1d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn/* 2d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Copyright (C) 2010 The Android Open Source Project 3d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * 4d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Licensed under the Apache License, Version 2.0 (the "License"); 5d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * you may not use this file except in compliance with the License. 6d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * You may obtain a copy of the License at 7d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * 8d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * http://www.apache.org/licenses/LICENSE-2.0 9d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * 10d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Unless required by applicable law or agreed to in writing, software 11d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * distributed under the License is distributed on an "AS IS" BASIS, 12d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * See the License for the specific language governing permissions and 14d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * limitations under the License. 15d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 16d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 1787bba1ee14279bb14a28d42e27c4ef66d9967bf8Dianne Hackbornpackage android.app.admin; 18d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 19d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport org.xmlpull.v1.XmlPullParserException; 20d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 21d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport android.annotation.SdkConstant; 22d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport android.annotation.SdkConstant.SdkConstantType; 23d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport android.content.ComponentName; 24d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport android.content.Context; 25d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport android.content.pm.ActivityInfo; 26d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport android.content.pm.PackageManager; 27d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport android.content.pm.ResolveInfo; 28d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport android.os.Handler; 298ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackbornimport android.os.RemoteCallback; 30d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport android.os.RemoteException; 31d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport android.os.ServiceManager; 32599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasaniimport android.os.UserHandle; 33d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport android.util.Log; 34d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 35da51e68e582ffa017543982297c831680d201a91Maggie Benthallimport com.android.org.conscrypt.TrustedCertificateStore; 36da51e68e582ffa017543982297c831680d201a91Maggie Benthall 37da51e68e582ffa017543982297c831680d201a91Maggie Benthallimport java.io.ByteArrayInputStream; 38d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornimport java.io.IOException; 3969238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayorimport java.net.InetSocketAddress; 4069238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayorimport java.net.Proxy; 41da51e68e582ffa017543982297c831680d201a91Maggie Benthallimport java.security.cert.CertificateException; 42da51e68e582ffa017543982297c831680d201a91Maggie Benthallimport java.security.cert.CertificateFactory; 43da51e68e582ffa017543982297c831680d201a91Maggie Benthallimport java.security.cert.X509Certificate; 44d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackbornimport java.util.List; 45da51e68e582ffa017543982297c831680d201a91Maggie Benthallimport java.util.Set; 46d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 47d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn/** 48d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Public interface for managing policies enforced on a device. Most clients 49ef6b22fc04a8d5ab26e13efac8069c097e0da7c9Dianne Hackborn * of this class must have published a {@link DeviceAdminReceiver} that the user 50d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * has currently enabled. 513aef8e1d1b2f0b87d470bcccf37ba4ebb6560c45Joe Fernandez * 523aef8e1d1b2f0b87d470bcccf37ba4ebb6560c45Joe Fernandez * <div class="special reference"> 533aef8e1d1b2f0b87d470bcccf37ba4ebb6560c45Joe Fernandez * <h3>Developer Guides</h3> 543aef8e1d1b2f0b87d470bcccf37ba4ebb6560c45Joe Fernandez * <p>For more information about managing policies for device adminstration, read the 553aef8e1d1b2f0b87d470bcccf37ba4ebb6560c45Joe Fernandez * <a href="{@docRoot}guide/topics/admin/device-admin.html">Device Administration</a> 563aef8e1d1b2f0b87d470bcccf37ba4ebb6560c45Joe Fernandez * developer guide.</p> 573aef8e1d1b2f0b87d470bcccf37ba4ebb6560c45Joe Fernandez * </div> 58d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 59d68478467e3f837511196c80891d7245d0e163dfDianne Hackbornpublic class DevicePolicyManager { 60d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn private static String TAG = "DevicePolicyManager"; 61d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 62d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn private final Context mContext; 63d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn private final IDevicePolicyManager mService; 643255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 6521f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn private DevicePolicyManager(Context context, Handler handler) { 66d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn mContext = context; 67d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn mService = IDevicePolicyManager.Stub.asInterface( 68d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn ServiceManager.getService(Context.DEVICE_POLICY_SERVICE)); 69d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 70d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn 7187bba1ee14279bb14a28d42e27c4ef66d9967bf8Dianne Hackborn /** @hide */ 7287bba1ee14279bb14a28d42e27c4ef66d9967bf8Dianne Hackborn public static DevicePolicyManager create(Context context, Handler handler) { 7321f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn DevicePolicyManager me = new DevicePolicyManager(context, handler); 7421f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn return me.mService != null ? me : null; 7521f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn } 763255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 77d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 78d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Activity action: ask the user to add a new device administrator to the system. 79d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * The desired policy is the ComponentName of the policy in the 80d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * {@link #EXTRA_DEVICE_ADMIN} extra field. This will invoke a UI to 81d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * bring the user through adding the device administrator to the system (or 82d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * allowing them to reject it). 833255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * 848ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn * <p>You can optionally include the {@link #EXTRA_ADD_EXPLANATION} 858ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn * field to provide the user with additional explanation (in addition 868ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn * to your component's description) about what is being added. 87c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler * 88c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler * <p>If your administrator is already active, this will ordinarily return immediately (without 89c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler * user intervention). However, if your administrator has been updated and is requesting 90c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler * additional uses-policy flags, the user will be presented with the new list. New policies 91c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler * will not be available to the updated administrator until the user has accepted the new list. 92d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 93d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn @SdkConstant(SdkConstantType.ACTIVITY_INTENT_ACTION) 94d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn public static final String ACTION_ADD_DEVICE_ADMIN 95d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn = "android.app.action.ADD_DEVICE_ADMIN"; 963255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 97d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 98284b62e1b8c3419bfd02c6fea5ba0a68146c06f8Jim Miller * Activity action: send when any policy admin changes a policy. 99284b62e1b8c3419bfd02c6fea5ba0a68146c06f8Jim Miller * This is generally used to find out when a new policy is in effect. 1003e5d3fd7e172ee85a7bb67baa01acbc3549dfdb6Jim Miller * 101284b62e1b8c3419bfd02c6fea5ba0a68146c06f8Jim Miller * @hide 102284b62e1b8c3419bfd02c6fea5ba0a68146c06f8Jim Miller */ 103284b62e1b8c3419bfd02c6fea5ba0a68146c06f8Jim Miller public static final String ACTION_DEVICE_POLICY_MANAGER_STATE_CHANGED 104284b62e1b8c3419bfd02c6fea5ba0a68146c06f8Jim Miller = "android.app.action.DEVICE_POLICY_MANAGER_STATE_CHANGED"; 105284b62e1b8c3419bfd02c6fea5ba0a68146c06f8Jim Miller 106284b62e1b8c3419bfd02c6fea5ba0a68146c06f8Jim Miller /** 107d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * The ComponentName of the administrator component. 108d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * 109d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * @see #ACTION_ADD_DEVICE_ADMIN 110d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 111d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn public static final String EXTRA_DEVICE_ADMIN = "android.app.extra.DEVICE_ADMIN"; 1123255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 113d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 1148ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn * An optional CharSequence providing additional explanation for why the 1158ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn * admin is being added. 1168ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn * 1178ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn * @see #ACTION_ADD_DEVICE_ADMIN 1188ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn */ 1198ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn public static final String EXTRA_ADD_EXPLANATION = "android.app.extra.ADD_EXPLANATION"; 1203255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 1213255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev /** 1223255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * Activity action: have the user enter a new password. This activity should 1233255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * be launched after using {@link #setPasswordQuality(ComponentName, int)}, 1243255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * or {@link #setPasswordMinimumLength(ComponentName, int)} to have the user 1253255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * enter a new password that meets the current requirements. You can use 1263255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * {@link #isActivePasswordSufficient()} to determine whether you need to 1273255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * have the user select a new password in order to meet the current 1283255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * constraints. Upon being resumed from this activity, you can check the new 1293255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * password characteristics to see if they are sufficient. 130d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 131d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn @SdkConstant(SdkConstantType.ACTIVITY_INTENT_ACTION) 132d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn public static final String ACTION_SET_NEW_PASSWORD 133d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn = "android.app.action.SET_NEW_PASSWORD"; 1343255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 135d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 136d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Return true if the given administrator component is currently 137d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * active (enabled) in the system. 138d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 139d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn public boolean isAdminActive(ComponentName who) { 140d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 141d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 142599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani return mService.isAdminActive(who, UserHandle.myUserId()); 143d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 144d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 145d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 146d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 147d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn return false; 148d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 1493255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 150d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 151d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn * Return a list of all currently active device administrator's component 152d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn * names. Note that if there are no administrators than null may be 153d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn * returned. 154d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn */ 155d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn public List<ComponentName> getActiveAdmins() { 156d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn if (mService != null) { 157d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn try { 158599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani return mService.getActiveAdmins(UserHandle.myUserId()); 159d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn } catch (RemoteException e) { 160d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 161d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn } 162d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn } 163d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn return null; 164d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn } 1653255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 166d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn /** 167599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani * Used by package administration code to determine if a package can be stopped 168599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani * or uninstalled. 16921f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn * @hide 17021f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn */ 17121f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn public boolean packageHasActiveAdmins(String packageName) { 17221f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn if (mService != null) { 17321f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn try { 174599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani return mService.packageHasActiveAdmins(packageName, UserHandle.myUserId()); 17521f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn } catch (RemoteException e) { 17621f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 17721f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn } 17821f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn } 17921f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn return false; 18021f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn } 1813255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 18221f1bd17b2dfe361acbb28453b3f3b1a110932faDianne Hackborn /** 183d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Remove a current administration component. This can only be called 184d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * by the application that owns the administration component; if you 185d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * try to remove someone else's component, a security exception will be 186d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * thrown. 187d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 188d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn public void removeActiveAdmin(ComponentName who) { 189d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 190d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 191599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani mService.removeActiveAdmin(who, UserHandle.myUserId()); 192d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 193d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 194d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 195d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 196d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 1973255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 198d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 199c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler * Returns true if an administrator has been granted a particular device policy. This can 200c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler * be used to check if the administrator was activated under an earlier set of policies, 201c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler * but requires additional policies after an upgrade. 202c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler * 203c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler * @param admin Which {@link DeviceAdminReceiver} this request is associated with. Must be 204c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler * an active administrator, or an exception will be thrown. 205c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler * @param usesPolicy Which uses-policy to check, as defined in {@link DeviceAdminInfo}. 206c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler */ 207c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler public boolean hasGrantedPolicy(ComponentName admin, int usesPolicy) { 208c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler if (mService != null) { 209c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler try { 210599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani return mService.hasGrantedPolicy(admin, usesPolicy, UserHandle.myUserId()); 211c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler } catch (RemoteException e) { 212c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler Log.w(TAG, "Failed talking with device policy service", e); 213c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler } 214c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler } 215c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler return false; 216c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler } 217c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler 218c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler /** 2199327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * Constant for {@link #setPasswordQuality}: the policy has no requirements 2209327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * for the password. Note that quality constants are ordered so that higher 221df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * values are more restrictive. 