException e) { 553a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev Log.w(TAG, "Failed talking with device policy service", e); 554a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 555a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 556a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 557a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev 558a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev /** 559a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * Retrieve the current number of numerical digits required in the password 560c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * for all admins or a particular one. This is the same value as 561c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * set by {#link {@link #setPasswordMinimumNumeric(ComponentName, int)} 562c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * and only applies when the password quality is 563c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * {@link #PASSWORD_QUALITY_COMPLEX}. 564a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * 565a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * @param admin The name of the admin component to check, or null to 566a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * aggregate all admins. 567a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * @return The minimum number of numerical digits required in the password. 568a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev */ 569a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev public int getPasswordMinimumNumeric(ComponentName admin) { 570a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev if (mService != null) { 571a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev try { 572a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev return mService.getPasswordMinimumNumeric(admin); 573a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } catch (RemoteException e) { 574a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev Log.w(TAG, "Failed talking with device policy service", e); 575a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 576a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 577a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev return 0; 578a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 579a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev 580a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev /** 581a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * Called by an application that is administering the device to set the 582a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * minimum number of symbols required in the password. After setting this, 583a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * the user will not be able to enter a new password that is not at least as 584a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * restrictive as what has been set. Note that the current password will 585a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * remain until the user has set a new one, so the change does not take 586a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * place immediately. To prompt the user for a new password, use 587a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * {@link #ACTION_SET_NEW_PASSWORD} after setting this value. This 588a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * constraint is only imposed if the administrator has also requested 589c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * {@link #PASSWORD_QUALITY_COMPLEX} with {@link #setPasswordQuality}. The 590c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * default value is 1. 591a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * <p> 592a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * The calling device admin must have requested 593a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call 594a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * this method; if it has not, a security exception will be thrown. 595a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * 596a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * @param admin Which {@link DeviceAdminReceiver} this request is associated 597a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * with. 598a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * @param length The new desired minimum number of symbols required in the 599a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * password. A value of 0 means there is no restriction. 600a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev */ 601a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev public void setPasswordMinimumSymbols(ComponentName admin, int length) { 602a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev if (mService != null) { 603a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev try { 604a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev mService.setPasswordMinimumSymbols(admin, length); 605a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } catch (RemoteException e) { 606a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev Log.w(TAG, "Failed talking with device policy service", e); 607a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 608a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 609a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 610a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev 611a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev /** 612a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * Retrieve the current number of symbols required in the password for all 613c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * admins or a particular one. This is the same value as 614c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * set by {#link {@link #setPasswordMinimumSymbols(ComponentName, int)} 615c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * and only applies when the password quality is 616c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * {@link #PASSWORD_QUALITY_COMPLEX}. 617a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * 618a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * @param admin The name of the admin component to check, or null to 619a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * aggregate all admins. 620a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * @return The minimum number of symbols required in the password. 621a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev */ 622a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev public int getPasswordMinimumSymbols(ComponentName admin) { 623a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev if (mService != null) { 624a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev try { 625a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev return mService.getPasswordMinimumSymbols(admin); 626a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } catch (RemoteException e) { 627a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev Log.w(TAG, "Failed talking with device policy service", e); 628a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 629a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 630a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev return 0; 631a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 632a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev 633c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev /** 634c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * Called by an application that is administering the device to set the 635c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * minimum number of non-letter characters (numerical digits or symbols) 636c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * required in the password. After setting this, the user will not be able 637c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * to enter a new password that is not at least as restrictive as what has 638c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * been set. Note that the current password will remain until the user has 639c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * set a new one, so the change does not take place immediately. To prompt 640c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * the user for a new password, use {@link #ACTION_SET_NEW_PASSWORD} after 641c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * setting this value. This constraint is only imposed if the administrator 642c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * has also requested {@link #PASSWORD_QUALITY_COMPLEX} with 643c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * {@link #setPasswordQuality}. The default value is 0. 644c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * <p> 645c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * The calling device admin must have requested 646c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call 647c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * this method; if it has not, a security exception will be thrown. 648c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * 649c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * @param admin Which {@link DeviceAdminReceiver} this request is associated 650c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * with. 651c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * @param length The new desired minimum number of letters required in the 652c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * password. A value of 0 means there is no restriction. 