1/* 2 * Copyright (C) 2017 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17package android.service.oemlock; 18 19import android.annotation.Nullable; 20import android.annotation.RequiresPermission; 21import android.annotation.SystemApi; 22import android.annotation.SystemService; 23import android.content.Context; 24import android.os.RemoteException; 25 26/** 27 * Interface for managing the OEM lock on the device. 28 * 29 * This will only be available if the device implements OEM lock protection. 30 * 31 * Multiple actors have an opinion on whether the device can be OEM unlocked and they must all be in 32 * agreement for unlock to be possible. 33 * 34 * @hide 35 */ 36@SystemApi 37@SystemService(Context.OEM_LOCK_SERVICE) 38public class OemLockManager { 39 private IOemLockService mService; 40 41 /** @hide */ 42 public OemLockManager(IOemLockService service) { 43 mService = service; 44 } 45 46 /** 47 * Sets whether the carrier has allowed this device to be OEM unlocked. 48 * 49 * Depending on the implementation, the validity of the request might need to be proved. This 50 * can be acheived by passing a signature that the system will use to verify the request is 51 * legitimate. 52 * 53 * All actors involved must agree for OEM unlock to be possible. 54 * 55 * @param allowed Whether the device should be allowed to be unlocked. 56 * @param signature Optional proof of request validity, {@code null} for none. 57 * @throws IllegalArgumentException if a signature is required but was not provided. 58 * @throws SecurityException if the wrong signature was provided. 59 * 60 * @see #isOemUnlockAllowedByCarrier() 61 */ 62 @RequiresPermission(android.Manifest.permission.MANAGE_CARRIER_OEM_UNLOCK_STATE) 63 public void setOemUnlockAllowedByCarrier(boolean allowed, @Nullable byte[] signature) { 64 try { 65 mService.setOemUnlockAllowedByCarrier(allowed, signature); 66 } catch (RemoteException e) { 67 throw e.rethrowFromSystemServer(); 68 } 69 } 70 71 /** 72 * Returns whether the carrier has allowed this device to be OEM unlocked. 73 * @return Whether OEM unlock is allowed by the carrier, or true if no OEM lock is present. 74 * 75 * @see #setOemUnlockAllowedByCarrier(boolean, byte[]) 76 */ 77 @RequiresPermission(android.Manifest.permission.MANAGE_CARRIER_OEM_UNLOCK_STATE) 78 public boolean isOemUnlockAllowedByCarrier() { 79 try { 80 return mService.isOemUnlockAllowedByCarrier(); 81 } catch (RemoteException e) { 82 throw e.rethrowFromSystemServer(); 83 } 84 } 85 86 /** 87 * Sets whether the user has allowed this device to be unlocked. 88 * 89 * All actors involved must agree for OEM unlock to be possible. 90 * 91 * @param unlocked Whether the device should be made OEM unlocked. 92 * 93 * @see #isOemUnlockAllowedByUser() 94 */ 95 @RequiresPermission(android.Manifest.permission.MANAGE_USER_OEM_UNLOCK_STATE) 96 public void setOemUnlockAllowedByUser(boolean allowed) { 97 try { 98 mService.setOemUnlockAllowedByUser(allowed); 99 } catch (RemoteException e) { 100 throw e.rethrowFromSystemServer(); 101 } 102 } 103 104 /** 105 * Returns whether, or not, the user has allowed this device to be OEM unlocked. 106 * @return Whether OEM unlock is allowed by the user, or true if no OEM lock is present. 107 * 108 * @see #setOemUnlockAllowedByUser(boolean) 109 */ 110 @RequiresPermission(android.Manifest.permission.MANAGE_USER_OEM_UNLOCK_STATE) 111 public boolean isOemUnlockAllowedByUser() { 112 try { 113 return mService.isOemUnlockAllowedByUser(); 114 } catch (RemoteException e) { 115 throw e.rethrowFromSystemServer(); 116 } 117 } 118} 119