222d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 2239327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn public static final int PASSWORD_QUALITY_UNSPECIFIED = 0; 2243255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 225d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 2263e5d3fd7e172ee85a7bb67baa01acbc3549dfdb6Jim Miller * Constant for {@link #setPasswordQuality}: the policy allows for low-security biometric 2273e5d3fd7e172ee85a7bb67baa01acbc3549dfdb6Jim Miller * recognition technology. This implies technologies that can recognize the identity of 2283e5d3fd7e172ee85a7bb67baa01acbc3549dfdb6Jim Miller * an individual to about a 3 digit PIN (false detection is less than 1 in 1,000). 2293e5d3fd7e172ee85a7bb67baa01acbc3549dfdb6Jim Miller * Note that quality constants are ordered so that higher values are more restrictive. 2303e5d3fd7e172ee85a7bb67baa01acbc3549dfdb6Jim Miller */ 2313e5d3fd7e172ee85a7bb67baa01acbc3549dfdb6Jim Miller public static final int PASSWORD_QUALITY_BIOMETRIC_WEAK = 0x8000; 2323e5d3fd7e172ee85a7bb67baa01acbc3549dfdb6Jim Miller 2333e5d3fd7e172ee85a7bb67baa01acbc3549dfdb6Jim Miller /** 2349327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * Constant for {@link #setPasswordQuality}: the policy requires some kind 2359327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * of password, but doesn't care what it is. Note that quality constants 236df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * are ordered so that higher values are more restrictive. 237df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn */ 2389327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn public static final int PASSWORD_QUALITY_SOMETHING = 0x10000; 2393255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 240df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn /** 2419327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * Constant for {@link #setPasswordQuality}: the user must have entered a 2429327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * password containing at least numeric characters. Note that quality 2439327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * constants are ordered so that higher values are more restrictive. 244d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 2459327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn public static final int PASSWORD_QUALITY_NUMERIC = 0x20000; 2463255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 247d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 2489327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * Constant for {@link #setPasswordQuality}: the user must have entered a 24985f2c9ce5a0e074df2429a5d66e1754e368a0430Dianne Hackborn * password containing at least alphabetic (or other symbol) characters. 25085f2c9ce5a0e074df2429a5d66e1754e368a0430Dianne Hackborn * Note that quality constants are ordered so that higher values are more 25185f2c9ce5a0e074df2429a5d66e1754e368a0430Dianne Hackborn * restrictive. 25285f2c9ce5a0e074df2429a5d66e1754e368a0430Dianne Hackborn */ 25385f2c9ce5a0e074df2429a5d66e1754e368a0430Dianne Hackborn public static final int PASSWORD_QUALITY_ALPHABETIC = 0x40000; 2543255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 25585f2c9ce5a0e074df2429a5d66e1754e368a0430Dianne Hackborn /** 25685f2c9ce5a0e074df2429a5d66e1754e368a0430Dianne Hackborn * Constant for {@link #setPasswordQuality}: the user must have entered a 2579327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * password containing at least <em>both></em> numeric <em>and</em> 25885f2c9ce5a0e074df2429a5d66e1754e368a0430Dianne Hackborn * alphabetic (or other symbol) characters. Note that quality constants are 2599327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * ordered so that higher values are more restrictive. 260d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 26185f2c9ce5a0e074df2429a5d66e1754e368a0430Dianne Hackborn public static final int PASSWORD_QUALITY_ALPHANUMERIC = 0x50000; 2623255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 263d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 264a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * Constant for {@link #setPasswordQuality}: the user must have entered a 265c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * password containing at least a letter, a numerical digit and a special 266c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * symbol, by default. With this password quality, passwords can be 267c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * restricted to contain various sets of characters, like at least an 268c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * uppercase letter, etc. These are specified using various methods, 269c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * like {@link #setPasswordMinimumLowerCase(ComponentName, int)}. Note 270c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * that quality constants are ordered so that higher values are more 271c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * restrictive. 272a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev */ 273a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev public static final int PASSWORD_QUALITY_COMPLEX = 0x60000; 274a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev 275a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev /** 276d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Called by an application that is administering the device to set the 277d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * password restrictions it is imposing. After setting this, the user 278d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * will not be able to enter a new password that is not at least as 279d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * restrictive as what has been set. Note that the current password 280d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * will remain until the user has set a new one, so the change does not 281d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * take place immediately. To prompt the user for a new password, use 282d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * {@link #ACTION_SET_NEW_PASSWORD} after setting this value. 2833255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * 2849327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * <p>Quality constants are ordered so that higher values are more restrictive; 2859327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * thus the highest requested quality constant (between the policy set here, 286df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * the user's preference, and any other considerations) is the one that 287df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * is in effect. 2883255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * 2898aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * <p>The calling device admin must have requested 2908aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call 2918aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * this method; if it has not, a security exception will be thrown. 2923255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * 293ef6b22fc04a8d5ab26e13efac8069c097e0da7c9Dianne Hackborn * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 2949327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * @param quality The new desired quality. One of 2959327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * {@link #PASSWORD_QUALITY_UNSPECIFIED}, {@link #PASSWORD_QUALITY_SOMETHING}, 29685f2c9ce5a0e074df2429a5d66e1754e368a0430Dianne Hackborn * {@link #PASSWORD_QUALITY_NUMERIC}, {@link #PASSWORD_QUALITY_ALPHABETIC}, 297a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * {@link #PASSWORD_QUALITY_ALPHANUMERIC} or {@link #PASSWORD_QUALITY_COMPLEX}. 298d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 2999327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn public void setPasswordQuality(ComponentName admin, int quality) { 300d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 301d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 302599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani mService.setPasswordQuality(admin, quality, UserHandle.myUserId()); 303d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 304d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 305d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 306d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 307d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 3083255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 309d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 3109327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * Retrieve the current minimum password quality for all admins 311254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * or a particular one. 312254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * @param admin The name of the admin component to check, or null to aggregate 313254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * all admins. 314d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 3159327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn public int getPasswordQuality(ComponentName admin) { 316599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani return getPasswordQuality(admin, UserHandle.myUserId()); 317599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani } 318599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani 319599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani /** @hide per-user version */ 320599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani public int getPasswordQuality(ComponentName admin, int userHandle) { 321d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 322d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 323599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani return mService.getPasswordQuality(admin, userHandle); 324d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 325d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 326d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 327d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 3289327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn return PASSWORD_QUALITY_UNSPECIFIED; 329d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 3303255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 331d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 332d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Called by an application that is administering the device to set the 333d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * minimum allowed password length. After setting this, the user 334d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * will not be able to enter a new password that is not at least as 335d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * restrictive as what has been set. Note that the current password 336d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * will remain until the user has set a new one, so the change does not 337d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * take place immediately. To prompt the user for a new password, use 338d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * {@link #ACTION_SET_NEW_PASSWORD} after setting this value. This 339d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * constraint is only imposed if the administrator has also requested either 340a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * {@link #PASSWORD_QUALITY_NUMERIC}, {@link #PASSWORD_QUALITY_ALPHABETIC} 341a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * {@link #PASSWORD_QUALITY_ALPHANUMERIC}, or {@link #PASSWORD_QUALITY_COMPLEX} 3429327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * with {@link #setPasswordQuality}. 3433255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * 3448aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * <p>The calling device admin must have requested 3458aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call 3468aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * this method; if it has not, a security exception will be thrown. 3473255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * 348ef6b22fc04a8d5ab26e13efac8069c097e0da7c9Dianne Hackborn * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 349d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * @param length The new desired minimum password length. A value of 0 350d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * means there is no restriction. 351d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 352254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn public void setPasswordMinimumLength(ComponentName admin, int length) { 353d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 354d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 355599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani mService.setPasswordMinimumLength(admin, length, UserHandle.myUserId()); 356d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 357d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 358d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 359d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 360d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 3613255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 362d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 363254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * Retrieve the current minimum password length for all admins 364254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * or a particular one. 365254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * @param admin The name of the admin component to check, or null to aggregate 366254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * all admins. 367d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 368254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn public int getPasswordMinimumLength(ComponentName admin) { 369599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani return getPasswordMinimumLength(admin, UserHandle.myUserId()); 370599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani } 371599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani 372599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani /** @hide per-user version */ 373599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani public int getPasswordMinimumLength(ComponentName admin, int userHandle) { 374d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 375d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 376599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani return mService.getPasswordMinimumLength(admin, userHandle); 377d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 378d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 379d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 380d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 381d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn return 0; 382d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 3833255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 384a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev /** 385a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * Called by an application that is administering the device to set the 386a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * minimum number of upper case letters required in the password. After 387a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * setting this, the user will not be able to enter a new password that is 388a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * not at least as restrictive as what has been set. Note that the current 389a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * password will remain until the user has set a new one, so the change does 390a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * not take place immediately. To prompt the user for a new password, use 391a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * {@link #ACTION_SET_NEW_PASSWORD} after setting this value. This 392a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * constraint is only imposed if the administrator has also requested 393c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * {@link #PASSWORD_QUALITY_COMPLEX} with {@link #setPasswordQuality}. The 394c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * default value is 0. 395a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * <p> 396a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * The calling device admin must have requested 397a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call 398a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * this method; if it has not, a security exception will be thrown. 399a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * 400a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * @param admin Which {@link DeviceAdminReceiver} this request is associated 401a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * with. 402a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * @param length The new desired minimum number of upper case letters 403a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * required in the password. A value of 0 means there is no 404a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * restriction. 405a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev */ 406a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev public void setPasswordMinimumUpperCase(ComponentName admin, int length) { 407a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev if (mService != null) { 408a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev try { 409599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani mService.setPasswordMinimumUpperCase(admin, length, UserHandle.myUserId()); 410a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } catch (RemoteException e) { 411a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev Log.w(TAG, "Failed talking with device policy service", e); 412a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 413a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 414a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 415a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev 416a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev /** 417a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * Retrieve the current number of upper case letters required in the 418c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * password for all admins or a particular one. This is the same value as 419c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * set by {#link {@link #setPasswordMinimumUpperCase(ComponentName, int)} 420c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * and only applies when the password quality is 421c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * {@link #PASSWORD_QUALITY_COMPLEX}. 422a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * 423a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * @param admin The name of the admin component to check, or null to 424a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * aggregate all admins. 