653c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev */ 654c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev public void setPasswordMinimumNonLetter(ComponentName admin, int length) { 655c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev if (mService != null) { 656c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev try { 657c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev mService.setPasswordMinimumNonLetter(admin, length); 658c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev } catch (RemoteException e) { 659c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev Log.w(TAG, "Failed talking with device policy service", e); 660c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev } 661c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev } 662c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev } 663c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev 664c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev /** 665c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * Retrieve the current number of non-letter characters required in the 666c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * password for all admins or a particular one. This is the same value as 667c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * set by {#link {@link #setPasswordMinimumNonLetter(ComponentName, int)} 668c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * and only applies when the password quality is 669c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * {@link #PASSWORD_QUALITY_COMPLEX}. 670c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * 671c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * @param admin The name of the admin component to check, or null to 672c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * aggregate all admins. 673c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * @return The minimum number of letters required in the password. 674c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev */ 675c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev public int getPasswordMinimumNonLetter(ComponentName admin) { 676c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev if (mService != null) { 677c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev try { 678c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev return mService.getPasswordMinimumNonLetter(admin); 679c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev } catch (RemoteException e) { 680c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev Log.w(TAG, "Failed talking with device policy service", e); 681c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev } 682c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev } 683c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev return 0; 684c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev } 685c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev 6863255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev /** 6873255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * Called by an application that is administering the device to set the length 6883255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * of the password history. After setting this, the user will not be able to 6893255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * enter a new password that is the same as any password in the history. Note 6903255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * that the current password will remain until the user has set a new one, so 6913255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * the change does not take place immediately. To prompt the user for a new 6923255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * password, use {@link #ACTION_SET_NEW_PASSWORD} after setting this value. 6933255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * This constraint is only imposed if the administrator has also requested 6943255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * either {@link #PASSWORD_QUALITY_NUMERIC}, 6953255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * {@link #PASSWORD_QUALITY_ALPHABETIC}, or 6963255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * {@link #PASSWORD_QUALITY_ALPHANUMERIC} with {@link #setPasswordQuality}. 6973255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * 6983255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * <p> 6993255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * The calling device admin must have requested 7003255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call this 7013255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * method; if it has not, a security exception will be thrown. 7023255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * 7033255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * @param admin Which {@link DeviceAdminReceiver} this request is associated 7043255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * with. 7053255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * @param length The new desired length of password history. A value of 0 7063255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * means there is no restriction. 7073255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev */ 7083255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev public void setPasswordHistoryLength(ComponentName admin, int length) { 7093255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev if (mService != null) { 7103255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev try { 7113255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev mService.setPasswordHistoryLength(admin, length); 7123255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev } catch (RemoteException e) { 7133255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev Log.w(TAG, "Failed talking with device policy service", e); 7143255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev } 7153255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev } 7163255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev } 7173255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 7183255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev /** 719a4e28d181942018ba8759989799a28fa88764ce3Jim Miller * Called by a device admin to set the password expiration timeout. Calling this method 720a4e28d181942018ba8759989799a28fa88764ce3Jim Miller * will restart the countdown for password expiration for the given admin, as will changing 721a4e28d181942018ba8759989799a28fa88764ce3Jim Miller * the device password (for all admins). 722a4e28d181942018ba8759989799a28fa88764ce3Jim Miller * 723a4e28d181942018ba8759989799a28fa88764ce3Jim Miller * <p>The provided timeout is the time delta in ms and will be added to the current time. 724a4e28d181942018ba8759989799a28fa88764ce3Jim Miller * For example, to have the password expire 5 days from now, timeout would be 725a4e28d181942018ba8759989799a28fa88764ce3Jim Miller * 5 * 86400 * 1000 = 432000000 ms for timeout. 726a4e28d181942018ba8759989799a28fa88764ce3Jim Miller * 727a4e28d181942018ba8759989799a28fa88764ce3Jim Miller * <p>To disable password expiration, a value of 0 may be used for timeout. 728a4e28d181942018ba8759989799a28fa88764ce3Jim Miller * 729a4e28d181942018ba8759989799a28fa88764ce3Jim Miller * <p>The calling device admin must have requested 730a4e28d181942018ba8759989799a28fa88764ce3Jim Miller * {@link DeviceAdminInfo#USES_POLICY_EXPIRE_PASSWORD} to be able to call this 731a4e28d181942018ba8759989799a28fa88764ce3Jim Miller * method; if it has not, a security exception will be thrown. 732a4e28d181942018ba8759989799a28fa88764ce3Jim Miller * 733a4e28d181942018ba8759989799a28fa88764ce3Jim Miller * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 734a4e28d181942018ba8759989799a28fa88764ce3Jim Miller * @param timeout The limit (in ms) that a password can remain in effect. A value of 0 735a4e28d181942018ba8759989799a28fa88764ce3Jim Miller * means there is no restriction (unlimited). 736a4e28d181942018ba8759989799a28fa88764ce3Jim Miller */ 737a4e28d181942018ba8759989799a28fa88764ce3Jim Miller public void setPasswordExpirationTimeout(ComponentName admin, long timeout) { 738a4e28d181942018ba8759989799a28fa88764ce3Jim Miller if (mService != null) { 739a4e28d181942018ba8759989799a28fa88764ce3Jim Miller try { 740a4e28d181942018ba8759989799a28fa88764ce3Jim Miller mService.setPasswordExpirationTimeout(admin, timeout); 741a4e28d181942018ba8759989799a28fa88764ce3Jim Miller } catch (RemoteException e) { 742a4e28d181942018ba8759989799a28fa88764ce3Jim Miller Log.w(TAG, "Failed talking with device policy service", e); 743a4e28d181942018ba8759989799a28fa88764ce3Jim Miller } 744a4e28d181942018ba8759989799a28fa88764ce3Jim Miller } 745a4e28d181942018ba8759989799a28fa88764ce3Jim Miller } 746a4e28d181942018ba8759989799a28fa88764ce3Jim Miller 747a4e28d181942018ba8759989799a28fa88764ce3Jim Miller /** 7486b85768058b065cc682757a366abc828c9ca727aJim Miller * Get the password expiration timeout for the given admin. The expiration timeout is the 7496b85768058b065cc682757a366abc828c9ca727aJim Miller * recurring expiration timeout provided in the call to 7506b85768058b065cc682757a366abc828c9ca727aJim Miller * {@link #setPasswordExpirationTimeout(ComponentName, long)} for the given admin or the 7516b85768058b065cc682757a366abc828c9ca727aJim Miller * aggregate of all policy administrators if admin is null. 752a4e28d181942018ba8759989799a28fa88764ce3Jim Miller * 753a4e28d181942018ba8759989799a28fa88764ce3Jim Miller * @param admin The name of the admin component to check, or null to aggregate all admins. 754a4e28d181942018ba8759989799a28fa88764ce3Jim Miller * @return The timeout for the given admin or the minimum of all timeouts 755a4e28d181942018ba8759989799a28fa88764ce3Jim Miller */ 756a4e28d181942018ba8759989799a28fa88764ce3Jim Miller public long getPasswordExpirationTimeout(ComponentName admin) { 757a4e28d181942018ba8759989799a28fa88764ce3Jim Miller if (mService != null) { 758a4e28d181942018ba8759989799a28fa88764ce3Jim Miller try { 759a4e28d181942018ba8759989799a28fa88764ce3Jim Miller return mService.getPasswordExpirationTimeout(admin); 760a4e28d181942018ba8759989799a28fa88764ce3Jim Miller } catch (RemoteException e) { 761a4e28d181942018ba8759989799a28fa88764ce3Jim Miller Log.w(TAG, "Failed talking with device policy service", e); 762a4e28d181942018ba8759989799a28fa88764ce3Jim Miller } 763a4e28d181942018ba8759989799a28fa88764ce3Jim Miller } 764a4e28d181942018ba8759989799a28fa88764ce3Jim Miller return 0; 765a4e28d181942018ba8759989799a28fa88764ce3Jim Miller } 766a4e28d181942018ba8759989799a28fa88764ce3Jim Miller 767a4e28d181942018ba8759989799a28fa88764ce3Jim Miller /** 768a4e28d181942018ba8759989799a28fa88764ce3Jim Miller * Get the current password expiration time for the given admin or an aggregate of 7696b85768058b065cc682757a366abc828c9ca727aJim Miller * all admins if admin is null. If the password is expired, this will return the time since 7706b85768058b065cc682757a366abc828c9ca727aJim Miller * the password expired as a negative number. If admin is null, then a composite of all 7716b85768058b065cc682757a366abc828c9ca727aJim Miller * expiration timeouts is returned - which will be the minimum of all timeouts. 