TrustManager.java revision 481a6df99fea124bc4354da34ff668750cdc9041 
1/*
2 * Copyright (C) 2014 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 *      http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License
15 */
16
17package android.app.trust;
18
19import android.os.Handler;
20import android.os.IBinder;
21import android.os.Looper;
22import android.os.Message;
23import android.os.RemoteException;
24import android.util.ArrayMap;
25import android.util.Log;
26
27/**
28 * See {@link com.android.server.trust.TrustManagerService}
29 * @hide
30 */
31public class TrustManager {
32
33    private static final int MSG_TRUST_CHANGED = 1;
34    private static final int MSG_TRUST_MANAGED_CHANGED = 2;
35
36    private static final String TAG = "TrustManager";
37    private static final String DATA_INITIATED_BY_USER = "initiatedByUser";
38
39    private final ITrustManager mService;
40    private final ArrayMap<TrustListener, ITrustListener> mTrustListeners;
41
42    public TrustManager(IBinder b) {
43        mService = ITrustManager.Stub.asInterface(b);
44        mTrustListeners = new ArrayMap<TrustListener, ITrustListener>();
45    }
46
47    /**
48     * Reports that user {@param userId} has tried to unlock the device.
49     *
50     * @param successful if true, the unlock attempt was successful.
51     *
52     * Requires the {@link android.Manifest.permission#ACCESS_KEYGUARD_SECURE_STORAGE} permission.
53     */
54    public void reportUnlockAttempt(boolean successful, int userId) {
55        try {
56            mService.reportUnlockAttempt(successful, userId);
57        } catch (RemoteException e) {
58            onError(e);
59        }
60    }
61
62    /**
63     * Reports that the list of enabled trust agents changed for user {@param userId}.
64     *
65     * Requires the {@link android.Manifest.permission#ACCESS_KEYGUARD_SECURE_STORAGE} permission.
66     */
67    public void reportEnabledTrustAgentsChanged(int userId) {
68        try {
69            mService.reportEnabledTrustAgentsChanged(userId);
70        } catch (RemoteException e) {
71            onError(e);
72        }
73    }
74
75    /**
76     * Reports that trust is disabled until credentials have been entered for user {@param userId}.
77     *
78     * Requires the {@link android.Manifest.permission#ACCESS_KEYGUARD_SECURE_STORAGE} permission.
79     *
80     * @param userId either an explicit user id or {@link android.os.UserHandle#USER_ALL}
81     */
82    public void reportRequireCredentialEntry(int userId) {
83        try {
84            mService.reportRequireCredentialEntry(userId);
85        } catch (RemoteException e) {
86            onError(e);
87        }
88    }
89
90    /**
91     * Reports that the visibility of the keyguard has changed.
92     *
93     * Requires the {@link android.Manifest.permission#ACCESS_KEYGUARD_SECURE_STORAGE} permission.
94     */
95    public void reportKeyguardShowingChanged() {
96        try {
97            mService.reportKeyguardShowingChanged();
98        } catch (RemoteException e) {
99            onError(e);
100        }
101    }
102
103    /**
104     * Registers a listener for trust events.
105     *
106     * Requires the {@link android.Manifest.permission#TRUST_LISTENER} permission.
107     */
108    public void registerTrustListener(final TrustListener trustListener) {
109        try {
110            ITrustListener.Stub iTrustListener = new ITrustListener.Stub() {
111                @Override
112                public void onTrustChanged(boolean enabled, int userId, boolean initiatedByUser) {
113                    Message m = mHandler.obtainMessage(MSG_TRUST_CHANGED, (enabled ? 1 : 0), userId,
114                            trustListener);
115                    if (initiatedByUser) {
116                        m.getData().putBoolean(DATA_INITIATED_BY_USER, initiatedByUser);
117                    }
118                    m.sendToTarget();
119                }
120
121                @Override
122                public void onTrustManagedChanged(boolean managed, int userId) {
123                    mHandler.obtainMessage(MSG_TRUST_MANAGED_CHANGED, (managed ? 1 : 0), userId,
124                            trustListener).sendToTarget();
125                }
126            };
127            mService.registerTrustListener(iTrustListener);
128            mTrustListeners.put(trustListener, iTrustListener);
129        } catch (RemoteException e) {
130            onError(e);
131        }
132    }
133
134    /**
135     * Unregisters a listener for trust events.
136     *
137     * Requires the {@link android.Manifest.permission#TRUST_LISTENER} permission.
138     */
139    public void unregisterTrustListener(final TrustListener trustListener) {
140        ITrustListener iTrustListener = mTrustListeners.remove(trustListener);
141        if (iTrustListener != null) {
142            try {
143                mService.unregisterTrustListener(iTrustListener);
144            } catch (RemoteException e) {
145                onError(e);
146            }
147        }
148    }
149
150    private void onError(Exception e) {
151        Log.e(TAG, "Error while calling TrustManagerService", e);
152    }
153
154    private final Handler mHandler = new Handler(Looper.getMainLooper()) {
155        @Override
156        public void handleMessage(Message msg) {
157            switch(msg.what) {
158                case MSG_TRUST_CHANGED:
159                    boolean initiatedByUser = msg.peekData() != null &&
160                            msg.peekData().getBoolean(DATA_INITIATED_BY_USER);
161                    ((TrustListener)msg.obj).onTrustChanged(
162                            msg.arg1 != 0, msg.arg2, initiatedByUser);
163
164                    break;
165                case MSG_TRUST_MANAGED_CHANGED:
166                    ((TrustListener)msg.obj).onTrustManagedChanged(msg.arg1 != 0, msg.arg2);
167            }
168        }
169    };
170
171    public interface TrustListener {
172
173        /**
174         * Reports that the trust state has changed.
175         * @param enabled if true, the system believes the environment to be trusted.
176         * @param userId the user, for which the trust changed.
177         * @param initiatedByUser indicates that the user has explicitly initiated an action that
178         *                        proves the user is about to use the device.
179         */
180        void onTrustChanged(boolean enabled, int userId, boolean initiatedByUser);
181
182        /**
183         * Reports that whether trust is managed has changed
184         * @param enabled if true, at least one trust agent is managing trust.
185         * @param userId the user, for which the state changed.
186         */
187        void onTrustManagedChanged(boolean enabled, int userId);
188    }
189}
190