425a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * @return The minimum number of upper case letters required in the 426a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * password. 427a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev */ 428a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev public int getPasswordMinimumUpperCase(ComponentName admin) { 429599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani return getPasswordMinimumUpperCase(admin, UserHandle.myUserId()); 430599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani } 431599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani 432599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani /** @hide per-user version */ 433599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani public int getPasswordMinimumUpperCase(ComponentName admin, int userHandle) { 434a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev if (mService != null) { 435a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev try { 436599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani return mService.getPasswordMinimumUpperCase(admin, userHandle); 437a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } catch (RemoteException e) { 438a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev Log.w(TAG, "Failed talking with device policy service", e); 439a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 440a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 441a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev return 0; 442a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 443a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev 444a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev /** 445a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * Called by an application that is administering the device to set the 446a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * minimum number of lower case letters required in the password. After 447a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * setting this, the user will not be able to enter a new password that is 448a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * not at least as restrictive as what has been set. Note that the current 449a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * password will remain until the user has set a new one, so the change does 450a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * not take place immediately. To prompt the user for a new password, use 451a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * {@link #ACTION_SET_NEW_PASSWORD} after setting this value. This 452a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * constraint is only imposed if the administrator has also requested 453c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * {@link #PASSWORD_QUALITY_COMPLEX} with {@link #setPasswordQuality}. The 454c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * default value is 0. 455a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * <p> 456a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * The calling device admin must have requested 457a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call 458a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * this method; if it has not, a security exception will be thrown. 459a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * 460a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * @param admin Which {@link DeviceAdminReceiver} this request is associated 461a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * with. 462a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * @param length The new desired minimum number of lower case letters 463a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * required in the password. A value of 0 means there is no 464a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * restriction. 465a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev */ 466a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev public void setPasswordMinimumLowerCase(ComponentName admin, int length) { 467a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev if (mService != null) { 468a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev try { 469599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani mService.setPasswordMinimumLowerCase(admin, length, UserHandle.myUserId()); 470a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } catch (RemoteException e) { 471a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev Log.w(TAG, "Failed talking with device policy service", e); 472a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 473a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 474a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 475a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev 476a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev /** 477a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * Retrieve the current number of lower case letters required in the 478c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * password for all admins or a particular one. This is the same value as 479c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * set by {#link {@link #setPasswordMinimumLowerCase(ComponentName, int)} 480c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * and only applies when the password quality is 481c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * {@link #PASSWORD_QUALITY_COMPLEX}. 482a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * 483a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * @param admin The name of the admin component to check, or null to 484a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * aggregate all admins. 485a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * @return The minimum number of lower case letters required in the 486a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * password. 487a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev */ 488a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev public int getPasswordMinimumLowerCase(ComponentName admin) { 489599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani return getPasswordMinimumLowerCase(admin, UserHandle.myUserId()); 490599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani } 491599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani 492599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani /** @hide per-user version */ 493599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani public int getPasswordMinimumLowerCase(ComponentName admin, int userHandle) { 494a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev if (mService != null) { 495a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev try { 496599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani return mService.getPasswordMinimumLowerCase(admin, userHandle); 497a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } catch (RemoteException e) { 498a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev Log.w(TAG, "Failed talking with device policy service", e); 499a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 500a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 501a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev return 0; 502a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 503a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev 504a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev /** 505a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * Called by an application that is administering the device to set the 506a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * minimum number of letters required in the password. After setting this, 507a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * the user will not be able to enter a new password that is not at least as 508a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * restrictive as what has been set. Note that the current password will 509a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * remain until the user has set a new one, so the change does not take 510a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * place immediately. To prompt the user for a new password, use 511a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * {@link #ACTION_SET_NEW_PASSWORD} after setting this value. This 512a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * constraint is only imposed if the administrator has also requested 513c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * {@link #PASSWORD_QUALITY_COMPLEX} with {@link #setPasswordQuality}. The 514c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * default value is 1. 515a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * <p> 516a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * The calling device admin must have requested 517a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call 518a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * this method; if it has not, a security exception will be thrown. 519a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * 520a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * @param admin Which {@link DeviceAdminReceiver} this request is associated 521a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * with. 522a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * @param length The new desired minimum number of letters required in the 523a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * password. A value of 0 means there is no restriction. 524a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev */ 525a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev public void setPasswordMinimumLetters(ComponentName admin, int length) { 526a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev if (mService != null) { 527a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev try { 528599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani mService.setPasswordMinimumLetters(admin, length, UserHandle.myUserId()); 529a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } catch (RemoteException e) { 530a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev Log.w(TAG, "Failed talking with device policy service", e); 531a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 532a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 533a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 534a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev 535a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev /** 536a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * Retrieve the current number of letters required in the password for all 537c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * admins or a particular one. This is the same value as 538c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * set by {#link {@link #setPasswordMinimumLetters(ComponentName, int)} 539c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * and only applies when the password quality is 540c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * {@link #PASSWORD_QUALITY_COMPLEX}. 541a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * 542a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * @param admin The name of the admin component to check, or null to 543a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * aggregate all admins. 544a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * @return The minimum number of letters required in the password. 545a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev */ 546a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev public int getPasswordMinimumLetters(ComponentName admin) { 547599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani return getPasswordMinimumLetters(admin, UserHandle.myUserId()); 548599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani } 549599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani 550599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani /** @hide per-user version */ 551599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani public int getPasswordMinimumLetters(ComponentName admin, int userHandle) { 552a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev if (mService != null) { 553a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev try { 554599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani return mService.getPasswordMinimumLetters(admin, userHandle); 555a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } catch (RemoteException e) { 556a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev Log.w(TAG, "Failed talking with device policy service", e); 557a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 558a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 559a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev return 0; 560a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 561a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev 562a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev /** 563a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * Called by an application that is administering the device to set the 564a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * minimum number of numerical digits required in the password. After 565a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * setting this, the user will not be able to enter a new password that is 566a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * not at least as restrictive as what has been set. Note that the current 567a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * password will remain until the user has set a new one, so the change does 568a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * not take place immediately. To prompt the user for a new password, use 569a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * {@link #ACTION_SET_NEW_PASSWORD} after setting this value. This 570a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * constraint is only imposed if the administrator has also requested 571c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * {@link #PASSWORD_QUALITY_COMPLEX} with {@link #setPasswordQuality}. The 572c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * default value is 1. 573a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * <p> 574a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * The calling device admin must have requested 575a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call 576a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * this method; if it has not, a security exception will be thrown. 577a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * 578a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * @param admin Which {@link DeviceAdminReceiver} this request is associated 579a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * with. 580a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * @param length The new desired minimum number of numerical digits required 581a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * in the password. A value of 0 means there is no restriction. 582a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev */ 583a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev public void setPasswordMinimumNumeric(ComponentName admin, int length) { 584a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev if (mService != null) { 585a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev try { 586599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani mService.setPasswordMinimumNumeric(admin, length, UserHandle.myUserId()); 587a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } catch (RemoteException e) { 588a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev Log.w(TAG, "Failed talking with device policy service", e); 589a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 590a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 591a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 592a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev 593a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev /** 594a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * Retrieve the current number of numerical digits required in the password 595c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * for all admins or a particular one. This is the same value as 596c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * set by {#link {@link #setPasswordMinimumNumeric(ComponentName, int)} 597c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * and only applies when the password quality is 598c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * {@link #PASSWORD_QUALITY_COMPLEX}. 599a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * 600a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * @param admin The name of the admin component to check, or null to 601a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * aggregate all admins. 602a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * @return The minimum number of numerical digits required in the password. 603a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev */ 604a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev public int getPasswordMinimumNumeric(ComponentName admin) { 605599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani return getPasswordMinimumNumeric(admin, UserHandle.myUserId()); 606599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani } 607599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani 608599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani /** @hide per-user version */ 609599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani public int getPasswordMinimumNumeric(ComponentName admin, int userHandle) { 610a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev if (mService != null) { 611a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev try { 612599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani return mService.getPasswordMinimumNumeric(admin, userHandle); 613a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } catch (RemoteException e) { 614a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev Log.w(TAG, "Failed talking with device policy service", e); 615a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 616a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 617a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev return 0; 618a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 619a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev 620a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev /** 621a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * Called by an application that is administering the device to set the 622a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * minimum number of symbols required in the password. After setting this, 623a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * the user will not be able to enter a new password that is not at least as 624a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * restrictive as what has been set. Note that the current password will 625a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * remain until the user has set a new one, so the change does not take 626a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * place immediately. To prompt the user for a new password, use 627a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * {@link #ACTION_SET_NEW_PASSWORD} after setting this value. This 628a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * constraint is only imposed if the administrator has also requested 629c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * {@link #PASSWORD_QUALITY_COMPLEX} with {@link #setPasswordQuality}. The 630c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * default value is 1. 