772a4e28d181942018ba8759989799a28fa88764ce3Jim Miller * 773a4e28d181942018ba8759989799a28fa88764ce3Jim Miller * @param admin The name of the admin component to check, or null to aggregate all admins. 774a4e28d181942018ba8759989799a28fa88764ce3Jim Miller * @return The password expiration time, in ms. 775a4e28d181942018ba8759989799a28fa88764ce3Jim Miller */ 776a4e28d181942018ba8759989799a28fa88764ce3Jim Miller public long getPasswordExpiration(ComponentName admin) { 777a4e28d181942018ba8759989799a28fa88764ce3Jim Miller if (mService != null) { 778a4e28d181942018ba8759989799a28fa88764ce3Jim Miller try { 779a4e28d181942018ba8759989799a28fa88764ce3Jim Miller return mService.getPasswordExpiration(admin); 780a4e28d181942018ba8759989799a28fa88764ce3Jim Miller } catch (RemoteException e) { 781a4e28d181942018ba8759989799a28fa88764ce3Jim Miller Log.w(TAG, "Failed talking with device policy service", e); 782a4e28d181942018ba8759989799a28fa88764ce3Jim Miller } 783a4e28d181942018ba8759989799a28fa88764ce3Jim Miller } 784a4e28d181942018ba8759989799a28fa88764ce3Jim Miller return 0; 785a4e28d181942018ba8759989799a28fa88764ce3Jim Miller } 786a4e28d181942018ba8759989799a28fa88764ce3Jim Miller 787a4e28d181942018ba8759989799a28fa88764ce3Jim Miller /** 7883255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * Retrieve the current password history length for all admins 7893255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * or a particular one. 7903255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * @param admin The name of the admin component to check, or null to aggregate 7913255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * all admins. 7923255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * @return The length of the password history 7933255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev */ 7943255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev public int getPasswordHistoryLength(ComponentName admin) { 7953255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev if (mService != null) { 7963255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev try { 7973255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev return mService.getPasswordHistoryLength(admin); 7983255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev } catch (RemoteException e) { 7993255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev Log.w(TAG, "Failed talking with device policy service", e); 8003255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev } 8013255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev } 8023255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev return 0; 8033255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev } 8043255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 805d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 806254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * Return the maximum password length that the device supports for a 8079327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * particular password quality. 808364f6e3d44c27cd17fe0f3fca844465e9a502636Dianne Hackborn * @param quality The quality being interrogated. 809254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * @return Returns the maximum length that the user can enter. 810254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn */ 8119327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn public int getPasswordMaximumLength(int quality) { 812254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn // Kind-of arbitrary. 813254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn return 16; 814254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn } 8153255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 816254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn /** 817df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * Determine whether the current password the user has set is sufficient 8189327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * to meet the policy requirements (quality, minimum length) that have been 819df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * requested. 8203255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * 8218aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * <p>The calling device admin must have requested 8228aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call 8238aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * this method; if it has not, a security exception will be thrown. 8243255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * 825df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * @return Returns true if the password meets the current requirements, 826df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * else false. 827d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 828df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn public boolean isActivePasswordSufficient() { 829d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 830d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 831df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn return mService.isActivePasswordSufficient(); 832d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 833d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 834d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 835d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 836df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn return false; 837d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 8383255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 839d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 840d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Retrieve the number of times the user has failed at entering a 841d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * password since that last successful password entry. 8423255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * 8438aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * <p>The calling device admin must have requested 8448aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * {@link DeviceAdminInfo#USES_POLICY_WATCH_LOGIN} to be able to call 8458aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * this method; if it has not, a security exception will be thrown. 846d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 847d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn public int getCurrentFailedPasswordAttempts() { 848d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 849d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 850d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn return mService.getCurrentFailedPasswordAttempts(); 851d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 852d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 853d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 854d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 855d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn return -1; 856d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 857df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn 858df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn /** 85988209d15dd5fcb883403525a6455857566e3aee7Andrew Stadler * Setting this to a value greater than zero enables a built-in policy 86088209d15dd5fcb883403525a6455857566e3aee7Andrew Stadler * that will perform a device wipe after too many incorrect 86188209d15dd5fcb883403525a6455857566e3aee7Andrew Stadler * device-unlock passwords have been entered. This built-in policy combines 86288209d15dd5fcb883403525a6455857566e3aee7Andrew Stadler * watching for failed passwords and wiping the device, and requires 86388209d15dd5fcb883403525a6455857566e3aee7Andrew Stadler * that you request both {@link DeviceAdminInfo#USES_POLICY_WATCH_LOGIN} and 8648ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn * {@link DeviceAdminInfo#USES_POLICY_WIPE_DATA}}. 8653255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * 86688209d15dd5fcb883403525a6455857566e3aee7Andrew Stadler * <p>To implement any other policy (e.g. wiping data for a particular 86788209d15dd5fcb883403525a6455857566e3aee7Andrew Stadler * application only, erasing or revoking credentials, or reporting the 86888209d15dd5fcb883403525a6455857566e3aee7Andrew Stadler * failure to a server), you should implement 869ef6b22fc04a8d5ab26e13efac8069c097e0da7c9Dianne Hackborn * {@link DeviceAdminReceiver#onPasswordFailed(Context, android.content.Intent)} 87088209d15dd5fcb883403525a6455857566e3aee7Andrew Stadler * instead. Do not use this API, because if the maximum count is reached, 87188209d15dd5fcb883403525a6455857566e3aee7Andrew Stadler * the device will be wiped immediately, and your callback will not be invoked. 