631a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * <p> 632a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * The calling device admin must have requested 633a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call 634a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * this method; if it has not, a security exception will be thrown. 635a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * 636a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * @param admin Which {@link DeviceAdminReceiver} this request is associated 637a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * with. 638a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * @param length The new desired minimum number of symbols required in the 639a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * password. A value of 0 means there is no restriction. 640a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev */ 641a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev public void setPasswordMinimumSymbols(ComponentName admin, int length) { 642a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev if (mService != null) { 643a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev try { 644599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani mService.setPasswordMinimumSymbols(admin, length, UserHandle.myUserId()); 645a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } catch (RemoteException e) { 646a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev Log.w(TAG, "Failed talking with device policy service", e); 647a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 648a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 649a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 650a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev 651a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev /** 652a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * Retrieve the current number of symbols required in the password for all 653c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * admins or a particular one. This is the same value as 654c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * set by {#link {@link #setPasswordMinimumSymbols(ComponentName, int)} 655c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * and only applies when the password quality is 656c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * {@link #PASSWORD_QUALITY_COMPLEX}. 657a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * 658a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * @param admin The name of the admin component to check, or null to 659a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * aggregate all admins. 660a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev * @return The minimum number of symbols required in the password. 661a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev */ 662a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev public int getPasswordMinimumSymbols(ComponentName admin) { 663599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani return getPasswordMinimumSymbols(admin, UserHandle.myUserId()); 664599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani } 665599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani 666599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani /** @hide per-user version */ 667599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani public int getPasswordMinimumSymbols(ComponentName admin, int userHandle) { 668a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev if (mService != null) { 669a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev try { 670599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani return mService.getPasswordMinimumSymbols(admin, userHandle); 671a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } catch (RemoteException e) { 672a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev Log.w(TAG, "Failed talking with device policy service", e); 673a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 674a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 675a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev return 0; 676a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev } 677a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev 678c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev /** 679c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * Called by an application that is administering the device to set the 680c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * minimum number of non-letter characters (numerical digits or symbols) 681c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * required in the password. After setting this, the user will not be able 682c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * to enter a new password that is not at least as restrictive as what has 683c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * been set. Note that the current password will remain until the user has 684c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * set a new one, so the change does not take place immediately. To prompt 685c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * the user for a new password, use {@link #ACTION_SET_NEW_PASSWORD} after 686c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * setting this value. This constraint is only imposed if the administrator 687c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * has also requested {@link #PASSWORD_QUALITY_COMPLEX} with 688c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * {@link #setPasswordQuality}. The default value is 0. 689c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * <p> 690c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * The calling device admin must have requested 691c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call 692c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * this method; if it has not, a security exception will be thrown. 693c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * 694c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * @param admin Which {@link DeviceAdminReceiver} this request is associated 695c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * with. 696c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * @param length The new desired minimum number of letters required in the 697c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * password. A value of 0 means there is no restriction. 698c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev */ 699c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev public void setPasswordMinimumNonLetter(ComponentName admin, int length) { 700c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev if (mService != null) { 701c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev try { 702599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani mService.setPasswordMinimumNonLetter(admin, length, UserHandle.myUserId()); 703c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev } catch (RemoteException e) { 704c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev Log.w(TAG, "Failed talking with device policy service", e); 705c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev } 706c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev } 707c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev } 708c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev 709c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev /** 710c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * Retrieve the current number of non-letter characters required in the 711c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * password for all admins or a particular one. This is the same value as 712c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * set by {#link {@link #setPasswordMinimumNonLetter(ComponentName, int)} 713c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * and only applies when the password quality is 714c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * {@link #PASSWORD_QUALITY_COMPLEX}. 715c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * 716c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * @param admin The name of the admin component to check, or null to 717c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * aggregate all admins. 718c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev * @return The minimum number of letters required in the password. 719c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev */ 720c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev public int getPasswordMinimumNonLetter(ComponentName admin) { 721599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani return getPasswordMinimumNonLetter(admin, UserHandle.myUserId()); 722599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani } 723599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani 724599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani /** @hide per-user version */ 725599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani public int getPasswordMinimumNonLetter(ComponentName admin, int userHandle) { 726c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev if (mService != null) { 727c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev try { 728599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani return mService.getPasswordMinimumNonLetter(admin, userHandle); 729c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev } catch (RemoteException e) { 730c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev Log.w(TAG, "Failed talking with device policy service", e); 731c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev } 732c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev } 733c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev return 0; 734c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev } 735c857740f242169f2ca7fd42f0d1268661b399ad6Konstantin Lopyrev 7363255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev /** 7373255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * Called by an application that is administering the device to set the length 7383255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * of the password history. After setting this, the user will not be able to 7393255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * enter a new password that is the same as any password in the history. Note 7403255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * that the current password will remain until the user has set a new one, so 7413255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * the change does not take place immediately. To prompt the user for a new 7423255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * password, use {@link #ACTION_SET_NEW_PASSWORD} after setting this value. 7433255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * This constraint is only imposed if the administrator has also requested 7443255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * either {@link #PASSWORD_QUALITY_NUMERIC}, 7453255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * {@link #PASSWORD_QUALITY_ALPHABETIC}, or 7463255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * {@link #PASSWORD_QUALITY_ALPHANUMERIC} with {@link #setPasswordQuality}. 7473255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * 7483255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * <p> 7493255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * The calling device admin must have requested 7503255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call this 7513255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * method; if it has not, a security exception will be thrown. 7523255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * 7533255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * @param admin Which {@link DeviceAdminReceiver} this request is associated 7543255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * with. 7553255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * @param length The new desired length of password history. A value of 0 7563255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * means there is no restriction. 7573255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev */ 7583255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev public void setPasswordHistoryLength(ComponentName admin, int length) { 7593255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev if (mService != null) { 7603255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev try { 761599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani mService.setPasswordHistoryLength(admin, length, UserHandle.myUserId()); 7623255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev } catch (RemoteException e) { 7633255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev Log.w(TAG, "Failed talking with device policy service", e); 7643255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev } 7653255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev } 7663255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev } 7673255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 7683255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev /** 769a4e28d181942018ba8759989799a28fa88764ce3Jim Miller * Called by a device admin to set the password expiration timeout. Calling this method 770a4e28d181942018ba8759989799a28fa88764ce3Jim Miller * will restart the countdown for password expiration for the given admin, as will changing 771a4e28d181942018ba8759989799a28fa88764ce3Jim Miller * the device password (for all admins). 772a4e28d181942018ba8759989799a28fa88764ce3Jim Miller * 773a4e28d181942018ba8759989799a28fa88764ce3Jim Miller * <p>The provided timeout is the time delta in ms and will be added to the current time. 774a4e28d181942018ba8759989799a28fa88764ce3Jim Miller * For example, to have the password expire 5 days from now, timeout would be 775a4e28d181942018ba8759989799a28fa88764ce3Jim Miller * 5 * 86400 * 1000 = 432000000 ms for timeout. 776a4e28d181942018ba8759989799a28fa88764ce3Jim Miller * 777a4e28d181942018ba8759989799a28fa88764ce3Jim Miller * <p>To disable password expiration, a value of 0 may be used for timeout. 778a4e28d181942018ba8759989799a28fa88764ce3Jim Miller * 779a4e28d181942018ba8759989799a28fa88764ce3Jim Miller * <p>The calling device admin must have requested 780a4e28d181942018ba8759989799a28fa88764ce3Jim Miller * {@link DeviceAdminInfo#USES_POLICY_EXPIRE_PASSWORD} to be able to call this 781a4e28d181942018ba8759989799a28fa88764ce3Jim Miller * method; if it has not, a security exception will be thrown. 782a4e28d181942018ba8759989799a28fa88764ce3Jim Miller * 783a4e28d181942018ba8759989799a28fa88764ce3Jim Miller * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 784a4e28d181942018ba8759989799a28fa88764ce3Jim Miller * @param timeout The limit (in ms) that a password can remain in effect. A value of 0 785a4e28d181942018ba8759989799a28fa88764ce3Jim Miller * means there is no restriction (unlimited). 786a4e28d181942018ba8759989799a28fa88764ce3Jim Miller */ 787a4e28d181942018ba8759989799a28fa88764ce3Jim Miller public void setPasswordExpirationTimeout(ComponentName admin, long timeout) { 788a4e28d181942018ba8759989799a28fa88764ce3Jim Miller if (mService != null) { 789a4e28d181942018ba8759989799a28fa88764ce3Jim Miller try { 790599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani mService.setPasswordExpirationTimeout(admin, timeout, UserHandle.myUserId()); 791a4e28d181942018ba8759989799a28fa88764ce3Jim Miller } catch (RemoteException e) { 792a4e28d181942018ba8759989799a28fa88764ce3Jim Miller Log.w(TAG, "Failed talking with device policy service", e); 793a4e28d181942018ba8759989799a28fa88764ce3Jim Miller } 794a4e28d181942018ba8759989799a28fa88764ce3Jim Miller } 795a4e28d181942018ba8759989799a28fa88764ce3Jim Miller } 796a4e28d181942018ba8759989799a28fa88764ce3Jim Miller 797a4e28d181942018ba8759989799a28fa88764ce3Jim Miller /** 7986b85768058b065cc682757a366abc828c9ca727aJim Miller * Get the password expiration timeout for the given admin. The expiration timeout is the 7996b85768058b065cc682757a366abc828c9ca727aJim Miller * recurring expiration timeout provided in the call to 8006b85768058b065cc682757a366abc828c9ca727aJim Miller * {@link #setPasswordExpirationTimeout(ComponentName, long)} for the given admin or the 8016b85768058b065cc682757a366abc828c9ca727aJim Miller * aggregate of all policy administrators if admin is null. 802a4e28d181942018ba8759989799a28fa88764ce3Jim Miller * 803a4e28d181942018ba8759989799a28fa88764ce3Jim Miller * @param admin The name of the admin component to check, or null to aggregate all admins. 804a4e28d181942018ba8759989799a28fa88764ce3Jim Miller * @return The timeout for the given admin or the minimum of all timeouts 805a4e28d181942018ba8759989799a28fa88764ce3Jim Miller */ 806a4e28d181942018ba8759989799a28fa88764ce3Jim Miller public long getPasswordExpirationTimeout(ComponentName admin) { 807a4e28d181942018ba8759989799a28fa88764ce3Jim Miller if (mService != null) { 808a4e28d181942018ba8759989799a28fa88764ce3Jim Miller try { 809599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani return mService.getPasswordExpirationTimeout(admin, UserHandle.myUserId()); 810a4e28d181942018ba8759989799a28fa88764ce3Jim Miller } catch (RemoteException e) { 811a4e28d181942018ba8759989799a28fa88764ce3Jim Miller Log.w(TAG, "Failed talking with device policy service", e); 812a4e28d181942018ba8759989799a28fa88764ce3Jim Miller } 813a4e28d181942018ba8759989799a28fa88764ce3Jim Miller } 814a4e28d181942018ba8759989799a28fa88764ce3Jim Miller return 0; 815a4e28d181942018ba8759989799a28fa88764ce3Jim Miller } 816a4e28d181942018ba8759989799a28fa88764ce3Jim Miller 817a4e28d181942018ba8759989799a28fa88764ce3Jim Miller /** 818a4e28d181942018ba8759989799a28fa88764ce3Jim Miller * Get the current password expiration time for the given admin or an aggregate of 8196b85768058b065cc682757a366abc828c9ca727aJim Miller * all admins if admin is null. If the password is expired, this will return the time since 8206b85768058b065cc682757a366abc828c9ca727aJim Miller * the password expired as a negative number. If admin is null, then a composite of all 8216b85768058b065cc682757a366abc828c9ca727aJim Miller * expiration timeouts is returned - which will be the minimum of all timeouts. 822a4e28d181942018ba8759989799a28fa88764ce3Jim Miller * 823a4e28d181942018ba8759989799a28fa88764ce3Jim Miller * @param admin The name of the admin component to check, or null to aggregate all admins. 