8723255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * 873ef6b22fc04a8d5ab26e13efac8069c097e0da7c9Dianne Hackborn * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 8748ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn * @param num The number of failed password attempts at which point the 8758ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn * device will wipe its data. 8768ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn */ 8778ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn public void setMaximumFailedPasswordsForWipe(ComponentName admin, int num) { 8788ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn if (mService != null) { 8798ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn try { 8808ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn mService.setMaximumFailedPasswordsForWipe(admin, num); 8818ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn } catch (RemoteException e) { 8828ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 8838ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn } 8848ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn } 8858ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn } 8863255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 8878ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn /** 888254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * Retrieve the current maximum number of login attempts that are allowed 889254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * before the device wipes itself, for all admins 890254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * or a particular one. 891254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * @param admin The name of the admin component to check, or null to aggregate 892254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * all admins. 893254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn */ 894254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn public int getMaximumFailedPasswordsForWipe(ComponentName admin) { 895254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn if (mService != null) { 896254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn try { 897254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn return mService.getMaximumFailedPasswordsForWipe(admin); 898254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn } catch (RemoteException e) { 899254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 900254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn } 901254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn } 902254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn return 0; 903254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn } 9043255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 905254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn /** 90687bba1ee14279bb14a28d42e27c4ef66d9967bf8Dianne Hackborn * Flag for {@link #resetPassword}: don't allow other admins to change 90787bba1ee14279bb14a28d42e27c4ef66d9967bf8Dianne Hackborn * the password again until the user has entered it. 90887bba1ee14279bb14a28d42e27c4ef66d9967bf8Dianne Hackborn */ 90987bba1ee14279bb14a28d42e27c4ef66d9967bf8Dianne Hackborn public static final int RESET_PASSWORD_REQUIRE_ENTRY = 0x0001; 9103255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 91187bba1ee14279bb14a28d42e27c4ef66d9967bf8Dianne Hackborn /** 912ef6b22fc04a8d5ab26e13efac8069c097e0da7c9Dianne Hackborn * Force a new device unlock password (the password needed to access the 913ef6b22fc04a8d5ab26e13efac8069c097e0da7c9Dianne Hackborn * entire device, not for individual accounts) on the user. This takes 914ef6b22fc04a8d5ab26e13efac8069c097e0da7c9Dianne Hackborn * effect immediately. 9159327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * The given password must be sufficient for the 9169327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * current password quality and length constraints as returned by 9179327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * {@link #getPasswordQuality(ComponentName)} and 9189327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * {@link #getPasswordMinimumLength(ComponentName)}; if it does not meet 9199327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * these constraints, then it will be rejected and false returned. Note 9209327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * that the password may be a stronger quality (containing alphanumeric 9219327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * characters when the requested quality is only numeric), in which case 9229327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * the currently active quality will be increased to match. 9233255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * 9248aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * <p>The calling device admin must have requested 9258aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * {@link DeviceAdminInfo#USES_POLICY_RESET_PASSWORD} to be able to call 9268aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * this method; if it has not, a security exception will be thrown. 9273255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * 928df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * @param password The new password for the user. 92987bba1ee14279bb14a28d42e27c4ef66d9967bf8Dianne Hackborn * @param flags May be 0 or {@link #RESET_PASSWORD_REQUIRE_ENTRY}. 930df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * @return Returns true if the password was applied, or false if it is 931df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * not acceptable for the current constraints. 932df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn */ 93387bba1ee14279bb14a28d42e27c4ef66d9967bf8Dianne Hackborn public boolean resetPassword(String password, int flags) { 934df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn if (mService != null) { 935df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn try { 93687bba1ee14279bb14a28d42e27c4ef66d9967bf8Dianne Hackborn return mService.resetPassword(password, flags); 937df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn } catch (RemoteException e) { 938df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 939df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn } 940df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn } 941df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn return false; 942df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn } 9433255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 944d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 945d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Called by an application that is administering the device to set the 946d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * maximum time for user activity until the device will lock. This limits 947d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * the length that the user can set. It takes effect immediately. 9483255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * 9498aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * <p>The calling device admin must have requested 950315ada7fbb9e967c22e87b4921bec720ceb2c73cDianne Hackborn * {@link DeviceAdminInfo#USES_POLICY_FORCE_LOCK} to be able to call 9518aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * this method; if it has not, a security exception will be thrown. 9523255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * 953ef6b22fc04a8d5ab26e13efac8069c097e0da7c9Dianne Hackborn * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 954d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * @param timeMs The new desired maximum time to lock in milliseconds. 955d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * A value of 0 means there is no restriction. 956d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 957d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn public void setMaximumTimeToLock(ComponentName admin, long timeMs) { 958d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 959d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 960d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn mService.setMaximumTimeToLock(admin, timeMs); 961d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 962d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 963d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 964d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 965d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 9663255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 967d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 968254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * Retrieve the current maximum time to unlock for all admins 969254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * or a particular one. 970254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * @param admin The name of the admin component to check, or null to aggregate 971254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * all admins. 972d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 973254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn public long getMaximumTimeToLock(ComponentName admin) { 974d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 975d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 976254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn return mService.getMaximumTimeToLock(admin); 977d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 978d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 979d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 980d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 981d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn return 0; 982d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 9833255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 984d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 985df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * Make the device lock immediately, as if the lock screen timeout has 986df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * expired at the point of this call. 9873255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * 9888aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * <p>The calling device admin must have requested 9898aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * {@link DeviceAdminInfo#USES_POLICY_FORCE_LOCK} to be able to call 9908aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * this method; if it has not, a security exception will be thrown. 991d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 992df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn public void lockNow() { 993df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn if (mService != null) { 994df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn try { 995df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn mService.lockNow(); 996df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn } catch (RemoteException e) { 997df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 998df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn } 999df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn } 1000df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn } 10013255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 1002d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 1003424991704b5fb7a64f6cf0fcc3f4b1aabbf2a2e0Dianne Hackborn * Flag for {@link #wipeData(int)}: also erase the device's external 1004424991704b5fb7a64f6cf0fcc3f4b1aabbf2a2e0Dianne Hackborn * storage. 1005424991704b5fb7a64f6cf0fcc3f4b1aabbf2a2e0Dianne Hackborn */ 1006424991704b5fb7a64f6cf0fcc3f4b1aabbf2a2e0Dianne Hackborn public static final int WIPE_EXTERNAL_STORAGE = 0x0001; 1007424991704b5fb7a64f6cf0fcc3f4b1aabbf2a2e0Dianne Hackborn 1008424991704b5fb7a64f6cf0fcc3f4b1aabbf2a2e0Dianne Hackborn /** 1009d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Ask the user date be wiped. This will cause the device to reboot, 1010df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * erasing all user data while next booting up. External storage such 1011f535cb04f08575d29118fab0342b1e6274091734Masanori Ogino * as SD cards will be also erased if the flag {@link #WIPE_EXTERNAL_STORAGE} 1012f535cb04f08575d29118fab0342b1e6274091734Masanori Ogino * is set. 10133255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * 10148aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * <p>The calling device admin must have requested 10158aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * {@link DeviceAdminInfo#USES_POLICY_WIPE_DATA} to be able to call 10168aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * this method; if it has not, a security exception will be thrown. 10173255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * 1018f535cb04f08575d29118fab0342b1e6274091734Masanori Ogino * @param flags Bit mask of additional options: currently 0 and 1019f535cb04f08575d29118fab0342b1e6274091734Masanori Ogino * {@link #WIPE_EXTERNAL_STORAGE} are supported. 1020d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 1021d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn public void wipeData(int flags) { 1022d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 1023d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 1024d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn mService.wipeData(flags); 1025d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 1026d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 1027d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 1028d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 1029d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 10303255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 1031d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 103269238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor * Called by an application that is administering the device to set the 103369238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor * global proxy and exclusion list. 103469238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor * <p> 103569238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor * The calling device admin must have requested 103669238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor * {@link DeviceAdminInfo#USES_POLICY_SETS_GLOBAL_PROXY} to be able to call 103769238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor * this method; if it has not, a security exception will be thrown. 103869238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor * Only the first device admin can set the proxy. If a second admin attempts 103969238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor * to set the proxy, the {@link ComponentName} of the admin originally setting the 104069238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor * proxy will be returned. If successful in setting the proxy, null will 104169238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor * be returned. 104269238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor * The method can be called repeatedly by the device admin alrady setting the 104369238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor * proxy to update the proxy and exclusion list. 104469238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor * 104569238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor * @param admin Which {@link DeviceAdminReceiver} this request is associated 104669238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor * with. 104769238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor * @param proxySpec the global proxy desired. Must be an HTTP Proxy. 104869238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor * Pass Proxy.NO_PROXY to reset the proxy. 104969238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor * @param exclusionList a list of domains to be excluded from the global proxy. 105069238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor * @return returns null if the proxy was successfully set, or a {@link ComponentName} 105169238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor * of the device admin that sets thew proxy otherwise. 1052d26727273d16745ceddc2203121d29c3a9e7733cAndy Stadler * @hide 105369238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor */ 105469238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor public ComponentName setGlobalProxy(ComponentName admin, Proxy proxySpec, 105569238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor List<String> exclusionList ) { 105669238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor if (proxySpec == null) { 105769238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor throw new NullPointerException(); 105869238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor } 105969238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor if (mService != null) { 106069238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor try { 106169238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor String hostSpec; 106269238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor String exclSpec; 106369238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor if (proxySpec.equals(Proxy.NO_PROXY)) { 106469238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor hostSpec = null; 106569238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor exclSpec = null; 106669238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor } else { 106769238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor if (!proxySpec.type().equals(Proxy.Type.HTTP)) { 106869238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor throw new IllegalArgumentException(); 106969238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor } 107069238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor InetSocketAddress sa = (InetSocketAddress)proxySpec.address(); 107169238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor String hostName = sa.getHostName(); 107269238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor int port = sa.getPort(); 107369238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor StringBuilder hostBuilder = new StringBuilder(); 107469238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor hostSpec = hostBuilder.append(hostName) 107569238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor .append(":").append(Integer.toString(port)).toString(); 107669238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor if (exclusionList == null) { 107769238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor exclSpec = ""; 107869238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor } else { 107969238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor StringBuilder listBuilder = new StringBuilder(); 108069238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor boolean firstDomain = true; 108169238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor for (String exclDomain : exclusionList) { 108269238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor if (!firstDomain) { 108369238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor listBuilder = listBuilder.append(","); 108469238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor } else { 108569238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor firstDomain = false; 108669238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor } 108769238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor listBuilder = listBuilder.append(exclDomain.trim()); 108869238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor } 108969238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor exclSpec = listBuilder.toString(); 109069238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor } 109169238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor android.net.Proxy.validate(hostName, Integer.toString(port), exclSpec); 109269238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor } 109369238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor return mService.setGlobalProxy(admin, hostSpec, exclSpec); 109469238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor } catch (RemoteException e) { 109569238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor Log.w(TAG, "Failed talking with device policy service", e); 109669238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor } 109769238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor } 109869238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor return null; 109969238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor } 110069238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor 110169238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor /** 110269238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor * Returns the component name setting the global proxy. 