824a4e28d181942018ba8759989799a28fa88764ce3Jim Miller * @return The password expiration time, in ms. 825a4e28d181942018ba8759989799a28fa88764ce3Jim Miller */ 826a4e28d181942018ba8759989799a28fa88764ce3Jim Miller public long getPasswordExpiration(ComponentName admin) { 827a4e28d181942018ba8759989799a28fa88764ce3Jim Miller if (mService != null) { 828a4e28d181942018ba8759989799a28fa88764ce3Jim Miller try { 829599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani return mService.getPasswordExpiration(admin, UserHandle.myUserId()); 830a4e28d181942018ba8759989799a28fa88764ce3Jim Miller } catch (RemoteException e) { 831a4e28d181942018ba8759989799a28fa88764ce3Jim Miller Log.w(TAG, "Failed talking with device policy service", e); 832a4e28d181942018ba8759989799a28fa88764ce3Jim Miller } 833a4e28d181942018ba8759989799a28fa88764ce3Jim Miller } 834a4e28d181942018ba8759989799a28fa88764ce3Jim Miller return 0; 835a4e28d181942018ba8759989799a28fa88764ce3Jim Miller } 836a4e28d181942018ba8759989799a28fa88764ce3Jim Miller 837a4e28d181942018ba8759989799a28fa88764ce3Jim Miller /** 8383255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * Retrieve the current password history length for all admins 8393255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * or a particular one. 8403255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * @param admin The name of the admin component to check, or null to aggregate 8413255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * all admins. 8423255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * @return The length of the password history 8433255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev */ 8443255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev public int getPasswordHistoryLength(ComponentName admin) { 845599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani return getPasswordHistoryLength(admin, UserHandle.myUserId()); 846599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani } 847599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani 848599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani /** @hide per-user version */ 849599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani public int getPasswordHistoryLength(ComponentName admin, int userHandle) { 8503255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev if (mService != null) { 8513255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev try { 852599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani return mService.getPasswordHistoryLength(admin, userHandle); 8533255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev } catch (RemoteException e) { 8543255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev Log.w(TAG, "Failed talking with device policy service", e); 8553255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev } 8563255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev } 8573255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev return 0; 8583255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev } 8593255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 860d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 861254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * Return the maximum password length that the device supports for a 8629327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * particular password quality. 863364f6e3d44c27cd17fe0f3fca844465e9a502636Dianne Hackborn * @param quality The quality being interrogated. 864254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * @return Returns the maximum length that the user can enter. 865254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn */ 8669327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn public int getPasswordMaximumLength(int quality) { 867254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn // Kind-of arbitrary. 868254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn return 16; 869254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn } 8703255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 871254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn /** 872df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * Determine whether the current password the user has set is sufficient 8739327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * to meet the policy requirements (quality, minimum length) that have been 874df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * requested. 8753255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * 8768aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * <p>The calling device admin must have requested 8778aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * {@link DeviceAdminInfo#USES_POLICY_LIMIT_PASSWORD} to be able to call 8788aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * this method; if it has not, a security exception will be thrown. 8793255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * 880df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * @return Returns true if the password meets the current requirements, 881df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * else false. 882d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 883df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn public boolean isActivePasswordSufficient() { 884d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 885d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 886599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani return mService.isActivePasswordSufficient(UserHandle.myUserId()); 887d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 888d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 889d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 890d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 891df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn return false; 892d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 8933255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 894d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 895d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Retrieve the number of times the user has failed at entering a 896d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * password since that last successful password entry. 8973255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * 8988aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * <p>The calling device admin must have requested 8998aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * {@link DeviceAdminInfo#USES_POLICY_WATCH_LOGIN} to be able to call 9008aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * this method; if it has not, a security exception will be thrown. 901d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 902d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn public int getCurrentFailedPasswordAttempts() { 903d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 904d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 905599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani return mService.getCurrentFailedPasswordAttempts(UserHandle.myUserId()); 906d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 907d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 908d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 909d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 910d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn return -1; 911d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 912df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn 913df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn /** 91488209d15dd5fcb883403525a6455857566e3aee7Andrew Stadler * Setting this to a value greater than zero enables a built-in policy 91588209d15dd5fcb883403525a6455857566e3aee7Andrew Stadler * that will perform a device wipe after too many incorrect 91688209d15dd5fcb883403525a6455857566e3aee7Andrew Stadler * device-unlock passwords have been entered. This built-in policy combines 91788209d15dd5fcb883403525a6455857566e3aee7Andrew Stadler * watching for failed passwords and wiping the device, and requires 91888209d15dd5fcb883403525a6455857566e3aee7Andrew Stadler * that you request both {@link DeviceAdminInfo#USES_POLICY_WATCH_LOGIN} and 9198ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn * {@link DeviceAdminInfo#USES_POLICY_WIPE_DATA}}. 9203255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * 92188209d15dd5fcb883403525a6455857566e3aee7Andrew Stadler * <p>To implement any other policy (e.g. wiping data for a particular 92288209d15dd5fcb883403525a6455857566e3aee7Andrew Stadler * application only, erasing or revoking credentials, or reporting the 92388209d15dd5fcb883403525a6455857566e3aee7Andrew Stadler * failure to a server), you should implement 924ef6b22fc04a8d5ab26e13efac8069c097e0da7c9Dianne Hackborn * {@link DeviceAdminReceiver#onPasswordFailed(Context, android.content.Intent)} 92588209d15dd5fcb883403525a6455857566e3aee7Andrew Stadler * instead. Do not use this API, because if the maximum count is reached, 92688209d15dd5fcb883403525a6455857566e3aee7Andrew Stadler * the device will be wiped immediately, and your callback will not be invoked. 9273255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * 928ef6b22fc04a8d5ab26e13efac8069c097e0da7c9Dianne Hackborn * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 9298ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn * @param num The number of failed password attempts at which point the 9308ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn * device will wipe its data. 9318ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn */ 9328ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn public void setMaximumFailedPasswordsForWipe(ComponentName admin, int num) { 9338ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn if (mService != null) { 9348ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn try { 935599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani mService.setMaximumFailedPasswordsForWipe(admin, num, UserHandle.myUserId()); 9368ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn } catch (RemoteException e) { 9378ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 9388ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn } 9398ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn } 9408ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn } 9413255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 9428ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn /** 943254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * Retrieve the current maximum number of login attempts that are allowed 944254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * before the device wipes itself, for all admins 945254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * or a particular one. 946254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * @param admin The name of the admin component to check, or null to aggregate 947254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * all admins. 948254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn */ 949254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn public int getMaximumFailedPasswordsForWipe(ComponentName admin) { 950599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani return getMaximumFailedPasswordsForWipe(admin, UserHandle.myUserId()); 951599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani } 952599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani 953599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani /** @hide per-user version */ 954599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani public int getMaximumFailedPasswordsForWipe(ComponentName admin, int userHandle) { 955254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn if (mService != null) { 956254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn try { 957599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani return mService.getMaximumFailedPasswordsForWipe(admin, userHandle); 958254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn } catch (RemoteException e) { 959254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 960254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn } 961254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn } 962254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn return 0; 963254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn } 9643255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 965254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn /** 96687bba1ee14279bb14a28d42e27c4ef66d9967bf8Dianne Hackborn * Flag for {@link #resetPassword}: don't allow other admins to change 96787bba1ee14279bb14a28d42e27c4ef66d9967bf8Dianne Hackborn * the password again until the user has entered it. 96887bba1ee14279bb14a28d42e27c4ef66d9967bf8Dianne Hackborn */ 96987bba1ee14279bb14a28d42e27c4ef66d9967bf8Dianne Hackborn public static final int RESET_PASSWORD_REQUIRE_ENTRY = 0x0001; 9703255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 97187bba1ee14279bb14a28d42e27c4ef66d9967bf8Dianne Hackborn /** 972ef6b22fc04a8d5ab26e13efac8069c097e0da7c9Dianne Hackborn * Force a new device unlock password (the password needed to access the 973ef6b22fc04a8d5ab26e13efac8069c097e0da7c9Dianne Hackborn * entire device, not for individual accounts) on the user. This takes 974ef6b22fc04a8d5ab26e13efac8069c097e0da7c9Dianne Hackborn * effect immediately. 9759327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * The given password must be sufficient for the 9769327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * current password quality and length constraints as returned by 9779327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * {@link #getPasswordQuality(ComponentName)} and 9789327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * {@link #getPasswordMinimumLength(ComponentName)}; if it does not meet 9799327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * these constraints, then it will be rejected and false returned. Note 9809327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * that the password may be a stronger quality (containing alphanumeric 9819327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * characters when the requested quality is only numeric), in which case 9829327f4f671de3cbb795612bf4f314ceff88de865Dianne Hackborn * the currently active quality will be increased to match. 9833255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * 9848aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * <p>The calling device admin must have requested 9858aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * {@link DeviceAdminInfo#USES_POLICY_RESET_PASSWORD} to be able to call 9868aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * this method; if it has not, a security exception will be thrown. 9873255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * 988df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * @param password The new password for the user. 98987bba1ee14279bb14a28d42e27c4ef66d9967bf8Dianne Hackborn * @param flags May be 0 or {@link #RESET_PASSWORD_REQUIRE_ENTRY}. 990df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * @return Returns true if the password was applied, or false if it is 991df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * not acceptable for the current constraints. 992df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn */ 99387bba1ee14279bb14a28d42e27c4ef66d9967bf8Dianne Hackborn public boolean resetPassword(String password, int flags) { 994df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn if (mService != null) { 995df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn try { 996599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani return mService.resetPassword(password, flags, UserHandle.myUserId()); 997df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn } catch (RemoteException e) { 998df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 999df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn } 1000df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn } 1001df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn return false; 1002df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn } 10033255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 1004d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 1005d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Called by an application that is administering the device to set the 1006d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * maximum time for user activity until the device will lock. This limits 1007d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * the length that the user can set. It takes effect immediately. 10083255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * 10098aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * <p>The calling device admin must have requested 1010315ada7fbb9e967c22e87b4921bec720ceb2c73cDianne Hackborn * {@link DeviceAdminInfo#USES_POLICY_FORCE_LOCK} to be able to call 10118aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * this method; if it has not, a security exception will be thrown. 10123255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * 1013ef6b22fc04a8d5ab26e13efac8069c097e0da7c9Dianne Hackborn * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 1014d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * @param timeMs The new desired maximum time to lock in milliseconds. 1015d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * A value of 0 means there is no restriction. 1016d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 1017d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn public void setMaximumTimeToLock(ComponentName admin, long timeMs) { 1018d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 1019d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 1020599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani mService.setMaximumTimeToLock(admin, timeMs, UserHandle.myUserId()); 1021d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 1022d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 1023d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 1024d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 1025d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 10263255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 1027d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 1028254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * Retrieve the current maximum time to unlock for all admins 1029254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * or a particular one. 1030254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * @param admin The name of the admin component to check, or null to aggregate 1031254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn * all admins. 1032d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 1033254cb446faa7cb13699d8150eb4cc4f44cb61a2dDianne Hackborn public long getMaximumTimeToLock(ComponentName admin) { 1034599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani return getMaximumTimeToLock(admin, UserHandle.myUserId()); 1035599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani } 1036599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani 1037599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani /** @hide per-user version */ 1038599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani public long getMaximumTimeToLock(ComponentName admin, int userHandle) { 1039d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 1040d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 1041599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani return mService.getMaximumTimeToLock(admin, userHandle); 1042d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 1043d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 1044d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 1045d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 1046d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn return 0; 1047d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 10483255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 1049d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 1050df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * Make the device lock immediately, as if the lock screen timeout has 1051df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * expired at the point of this call. 10523255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * 10538aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * <p>The calling device admin must have requested 10548aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * {@link DeviceAdminInfo#USES_POLICY_FORCE_LOCK} to be able to call 10558aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * this method; if it has not, a security exception will be thrown. 1056d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 1057df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn public void lockNow() { 1058df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn if (mService != null) { 1059df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn try { 1060df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn mService.lockNow(); 1061df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn } catch (RemoteException e) { 1062df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 1063df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn } 1064df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn } 1065df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn } 10663255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 1067d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 1068424991704b5fb7a64f6cf0fcc3f4b1aabbf2a2e0Dianne Hackborn * Flag for {@link #wipeData(int)}: also erase the device's external 1069424991704b5fb7a64f6cf0fcc3f4b1aabbf2a2e0Dianne Hackborn * storage. 1070424991704b5fb7a64f6cf0fcc3f4b1aabbf2a2e0Dianne Hackborn */ 1071424991704b5fb7a64f6cf0fcc3f4b1aabbf2a2e0Dianne Hackborn public static final int WIPE_EXTERNAL_STORAGE = 0x0001; 1072424991704b5fb7a64f6cf0fcc3f4b1aabbf2a2e0Dianne Hackborn 1073424991704b5fb7a64f6cf0fcc3f4b1aabbf2a2e0Dianne Hackborn /** 1074d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * Ask the user date be wiped. This will cause the device to reboot, 1075df83afaf299666e99c519aa86e7e082b7c116e95Dianne Hackborn * erasing all user data while next booting up. External storage such 1076f535cb04f08575d29118fab0342b1e6274091734Masanori Ogino * as SD cards will be also erased if the flag {@link #WIPE_EXTERNAL_STORAGE} 1077f535cb04f08575d29118fab0342b1e6274091734Masanori Ogino * is set. 10783255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * 10798aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * <p>The calling device admin must have requested 10808aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * {@link DeviceAdminInfo#USES_POLICY_WIPE_DATA} to be able to call 10818aa2e8939c61d788cbc192098465e79f584e173aDianne Hackborn * this method; if it has not, a security exception will be thrown. 10823255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev * 1083f535cb04f08575d29118fab0342b1e6274091734Masanori Ogino * @param flags Bit mask of additional options: currently 0 and 1084f535cb04f08575d29118fab0342b1e6274091734Masanori Ogino * {@link #WIPE_EXTERNAL_STORAGE} are supported. 1085d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 1086d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn public void wipeData(int flags) { 1087d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 1088d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 1089599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani mService.wipeData(flags, UserHandle.myUserId()); 1090d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 1091d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 1092d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 1093d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 1094d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 10953255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 1096d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 109769238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor * Called by an application that is administering the device to set the 109869238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor * global proxy and exclusion list. 109969238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor * <p> 110069238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor * The calling device admin must have requested 110169238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor * {@link DeviceAdminInfo#USES_POLICY_SETS_GLOBAL_PROXY} to be able to call 110269238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor * this method; if it has not, a security exception will be thrown. 110369238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor * Only the first device admin can set the proxy. If a second admin attempts 110469238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor * to set the proxy, the {@link ComponentName} of the admin originally setting the 110569238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor * proxy will be returned. If successful in setting the proxy, null will 110669238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor * be returned. 110769238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor * The method can be called repeatedly by the device admin alrady setting the 110869238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor * proxy to update the proxy and exclusion list. 110969238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor * 111069238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor * @param admin Which {@link DeviceAdminReceiver} this request is associated 111169238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor * with. 111269238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor * @param proxySpec the global proxy desired. Must be an HTTP Proxy. 111369238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor * Pass Proxy.NO_PROXY to reset the proxy. 111469238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor * @param exclusionList a list of domains to be excluded from the global proxy. 111569238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor * @return returns null if the proxy was successfully set, or a {@link ComponentName} 111669238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor * of the device admin that sets thew proxy otherwise. 1117d26727273d16745ceddc2203121d29c3a9e7733cAndy Stadler * @hide 111869238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor */ 111969238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor public ComponentName setGlobalProxy(ComponentName admin, Proxy proxySpec, 112069238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor List<String> exclusionList ) { 112169238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor if (proxySpec == null) { 112269238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor throw new NullPointerException(); 112369238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor } 112469238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor if (mService != null) { 112569238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor try { 112669238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor String hostSpec; 112769238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor String exclSpec; 112869238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor if (proxySpec.equals(Proxy.NO_PROXY)) { 112969238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor hostSpec = null; 113069238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor exclSpec = null; 113169238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor } else { 113269238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor if (!proxySpec.type().equals(Proxy.Type.HTTP)) { 113369238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor throw new IllegalArgumentException(); 113469238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor } 113569238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor InetSocketAddress sa = (InetSocketAddress)proxySpec.address(); 113669238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor String hostName = sa.getHostName(); 113769238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor int port = sa.getPort(); 113869238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor StringBuilder hostBuilder = new StringBuilder(); 113969238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor hostSpec = hostBuilder.append(hostName) 114069238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor .append(":").append(Integer.toString(port)).toString(); 114169238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor if (exclusionList == null) { 114269238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor exclSpec = ""; 114369238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor } else { 114469238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor StringBuilder listBuilder = new StringBuilder(); 114569238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor boolean firstDomain = true; 114669238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor for (String exclDomain : exclusionList) { 114769238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor if (!firstDomain) { 114869238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor listBuilder = listBuilder.append(","); 114969238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor } else { 115069238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor firstDomain = false; 115169238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor } 115269238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor listBuilder = listBuilder.append(exclDomain.trim()); 115369238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor } 115469238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor exclSpec = listBuilder.toString(); 115569238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor } 115669238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor android.net.Proxy.validate(hostName, Integer.toString(port), exclSpec); 115769238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor } 1158599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani return mService.setGlobalProxy(admin, hostSpec, exclSpec, UserHandle.myUserId()); 115969238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor } catch (RemoteException e) { 116069238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor Log.w(TAG, "Failed talking with device policy service", e); 116169238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor } 116269238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor } 116369238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor return null; 116469238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor } 116569238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor 116669238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor /** 116769238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor * Returns the component name setting the global proxy. 116869238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor * @return ComponentName object of the device admin that set the global proxy, or 116969238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor * null if no admin has set the proxy. 1170d26727273d16745ceddc2203121d29c3a9e7733cAndy Stadler * @hide 117169238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor */ 117269238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor public ComponentName getGlobalProxyAdmin() { 117369238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor if (mService != null) { 117469238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor try { 1175599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani return mService.getGlobalProxyAdmin(UserHandle.myUserId()); 117669238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor } catch (RemoteException e) { 117769238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor Log.w(TAG, "Failed talking with device policy service", e); 117869238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor } 117969238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor } 118069238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor return null; 118169238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor } 118269238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor 118369238c6a37ae43c748ad9cd7613f2209149ee7daOscar Montemayor /** 118422dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * Result code for {@link #setStorageEncryption} and {@link #getStorageEncryptionStatus}: 11857b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * indicating that encryption is not supported. 11867b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler */ 11877b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler public static final int ENCRYPTION_STATUS_UNSUPPORTED = 0; 11887b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler 11897b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler /** 119022dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * Result code for {@link #setStorageEncryption} and {@link #getStorageEncryptionStatus}: 11917b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * indicating that encryption is supported, but is not currently active. 11927b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler */ 11937b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler public static final int ENCRYPTION_STATUS_INACTIVE = 1; 11947b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler 11957b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler /** 119622dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * Result code for {@link #setStorageEncryption} and {@link #getStorageEncryptionStatus}: 11977b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * indicating that encryption is not currently active, but is currently 11987b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * being activated. This is only reported by devices that support 11997b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * encryption of data and only when the storage is currently 12007b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * undergoing a process of becoming encrypted. A device that must reboot and/or wipe data 12017b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * to become encrypted will never return this value. 12027b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler */ 120322dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler public static final int ENCRYPTION_STATUS_ACTIVATING = 2; 12047b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler 12057b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler /** 120622dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * Result code for {@link #setStorageEncryption} and {@link #getStorageEncryptionStatus}: 12077b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * indicating that encryption is active. 12087b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler */ 120922dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler public static final int ENCRYPTION_STATUS_ACTIVE = 3; 12107b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler 12117b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler /** 12127b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * Activity action: begin the process of encrypting data on the device. This activity should 12137b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * be launched after using {@link #setStorageEncryption} to request encryption be activated. 12147b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * After resuming from this activity, use {@link #getStorageEncryption} 12157b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * to check encryption status. However, on some devices this activity may never return, as 12167b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * it may trigger a reboot and in some cases a complete data wipe of the device. 12177b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler */ 12187b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler @SdkConstant(SdkConstantType.ACTIVITY_INTENT_ACTION) 12197b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler public static final String ACTION_START_ENCRYPTION 12207b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler = "android.app.action.START_ENCRYPTION"; 12217b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler 12227b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler /** 1223b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller * Widgets are enabled in keyguard 1224b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller */ 122548b9b0d068844af9eb37c215484831c4d6b831b0Jim Miller public static final int KEYGUARD_DISABLE_FEATURES_NONE = 0; 1226b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller 1227b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller /** 1228b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller * Disable all keyguard widgets 1229b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller */ 123048b9b0d068844af9eb37c215484831c4d6b831b0Jim Miller public static final int KEYGUARD_DISABLE_WIDGETS_ALL = 1 << 0; 123148b9b0d068844af9eb37c215484831c4d6b831b0Jim Miller 123248b9b0d068844af9eb37c215484831c4d6b831b0Jim Miller /** 123348b9b0d068844af9eb37c215484831c4d6b831b0Jim Miller * Disable the camera on secure keyguard screens (e.g. PIN/Pattern/Password) 123448b9b0d068844af9eb37c215484831c4d6b831b0Jim Miller */ 123548b9b0d068844af9eb37c215484831c4d6b831b0Jim Miller public static final int KEYGUARD_DISABLE_SECURE_CAMERA = 1 << 1; 123648b9b0d068844af9eb37c215484831c4d6b831b0Jim Miller 123748b9b0d068844af9eb37c215484831c4d6b831b0Jim Miller /** 12383520774a91aee6fd59200aef4238efbdb580202aJim Miller * Disable all current and future keyguard customizations. 123948b9b0d068844af9eb37c215484831c4d6b831b0Jim Miller */ 124048b9b0d068844af9eb37c215484831c4d6b831b0Jim Miller public static final int KEYGUARD_DISABLE_FEATURES_ALL = 0x7fffffff; 1241b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller 1242b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller /** 12437b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * Called by an application that is administering the device to 124422dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * request that the storage system be encrypted. 12457b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * 12467b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * <p>When multiple device administrators attempt to control device 12477b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * encryption, the most secure, supported setting will always be 12487b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * used. If any device administrator requests device encryption, 12497b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * it will be enabled; Conversely, if a device administrator 12507b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * attempts to disable device encryption while another 12517b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * device administrator has enabled it, the call to disable will 12527b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * fail (most commonly returning {@link #ENCRYPTION_STATUS_ACTIVE}). 12537b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * 12547b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * <p>This policy controls encryption of the secure (application data) storage area. Data 125550c294f21b3348010c3f91c5a998d54e1e45d2e4Andy Stadler * written to other storage areas may or may not be encrypted, and this policy does not require 125650c294f21b3348010c3f91c5a998d54e1e45d2e4Andy Stadler * or control the encryption of any other storage areas. 