110369238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor * @return ComponentName object of the device admin that set the global proxy, or 110469238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor * null if no admin has set the proxy. 1105d26727273d16745ceddc2203121d29c3a9e7733cAndy Stadler * @hide 110669238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor */ 110769238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor public ComponentName getGlobalProxyAdmin() { 110869238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor if (mService != null) { 110969238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor try { 111069238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor return mService.getGlobalProxyAdmin(); 111169238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor } catch (RemoteException e) { 111269238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor Log.w(TAG, "Failed talking with device policy service", e); 111369238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor } 111469238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor } 111569238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor return null; 111669238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor } 111769238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor 111869238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor /** 111922dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * Result code for {@link #setStorageEncryption} and {@link #getStorageEncryptionStatus}: 11207b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * indicating that encryption is not supported. 11217b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler */ 11227b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler public static final int ENCRYPTION_STATUS_UNSUPPORTED = 0; 11237b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler 11247b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler /** 112522dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * Result code for {@link #setStorageEncryption} and {@link #getStorageEncryptionStatus}: 11267b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * indicating that encryption is supported, but is not currently active. 11277b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler */ 11287b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler public static final int ENCRYPTION_STATUS_INACTIVE = 1; 11297b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler 11307b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler /** 113122dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * Result code for {@link #setStorageEncryption} and {@link #getStorageEncryptionStatus}: 11327b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * indicating that encryption is not currently active, but is currently 11337b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * being activated. This is only reported by devices that support 11347b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * encryption of data and only when the storage is currently 11357b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * undergoing a process of becoming encrypted. A device that must reboot and/or wipe data 11367b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * to become encrypted will never return this value. 11377b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler */ 113822dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler public static final int ENCRYPTION_STATUS_ACTIVATING = 2; 11397b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler 11407b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler /** 114122dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * Result code for {@link #setStorageEncryption} and {@link #getStorageEncryptionStatus}: 11427b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * indicating that encryption is active. 11437b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler */ 114422dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler public static final int ENCRYPTION_STATUS_ACTIVE = 3; 11457b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler 11467b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler /** 11477b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * Activity action: begin the process of encrypting data on the device. This activity should 11487b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * be launched after using {@link #setStorageEncryption} to request encryption be activated. 11497b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * After resuming from this activity, use {@link #getStorageEncryption} 11507b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * to check encryption status. However, on some devices this activity may never return, as 11517b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * it may trigger a reboot and in some cases a complete data wipe of the device. 11527b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler */ 11537b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler @SdkConstant(SdkConstantType.ACTIVITY_INTENT_ACTION) 11547b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler public static final String ACTION_START_ENCRYPTION 11557b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler = "android.app.action.START_ENCRYPTION"; 11567b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler 11577b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler /** 1158b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller * Widgets are enabled in keyguard 1159b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller */ 1160b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller public static final int KEYGUARD_DISABLE_WIDGETS_NONE = 0; 1161b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller 1162b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller /** 1163b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller * Disable all keyguard widgets 1164b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller */ 1165b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller public static final int KEYGUARD_DISABLE_WIDGETS_ALL = 0x7fffffff; 1166b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller 1167b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller /** 11687b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * Called by an application that is administering the device to 116922dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * request that the storage system be encrypted. 11707b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * 11717b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * <p>When multiple device administrators attempt to control device 11727b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * encryption, the most secure, supported setting will always be 11737b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * used. If any device administrator requests device encryption, 11747b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * it will be enabled; Conversely, if a device administrator 11757b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * attempts to disable device encryption while another 11767b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * device administrator has enabled it, the call to disable will 11777b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * fail (most commonly returning {@link #ENCRYPTION_STATUS_ACTIVE}). 11787b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * 11797b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * <p>This policy controls encryption of the secure (application data) storage area. Data 118050c294f21b3348010c3f91c5a998d54e1e45d2e4Andy Stadler * written to other storage areas may or may not be encrypted, and this policy does not require 118150c294f21b3348010c3f91c5a998d54e1e45d2e4Andy Stadler * or control the encryption of any other storage areas. 118250c294f21b3348010c3f91c5a998d54e1e45d2e4Andy Stadler * There is one exception: If {@link android.os.Environment#isExternalStorageEmulated()} is 118350c294f21b3348010c3f91c5a998d54e1e45d2e4Andy Stadler * {@code true}, then the directory returned by 118450c294f21b3348010c3f91c5a998d54e1e45d2e4Andy Stadler * {@link android.os.Environment#getExternalStorageDirectory()} must be written to disk 118550c294f21b3348010c3f91c5a998d54e1e45d2e4Andy Stadler * within the encrypted storage area. 11867b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * 11877b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * <p>Important Note: On some devices, it is possible to encrypt storage without requiring 11887b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * the user to create a device PIN or Password. In this case, the storage is encrypted, but 11897b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * the encryption key may not be fully secured. For maximum security, the administrator should 11907b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * also require (and check for) a pattern, PIN, or password. 11917b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * 11927b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 11937b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * @param encrypt true to request encryption, false to release any previous request 119422dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * @return the new request status (for all active admins) - will be one of 119522dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * {@link #ENCRYPTION_STATUS_UNSUPPORTED}, {@link #ENCRYPTION_STATUS_INACTIVE}, or 119622dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * {@link #ENCRYPTION_STATUS_ACTIVE}. This is the value of the requests; Use 119722dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * {@link #getStorageEncryptionStatus()} to query the actual device state. 11987b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler */ 11997b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler public int setStorageEncryption(ComponentName admin, boolean encrypt) { 12007b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler if (mService != null) { 12017b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler try { 12027b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler return mService.setStorageEncryption(admin, encrypt); 12037b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler } catch (RemoteException e) { 12047b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler Log.w(TAG, "Failed talking with device policy service", e); 12057b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler } 12067b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler } 12077b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler return ENCRYPTION_STATUS_UNSUPPORTED; 12087b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler } 12097b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler 12107b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler /** 12117b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * Called by an application that is administering the device to 121222dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * determine the requested setting for secure storage. 12137b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * 121422dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * @param admin Which {@link DeviceAdminReceiver} this request is associated with. If null, 121522dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * this will return the requested encryption setting as an aggregate of all active 121622dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * administrators. 121722dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * @return true if the admin(s) are requesting encryption, false if not. 12187b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler */ 121922dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler public boolean getStorageEncryption(ComponentName admin) { 12207b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler if (mService != null) { 12217b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler try { 12227b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler return mService.getStorageEncryption(admin); 12237b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler } catch (RemoteException e) { 122422dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler Log.w(TAG, "Failed talking with device policy service", e); 122522dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler } 122622dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler } 122722dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler return false; 122822dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler } 122922dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler 123022dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler /** 123122dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * Called by an application that is administering the device to 123222dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * determine the current encryption status of the device. 123322dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * 123422dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * Depending on the returned status code, the caller may proceed in different 123522dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * ways. If the result is {@link #ENCRYPTION_STATUS_UNSUPPORTED}, the 123622dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * storage system does not support encryption. If the 123722dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * result is {@link #ENCRYPTION_STATUS_INACTIVE}, use {@link 123822dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * #ACTION_START_ENCRYPTION} to begin the process of encrypting or decrypting the 123922dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * storage. If the result is {@link #ENCRYPTION_STATUS_ACTIVATING} or 124022dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * {@link #ENCRYPTION_STATUS_ACTIVE}, no further action is required. 124122dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * 124222dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * @return current status of encryption. The value will be one of 124322dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * {@link #ENCRYPTION_STATUS_UNSUPPORTED}, {@link #ENCRYPTION_STATUS_INACTIVE}, 124422dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * {@link #ENCRYPTION_STATUS_ACTIVATING}, or{@link #ENCRYPTION_STATUS_ACTIVE}. 124522dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler */ 124622dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler public int getStorageEncryptionStatus() { 124722dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler if (mService != null) { 124822dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler try { 124922dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler return mService.getStorageEncryptionStatus(); 125022dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler } catch (RemoteException e) { 12517b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler Log.w(TAG, "Failed talking with device policy service", e); 12527b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler } 12537b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler } 12547b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler return ENCRYPTION_STATUS_UNSUPPORTED; 12557b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler } 12567b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler 12577b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler /** 12582447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo * Called by an application that is administering the device to disable all cameras 12592447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo * on the device. After setting this, no applications will be able to access any cameras 12602447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo * on the device. 12612447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo * 12622447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo * <p>The calling device admin must have requested 12632447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo * {@link DeviceAdminInfo#USES_POLICY_DISABLE_CAMERA} to be able to call 12642447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo * this method; if it has not, a security exception will be thrown. 12652447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo * 12662447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 12672447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo * @param disabled Whether or not the camera should be disabled. 12682447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo */ 12692447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo public void setCameraDisabled(ComponentName admin, boolean disabled) { 12702447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo if (mService != null) { 12712447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo try { 12722447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo mService.setCameraDisabled(admin, disabled); 12732447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo } catch (RemoteException e) { 12742447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo Log.w(TAG, "Failed talking with device policy service", e); 12752447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo } 12762447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo } 12772447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo } 12782447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo 12792447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo /** 12802447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo * Determine whether or not the device's cameras have been disabled either by the current 12812447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo * admin, if specified, or all admins. 12822447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo * @param admin The name of the admin component to check, or null to check if any admins 12832447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo * have disabled the camera 12842447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo */ 12852447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo public boolean getCameraDisabled(ComponentName admin) { 12862447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo if (mService != null) { 12872447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo try { 12882447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo return mService.getCameraDisabled(admin); 12892447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo } catch (RemoteException e) { 12902447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo Log.w(TAG, "Failed talking with device policy service", e); 12912447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo } 12922447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo } 12932447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo return false; 12942447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo } 12952447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo 12962447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo /** 1297b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller * Called by an application that is administering the device to disable adding widgets to 1298b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller * keyguard. After setting this, keyguard widgets will be disabled according to the state 1299b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller * provided. 1300b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller * 1301b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller * <p>The calling device admin must have requested 1302b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller * {@link DeviceAdminInfo#USES_POLICY_DISABLE_KEYGUARD_WIDGETS} to be able to call 1303b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller * this method; if it has not, a security exception will be thrown. 