125750c294f21b3348010c3f91c5a998d54e1e45d2e4Andy Stadler * There is one exception: If {@link android.os.Environment#isExternalStorageEmulated()} is 125850c294f21b3348010c3f91c5a998d54e1e45d2e4Andy Stadler * {@code true}, then the directory returned by 125950c294f21b3348010c3f91c5a998d54e1e45d2e4Andy Stadler * {@link android.os.Environment#getExternalStorageDirectory()} must be written to disk 126050c294f21b3348010c3f91c5a998d54e1e45d2e4Andy Stadler * within the encrypted storage area. 12617b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * 12627b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * <p>Important Note: On some devices, it is possible to encrypt storage without requiring 12637b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * the user to create a device PIN or Password. In this case, the storage is encrypted, but 12647b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * the encryption key may not be fully secured. For maximum security, the administrator should 12657b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * also require (and check for) a pattern, PIN, or password. 12667b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * 12677b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 12687b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * @param encrypt true to request encryption, false to release any previous request 126922dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * @return the new request status (for all active admins) - will be one of 127022dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * {@link #ENCRYPTION_STATUS_UNSUPPORTED}, {@link #ENCRYPTION_STATUS_INACTIVE}, or 127122dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * {@link #ENCRYPTION_STATUS_ACTIVE}. This is the value of the requests; Use 127222dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * {@link #getStorageEncryptionStatus()} to query the actual device state. 12737b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler */ 12747b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler public int setStorageEncryption(ComponentName admin, boolean encrypt) { 12757b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler if (mService != null) { 12767b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler try { 1277599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani return mService.setStorageEncryption(admin, encrypt, UserHandle.myUserId()); 12787b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler } catch (RemoteException e) { 12797b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler Log.w(TAG, "Failed talking with device policy service", e); 12807b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler } 12817b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler } 12827b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler return ENCRYPTION_STATUS_UNSUPPORTED; 12837b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler } 12847b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler 12857b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler /** 12867b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * Called by an application that is administering the device to 128722dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * determine the requested setting for secure storage. 12887b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler * 128922dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * @param admin Which {@link DeviceAdminReceiver} this request is associated with. If null, 129022dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * this will return the requested encryption setting as an aggregate of all active 129122dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * administrators. 129222dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * @return true if the admin(s) are requesting encryption, false if not. 12937b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler */ 129422dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler public boolean getStorageEncryption(ComponentName admin) { 12957b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler if (mService != null) { 12967b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler try { 1297599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani return mService.getStorageEncryption(admin, UserHandle.myUserId()); 12987b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler } catch (RemoteException e) { 129922dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler Log.w(TAG, "Failed talking with device policy service", e); 130022dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler } 130122dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler } 130222dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler return false; 130322dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler } 130422dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler 130522dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler /** 130622dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * Called by an application that is administering the device to 130722dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * determine the current encryption status of the device. 130822dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * 130922dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * Depending on the returned status code, the caller may proceed in different 131022dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * ways. If the result is {@link #ENCRYPTION_STATUS_UNSUPPORTED}, the 131122dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * storage system does not support encryption. If the 131222dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * result is {@link #ENCRYPTION_STATUS_INACTIVE}, use {@link 131322dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * #ACTION_START_ENCRYPTION} to begin the process of encrypting or decrypting the 131422dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * storage. If the result is {@link #ENCRYPTION_STATUS_ACTIVATING} or 131522dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * {@link #ENCRYPTION_STATUS_ACTIVE}, no further action is required. 131622dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * 131722dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * @return current status of encryption. The value will be one of 131822dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * {@link #ENCRYPTION_STATUS_UNSUPPORTED}, {@link #ENCRYPTION_STATUS_INACTIVE}, 131922dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler * {@link #ENCRYPTION_STATUS_ACTIVATING}, or{@link #ENCRYPTION_STATUS_ACTIVE}. 132022dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler */ 132122dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler public int getStorageEncryptionStatus() { 1322599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani return getStorageEncryptionStatus(UserHandle.myUserId()); 1323599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani } 1324599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani 1325599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani /** @hide per-user version */ 1326599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani public int getStorageEncryptionStatus(int userHandle) { 132722dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler if (mService != null) { 132822dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler try { 1329599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani return mService.getStorageEncryptionStatus(userHandle); 133022dbfda976aab9ae897eed0625e2e64ead32bbc4Andy Stadler } catch (RemoteException e) { 13317b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler Log.w(TAG, "Failed talking with device policy service", e); 13327b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler } 13337b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler } 13347b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler return ENCRYPTION_STATUS_UNSUPPORTED; 13357b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler } 13367b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler 13377b0f8f08ac7b3ed5cf462b92283713b033d6a64aAndy Stadler /** 1338da51e68e582ffa017543982297c831680d201a91Maggie Benthall * Installs the given certificate as a User CA. 1339da51e68e582ffa017543982297c831680d201a91Maggie Benthall * 1340da51e68e582ffa017543982297c831680d201a91Maggie Benthall * @return false if the certBuffer cannot be parsed or installation is 1341da51e68e582ffa017543982297c831680d201a91Maggie Benthall * interrupted, otherwise true 1342da51e68e582ffa017543982297c831680d201a91Maggie Benthall * @hide 1343da51e68e582ffa017543982297c831680d201a91Maggie Benthall */ 1344da51e68e582ffa017543982297c831680d201a91Maggie Benthall public boolean installCaCert(byte[] certBuffer) { 1345da51e68e582ffa017543982297c831680d201a91Maggie Benthall if (mService != null) { 1346da51e68e582ffa017543982297c831680d201a91Maggie Benthall try { 1347da51e68e582ffa017543982297c831680d201a91Maggie Benthall return mService.installCaCert(certBuffer); 1348da51e68e582ffa017543982297c831680d201a91Maggie Benthall } catch (RemoteException e) { 1349da51e68e582ffa017543982297c831680d201a91Maggie Benthall Log.w(TAG, "Failed talking with device policy service", e); 1350da51e68e582ffa017543982297c831680d201a91Maggie Benthall } 1351da51e68e582ffa017543982297c831680d201a91Maggie Benthall } 1352da51e68e582ffa017543982297c831680d201a91Maggie Benthall return false; 1353da51e68e582ffa017543982297c831680d201a91Maggie Benthall } 1354da51e68e582ffa017543982297c831680d201a91Maggie Benthall 1355da51e68e582ffa017543982297c831680d201a91Maggie Benthall /** 1356da51e68e582ffa017543982297c831680d201a91Maggie Benthall * Uninstalls the given certificate from the list of User CAs, if present. 1357da51e68e582ffa017543982297c831680d201a91Maggie Benthall * 1358da51e68e582ffa017543982297c831680d201a91Maggie Benthall * @hide 1359da51e68e582ffa017543982297c831680d201a91Maggie Benthall */ 1360da51e68e582ffa017543982297c831680d201a91Maggie Benthall public void uninstallCaCert(byte[] certBuffer) { 1361da51e68e582ffa017543982297c831680d201a91Maggie Benthall if (mService != null) { 1362da51e68e582ffa017543982297c831680d201a91Maggie Benthall try { 1363da51e68e582ffa017543982297c831680d201a91Maggie Benthall mService.uninstallCaCert(certBuffer); 1364da51e68e582ffa017543982297c831680d201a91Maggie Benthall } catch (RemoteException e) { 1365da51e68e582ffa017543982297c831680d201a91Maggie Benthall Log.w(TAG, "Failed talking with device policy service", e); 1366da51e68e582ffa017543982297c831680d201a91Maggie Benthall } 1367da51e68e582ffa017543982297c831680d201a91Maggie Benthall } 1368da51e68e582ffa017543982297c831680d201a91Maggie Benthall } 1369da51e68e582ffa017543982297c831680d201a91Maggie Benthall 1370da51e68e582ffa017543982297c831680d201a91Maggie Benthall /** 1371da51e68e582ffa017543982297c831680d201a91Maggie Benthall * Returns whether there are any user-installed CA certificates. 1372da51e68e582ffa017543982297c831680d201a91Maggie Benthall * 1373da51e68e582ffa017543982297c831680d201a91Maggie Benthall * @hide 1374da51e68e582ffa017543982297c831680d201a91Maggie Benthall */ 13750469f41010d8001dba5e09606bb631b1d3313021Maggie Benthall public static boolean hasAnyCaCertsInstalled() { 1376da51e68e582ffa017543982297c831680d201a91Maggie Benthall TrustedCertificateStore certStore = new TrustedCertificateStore(); 1377da51e68e582ffa017543982297c831680d201a91Maggie Benthall Set<String> aliases = certStore.userAliases(); 1378da51e68e582ffa017543982297c831680d201a91Maggie Benthall return aliases != null && !aliases.isEmpty(); 1379da51e68e582ffa017543982297c831680d201a91Maggie Benthall } 1380da51e68e582ffa017543982297c831680d201a91Maggie Benthall 1381da51e68e582ffa017543982297c831680d201a91Maggie Benthall /** 1382da51e68e582ffa017543982297c831680d201a91Maggie Benthall * Returns whether this certificate has been installed as a User CA. 1383da51e68e582ffa017543982297c831680d201a91Maggie Benthall * 1384da51e68e582ffa017543982297c831680d201a91Maggie Benthall * @hide 1385da51e68e582ffa017543982297c831680d201a91Maggie Benthall */ 1386da51e68e582ffa017543982297c831680d201a91Maggie Benthall public boolean hasCaCertInstalled(byte[] certBuffer) { 1387da51e68e582ffa017543982297c831680d201a91Maggie Benthall TrustedCertificateStore certStore = new TrustedCertificateStore(); 1388da51e68e582ffa017543982297c831680d201a91Maggie Benthall String alias; 1389da51e68e582ffa017543982297c831680d201a91Maggie Benthall byte[] pemCert; 1390da51e68e582ffa017543982297c831680d201a91Maggie Benthall try { 1391da51e68e582ffa017543982297c831680d201a91Maggie Benthall CertificateFactory certFactory = CertificateFactory.getInstance("X.509"); 1392da51e68e582ffa017543982297c831680d201a91Maggie Benthall X509Certificate cert = (X509Certificate) certFactory.generateCertificate( 1393da51e68e582ffa017543982297c831680d201a91Maggie Benthall new ByteArrayInputStream(certBuffer)); 1394da51e68e582ffa017543982297c831680d201a91Maggie Benthall return certStore.getCertificateAlias(cert) != null; 1395da51e68e582ffa017543982297c831680d201a91Maggie Benthall } catch (CertificateException ce) { 1396da51e68e582ffa017543982297c831680d201a91Maggie Benthall Log.w(TAG, "Could not parse certificate", ce); 1397da51e68e582ffa017543982297c831680d201a91Maggie Benthall } 1398da51e68e582ffa017543982297c831680d201a91Maggie Benthall return false; 1399da51e68e582ffa017543982297c831680d201a91Maggie Benthall } 1400da51e68e582ffa017543982297c831680d201a91Maggie Benthall 1401da51e68e582ffa017543982297c831680d201a91Maggie Benthall /** 14022447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo * Called by an application that is administering the device to disable all cameras 14032447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo * on the device. After setting this, no applications will be able to access any cameras 14042447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo * on the device. 14052447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo * 14062447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo * <p>The calling device admin must have requested 14072447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo * {@link DeviceAdminInfo#USES_POLICY_DISABLE_CAMERA} to be able to call 14082447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo * this method; if it has not, a security exception will be thrown. 14092447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo * 14102447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 14112447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo * @param disabled Whether or not the camera should be disabled. 14122447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo */ 14132447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo public void setCameraDisabled(ComponentName admin, boolean disabled) { 14142447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo if (mService != null) { 14152447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo try { 1416599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani mService.setCameraDisabled(admin, disabled, UserHandle.myUserId()); 14172447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo } catch (RemoteException e) { 14182447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo Log.w(TAG, "Failed talking with device policy service", e); 14192447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo } 14202447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo } 14212447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo } 14222447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo 14232447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo /** 14242447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo * Determine whether or not the device's cameras have been disabled either by the current 14252447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo * admin, if specified, or all admins. 14262447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo * @param admin The name of the admin component to check, or null to check if any admins 14272447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo * have disabled the camera 14282447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo */ 14292447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo public boolean getCameraDisabled(ComponentName admin) { 1430599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani return getCameraDisabled(admin, UserHandle.myUserId()); 1431599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani } 1432599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani 1433599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani /** @hide per-user version */ 1434599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani public boolean getCameraDisabled(ComponentName admin, int userHandle) { 14352447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo if (mService != null) { 14362447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo try { 1437599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani return mService.getCameraDisabled(admin, userHandle); 14382447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo } catch (RemoteException e) { 14392447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo Log.w(TAG, "Failed talking with device policy service", e); 14402447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo } 14412447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo } 14422447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo return false; 14432447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo } 14442447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo 14452447edd85baac3225a12b868ef40f76cfdc6ec11Ben Komalo /** 144648b9b0d068844af9eb37c215484831c4d6b831b0Jim Miller * Called by an application that is administering the device to disable keyguard customizations, 144748b9b0d068844af9eb37c215484831c4d6b831b0Jim Miller * such as widgets. After setting this, keyguard features will be disabled according to the 144848b9b0d068844af9eb37c215484831c4d6b831b0Jim Miller * provided feature list. 1449b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller * 1450b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller * <p>The calling device admin must have requested 145148b9b0d068844af9eb37c215484831c4d6b831b0Jim Miller * {@link DeviceAdminInfo#USES_POLICY_DISABLE_KEYGUARD_FEATURES} to be able to call 1452b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller * this method; if it has not, a security exception will be thrown. 