1304b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller * 1305b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 1306b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller * @param which {@link DevicePolicyManager#KEYGUARD_DISABLE_WIDGETS_ALL} or 1307b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller * {@link DevicePolicyManager#KEYGUARD_DISABLE_WIDGETS_NONE} (the default). 1308b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller */ 1309b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller public void setKeyguardWidgetsDisabled(ComponentName admin, int which) { 1310b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller if (mService != null) { 1311b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller try { 1312b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller mService.setKeyguardWidgetsDisabled(admin, which); 1313b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller } catch (RemoteException e) { 1314b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller Log.w(TAG, "Failed talking with device policy service", e); 1315b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller } 1316b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller } 1317b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller } 1318b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller 1319b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller /** 1320b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller * Determine whether or not widgets have been disabled in keyguard either by the current 1321b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller * admin, if specified, or all admins. 1322b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller * @param admin The name of the admin component to check, or null to check if any admins 1323b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller * have disabled widgets in keyguard. 1324b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller */ 1325b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller public int getKeyguardWidgetsDisabled(ComponentName admin) { 1326b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller if (mService != null) { 1327b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller try { 1328b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller return mService.getKeyguardWidgetsDisabled(admin); 1329b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller } catch (RemoteException e) { 1330b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller Log.w(TAG, "Failed talking with device policy service", e); 1331b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller } 1332b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller } 1333b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller return KEYGUARD_DISABLE_WIDGETS_NONE; 1334b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller } 1335b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller 1336b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller /** 1337d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * @hide 1338d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 1339c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler public void setActiveAdmin(ComponentName policyReceiver, boolean refreshing) { 1340d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 1341d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 1342c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler mService.setActiveAdmin(policyReceiver, refreshing); 1343d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 1344d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 1345d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 1346d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 1347d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 13483255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 1349d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 1350c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler * Returns the DeviceAdminInfo as defined by the administrator's package info & meta-data 1351d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * @hide 1352d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 1353d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn public DeviceAdminInfo getAdminInfo(ComponentName cn) { 1354d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn ActivityInfo ai; 1355d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 1356d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn ai = mContext.getPackageManager().getReceiverInfo(cn, 1357d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn PackageManager.GET_META_DATA); 1358d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (PackageManager.NameNotFoundException e) { 1359d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Unable to retrieve device policy " + cn, e); 1360d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn return null; 1361d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 13623255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 1363d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn ResolveInfo ri = new ResolveInfo(); 1364d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn ri.activityInfo = ai; 13653255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 1366d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 1367d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn return new DeviceAdminInfo(mContext, ri); 1368d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (XmlPullParserException e) { 1369d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Unable to parse device policy " + cn, e); 1370d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn return null; 1371d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (IOException e) { 1372d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Unable to parse device policy " + cn, e); 1373d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn return null; 1374d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 1375d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 13763255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 1377d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 1378d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * @hide 13798ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn */ 13808ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn public void getRemoveWarning(ComponentName admin, RemoteCallback result) { 13818ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn if (mService != null) { 13828ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn try { 13838ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn mService.getRemoveWarning(admin, result); 13848ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn } catch (RemoteException e) { 13858ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 13868ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn } 13878ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn } 13888ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn } 13898ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn 13908ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn /** 13918ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn * @hide 1392d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 1393a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev public void setActivePasswordState(int quality, int length, int letters, int uppercase, 1394c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev int lowercase, int numbers, int symbols, int nonletter) { 1395d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 1396d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 1397a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev mService.setActivePasswordState(quality, length, letters, uppercase, lowercase, 1398c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev numbers, symbols, nonletter); 1399d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 1400d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 1401d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 1402d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 1403d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 14043255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 1405d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 1406d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * @hide 1407d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 1408d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn public void reportFailedPasswordAttempt() { 1409d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 1410d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 1411d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn mService.reportFailedPasswordAttempt(); 1412d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 1413d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 1414d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 1415d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 1416d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 14173255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 1418d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 1419d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * @hide 1420d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 1421d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn public void reportSuccessfulPasswordAttempt() { 1422d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 1423d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 1424d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn mService.reportSuccessfulPasswordAttempt(); 1425d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 1426d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 1427d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 1428d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 1429d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 143069238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor 1431d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn} 1432