1453b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller * 1454b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller * @param admin Which {@link DeviceAdminReceiver} this request is associated with. 14553520774a91aee6fd59200aef4238efbdb580202aJim Miller * @param which {@link #KEYGUARD_DISABLE_FEATURES_NONE} (default), 14563520774a91aee6fd59200aef4238efbdb580202aJim Miller * {@link #KEYGUARD_DISABLE_WIDGETS_ALL}, {@link #KEYGUARD_DISABLE_SECURE_CAMERA}, 14573520774a91aee6fd59200aef4238efbdb580202aJim Miller * {@link #KEYGUARD_DISABLE_FEATURES_ALL} 1458b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller */ 145948b9b0d068844af9eb37c215484831c4d6b831b0Jim Miller public void setKeyguardDisabledFeatures(ComponentName admin, int which) { 1460b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller if (mService != null) { 1461b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller try { 146248b9b0d068844af9eb37c215484831c4d6b831b0Jim Miller mService.setKeyguardDisabledFeatures(admin, which, UserHandle.myUserId()); 1463b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller } catch (RemoteException e) { 1464b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller Log.w(TAG, "Failed talking with device policy service", e); 1465b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller } 1466b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller } 1467b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller } 1468b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller 1469b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller /** 147048b9b0d068844af9eb37c215484831c4d6b831b0Jim Miller * Determine whether or not features have been disabled in keyguard either by the current 1471b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller * admin, if specified, or all admins. 1472b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller * @param admin The name of the admin component to check, or null to check if any admins 147348b9b0d068844af9eb37c215484831c4d6b831b0Jim Miller * have disabled features in keyguard. 14743520774a91aee6fd59200aef4238efbdb580202aJim Miller * @return bitfield of flags. See {@link #setKeyguardDisabledFeatures(ComponentName, int)} 14753520774a91aee6fd59200aef4238efbdb580202aJim Miller * for a list. 1476b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller */ 147748b9b0d068844af9eb37c215484831c4d6b831b0Jim Miller public int getKeyguardDisabledFeatures(ComponentName admin) { 147848b9b0d068844af9eb37c215484831c4d6b831b0Jim Miller return getKeyguardDisabledFeatures(admin, UserHandle.myUserId()); 1479599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani } 1480599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani 1481599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani /** @hide per-user version */ 148248b9b0d068844af9eb37c215484831c4d6b831b0Jim Miller public int getKeyguardDisabledFeatures(ComponentName admin, int userHandle) { 1483b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller if (mService != null) { 1484b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller try { 148548b9b0d068844af9eb37c215484831c4d6b831b0Jim Miller return mService.getKeyguardDisabledFeatures(admin, userHandle); 1486b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller } catch (RemoteException e) { 1487b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller Log.w(TAG, "Failed talking with device policy service", e); 1488b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller } 1489b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller } 149048b9b0d068844af9eb37c215484831c4d6b831b0Jim Miller return KEYGUARD_DISABLE_FEATURES_NONE; 1491b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller } 1492b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller 1493b8ec470617590fa2025db869e8e80dcce8eaec23Jim Miller /** 1494d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * @hide 1495d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 1496c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler public void setActiveAdmin(ComponentName policyReceiver, boolean refreshing) { 1497d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 1498d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 1499599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani mService.setActiveAdmin(policyReceiver, refreshing, UserHandle.myUserId()); 1500d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 1501d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 1502d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 1503d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 1504d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 15053255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 1506d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 1507c25f70a440ef9468085b8d98c8416c7e8b116753Andy Stadler * Returns the DeviceAdminInfo as defined by the administrator's package info & meta-data 1508d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * @hide 1509d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 1510d47c6ed4a9f2b5bd31f6c806b74701428efe458bDianne Hackborn public DeviceAdminInfo getAdminInfo(ComponentName cn) { 1511d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn ActivityInfo ai; 1512d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 1513d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn ai = mContext.getPackageManager().getReceiverInfo(cn, 1514d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn PackageManager.GET_META_DATA); 1515d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (PackageManager.NameNotFoundException e) { 1516d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Unable to retrieve device policy " + cn, e); 1517d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn return null; 1518d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 15193255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 1520d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn ResolveInfo ri = new ResolveInfo(); 1521d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn ri.activityInfo = ai; 15223255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 1523d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 1524d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn return new DeviceAdminInfo(mContext, ri); 1525d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (XmlPullParserException e) { 1526d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Unable to parse device policy " + cn, e); 1527d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn return null; 1528d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (IOException e) { 1529d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Unable to parse device policy " + cn, e); 1530d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn return null; 1531d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 1532d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 15333255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 1534d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 1535d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * @hide 15368ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn */ 15378ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn public void getRemoveWarning(ComponentName admin, RemoteCallback result) { 15388ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn if (mService != null) { 15398ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn try { 1540599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani mService.getRemoveWarning(admin, result, UserHandle.myUserId()); 15418ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn } catch (RemoteException e) { 15428ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 15438ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn } 15448ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn } 15458ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn } 15468ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn 15478ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn /** 15488ea138cbf12b140d43fd81f4f12fe1a9234f1f25Dianne Hackborn * @hide 1549d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 1550a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev public void setActivePasswordState(int quality, int length, int letters, int uppercase, 1551599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani int lowercase, int numbers, int symbols, int nonletter, int userHandle) { 1552d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 1553d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 1554a15dcfaf2bc7cbd13b30db6766afe3bbaa01db97Konstantin Lopyrev mService.setActivePasswordState(quality, length, letters, uppercase, lowercase, 1555599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani numbers, symbols, nonletter, userHandle); 1556d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 1557d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 1558d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 1559d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 1560d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 15613255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 1562d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 1563d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * @hide 1564d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 1565599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani public void reportFailedPasswordAttempt(int userHandle) { 1566d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 1567d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 1568599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani mService.reportFailedPasswordAttempt(userHandle); 1569d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 1570d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 1571d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 1572d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 1573d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 15743255823de062e981f7bfc7994919207988697e45Konstantin Lopyrev 1575d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn /** 1576d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn * @hide 1577d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn */ 1578599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani public void reportSuccessfulPasswordAttempt(int userHandle) { 1579d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn if (mService != null) { 1580d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn try { 1581599dd7ce9adf8ca067cefb0b191a5ac20ec35a79Amith Yamasani mService.reportSuccessfulPasswordAttempt(userHandle); 1582d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } catch (RemoteException e) { 1583d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn Log.w(TAG, "Failed talking with device policy service", e); 1584d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 1585d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 1586d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn } 158771e6c697e54a43d357cc25d87a446d140f17396aAmith Yamasani 158871e6c697e54a43d357cc25d87a446d140f17396aAmith Yamasani /** 158971e6c697e54a43d357cc25d87a446d140f17396aAmith Yamasani * @hide 159071e6c697e54a43d357cc25d87a446d140f17396aAmith Yamasani * Sets the given package as the device owner. The package must already be installed and there 159171e6c697e54a43d357cc25d87a446d140f17396aAmith Yamasani * shouldn't be an existing device owner registered, for this call to succeed. Also, this 159271e6c697e54a43d357cc25d87a446d140f17396aAmith Yamasani * method must be called before the device is provisioned. 159371e6c697e54a43d357cc25d87a446d140f17396aAmith Yamasani * @param packageName the package name of the application to be registered as the device owner. 159471e6c697e54a43d357cc25d87a446d140f17396aAmith Yamasani * @return whether the package was successfully registered as the device owner. 159571e6c697e54a43d357cc25d87a446d140f17396aAmith Yamasani * @throws IllegalArgumentException if the package name is null or invalid 159671e6c697e54a43d357cc25d87a446d140f17396aAmith Yamasani * @throws IllegalStateException if a device owner is already registered or the device has 159771e6c697e54a43d357cc25d87a446d140f17396aAmith Yamasani * already been provisioned. 159871e6c697e54a43d357cc25d87a446d140f17396aAmith Yamasani */ 159971e6c697e54a43d357cc25d87a446d140f17396aAmith Yamasani public boolean setDeviceOwner(String packageName) throws IllegalArgumentException, 160071e6c697e54a43d357cc25d87a446d140f17396aAmith Yamasani IllegalStateException { 1601334c7e32d494baf3bf0ae371d6b5949c80368982Geoffrey Borggaard return setDeviceOwner(packageName, null); 1602334c7e32d494baf3bf0ae371d6b5949c80368982Geoffrey Borggaard } 1603334c7e32d494baf3bf0ae371d6b5949c80368982Geoffrey Borggaard 1604334c7e32d494baf3bf0ae371d6b5949c80368982Geoffrey Borggaard /** 1605334c7e32d494baf3bf0ae371d6b5949c80368982Geoffrey Borggaard * @hide 1606334c7e32d494baf3bf0ae371d6b5949c80368982Geoffrey Borggaard * Sets the given package as the device owner. The package must already be installed and there 1607334c7e32d494baf3bf0ae371d6b5949c80368982Geoffrey Borggaard * shouldn't be an existing device owner registered, for this call to succeed. Also, this 1608334c7e32d494baf3bf0ae371d6b5949c80368982Geoffrey Borggaard * method must be called before the device is provisioned. 1609334c7e32d494baf3bf0ae371d6b5949c80368982Geoffrey Borggaard * @param packageName the package name of the application to be registered as the device owner. 1610334c7e32d494baf3bf0ae371d6b5949c80368982Geoffrey Borggaard * @param ownerName the human readable name of the institution that owns this device. 1611334c7e32d494baf3bf0ae371d6b5949c80368982Geoffrey Borggaard * @return whether the package was successfully registered as the device owner. 1612334c7e32d494baf3bf0ae371d6b5949c80368982Geoffrey Borggaard * @throws IllegalArgumentException if the package name is null or invalid 1613334c7e32d494baf3bf0ae371d6b5949c80368982Geoffrey Borggaard * @throws IllegalStateException if a device owner is already registered or the device has 1614334c7e32d494baf3bf0ae371d6b5949c80368982Geoffrey Borggaard * already been provisioned. 1615334c7e32d494baf3bf0ae371d6b5949c80368982Geoffrey Borggaard */ 1616334c7e32d494baf3bf0ae371d6b5949c80368982Geoffrey Borggaard public boolean setDeviceOwner(String packageName, String ownerName) 1617334c7e32d494baf3bf0ae371d6b5949c80368982Geoffrey Borggaard throws IllegalArgumentException, IllegalStateException { 161871e6c697e54a43d357cc25d87a446d140f17396aAmith Yamasani if (mService != null) { 161971e6c697e54a43d357cc25d87a446d140f17396aAmith Yamasani try { 1620334c7e32d494baf3bf0ae371d6b5949c80368982Geoffrey Borggaard return mService.setDeviceOwner(packageName, ownerName); 162171e6c697e54a43d357cc25d87a446d140f17396aAmith Yamasani } catch (RemoteException re) { 162271e6c697e54a43d357cc25d87a446d140f17396aAmith Yamasani Log.w(TAG, "Failed to set device owner"); 162371e6c697e54a43d357cc25d87a446d140f17396aAmith Yamasani } 162471e6c697e54a43d357cc25d87a446d140f17396aAmith Yamasani } 162571e6c697e54a43d357cc25d87a446d140f17396aAmith Yamasani return false; 162671e6c697e54a43d357cc25d87a446d140f17396aAmith Yamasani } 162771e6c697e54a43d357cc25d87a446d140f17396aAmith Yamasani 16283b458ad9ee5f2d6b7cf28a13bc29123cdf540763Amith Yamasani 162971e6c697e54a43d357cc25d87a446d140f17396aAmith Yamasani /** 16303b458ad9ee5f2d6b7cf28a13bc29123cdf540763Amith Yamasani * Used to determine if a particular package has been registered as a Device Owner app. 16313b458ad9ee5f2d6b7cf28a13bc29123cdf540763Amith Yamasani * A device owner app is a special device admin that cannot be deactivated by the user, once 16323b458ad9ee5f2d6b7cf28a13bc29123cdf540763Amith Yamasani * activated as a device admin. It also cannot be uninstalled. To check if a particular 16333b458ad9ee5f2d6b7cf28a13bc29123cdf540763Amith Yamasani * package is currently registered as the device owner app, pass in the package name from 16343b458ad9ee5f2d6b7cf28a13bc29123cdf540763Amith Yamasani * {@link Context#getPackageName()} to this method.<p/>This is useful for device 16353b458ad9ee5f2d6b7cf28a13bc29123cdf540763Amith Yamasani * admin apps that want to check if they are also registered as the device owner app. The 16363b458ad9ee5f2d6b7cf28a13bc29123cdf540763Amith Yamasani * exact mechanism by which a device admin app is registered as a device owner app is defined by 16373b458ad9ee5f2d6b7cf28a13bc29123cdf540763Amith Yamasani * the setup process. 16383b458ad9ee5f2d6b7cf28a13bc29123cdf540763Amith Yamasani * @param packageName the package name of the app, to compare with the registered device owner 16393b458ad9ee5f2d6b7cf28a13bc29123cdf540763Amith Yamasani * app, if any. 16403b458ad9ee5f2d6b7cf28a13bc29123cdf540763Amith Yamasani * @return whether or not the package is registered as the device owner app. 164171e6c697e54a43d357cc25d87a446d140f17396aAmith Yamasani */ 16423b458ad9ee5f2d6b7cf28a13bc29123cdf540763Amith Yamasani public boolean isDeviceOwnerApp(String packageName) { 164371e6c697e54a43d357cc25d87a446d140f17396aAmith Yamasani if (mService != null) { 164471e6c697e54a43d357cc25d87a446d140f17396aAmith Yamasani try { 164571e6c697e54a43d357cc25d87a446d140f17396aAmith Yamasani return mService.isDeviceOwner(packageName); 164671e6c697e54a43d357cc25d87a446d140f17396aAmith Yamasani } catch (RemoteException re) { 164771e6c697e54a43d357cc25d87a446d140f17396aAmith Yamasani Log.w(TAG, "Failed to check device owner"); 164871e6c697e54a43d357cc25d87a446d140f17396aAmith Yamasani } 164971e6c697e54a43d357cc25d87a446d140f17396aAmith Yamasani } 165071e6c697e54a43d357cc25d87a446d140f17396aAmith Yamasani return false; 165171e6c697e54a43d357cc25d87a446d140f17396aAmith Yamasani } 165271e6c697e54a43d357cc25d87a446d140f17396aAmith Yamasani 16533b458ad9ee5f2d6b7cf28a13bc29123cdf540763Amith Yamasani /** 16543b458ad9ee5f2d6b7cf28a13bc29123cdf540763Amith Yamasani * @hide 16553b458ad9ee5f2d6b7cf28a13bc29123cdf540763Amith Yamasani * Redirect to isDeviceOwnerApp. 16563b458ad9ee5f2d6b7cf28a13bc29123cdf540763Amith Yamasani */ 16573b458ad9ee5f2d6b7cf28a13bc29123cdf540763Amith Yamasani public boolean isDeviceOwner(String packageName) { 16583b458ad9ee5f2d6b7cf28a13bc29123cdf540763Amith Yamasani return isDeviceOwnerApp(packageName); 16593b458ad9ee5f2d6b7cf28a13bc29123cdf540763Amith Yamasani } 16603b458ad9ee5f2d6b7cf28a13bc29123cdf540763Amith Yamasani 166171e6c697e54a43d357cc25d87a446d140f17396aAmith Yamasani /** @hide */ 166271e6c697e54a43d357cc25d87a446d140f17396aAmith Yamasani public String getDeviceOwner() { 166371e6c697e54a43d357cc25d87a446d140f17396aAmith Yamasani if (mService != null) { 166471e6c697e54a43d357cc25d87a446d140f17396aAmith Yamasani try { 166571e6c697e54a43d357cc25d87a446d140f17396aAmith Yamasani return mService.getDeviceOwner(); 166671e6c697e54a43d357cc25d87a446d140f17396aAmith Yamasani } catch (RemoteException re) { 166771e6c697e54a43d357cc25d87a446d140f17396aAmith Yamasani Log.w(TAG, "Failed to get device owner"); 166871e6c697e54a43d357cc25d87a446d140f17396aAmith Yamasani } 166971e6c697e54a43d357cc25d87a446d140f17396aAmith Yamasani } 167071e6c697e54a43d357cc25d87a446d140f17396aAmith Yamasani return null; 167171e6c697e54a43d357cc25d87a446d140f17396aAmith Yamasani } 1672334c7e32d494baf3bf0ae371d6b5949c80368982Geoffrey Borggaard 1673334c7e32d494baf3bf0ae371d6b5949c80368982Geoffrey Borggaard /** @hide */ 1674334c7e32d494baf3bf0ae371d6b5949c80368982Geoffrey Borggaard public String getDeviceOwnerName() { 1675334c7e32d494baf3bf0ae371d6b5949c80368982Geoffrey Borggaard if (mService != null) { 1676334c7e32d494baf3bf0ae371d6b5949c80368982Geoffrey Borggaard try { 1677334c7e32d494baf3bf0ae371d6b5949c80368982Geoffrey Borggaard return mService.getDeviceOwnerName(); 1678334c7e32d494baf3bf0ae371d6b5949c80368982Geoffrey Borggaard } catch (RemoteException re) { 1679334c7e32d494baf3bf0ae371d6b5949c80368982Geoffrey Borggaard Log.w(TAG, "Failed to get device owner"); 1680334c7e32d494baf3bf0ae371d6b5949c80368982Geoffrey Borggaard } 1681334c7e32d494baf3bf0ae371d6b5949c80368982Geoffrey Borggaard } 1682334c7e32d494baf3bf0ae371d6b5949c80368982Geoffrey Borggaard return null; 1683334c7e32d494baf3bf0ae371d6b5949c80368982Geoffrey Borggaard } 1684d68478467e3f837511196c80891d7245d0e163dfDianne Hackborn} 1685