TrustManager.java revision 00a9b890853e9660dde5854fe786b80f6c3e616c 
1/*
2 * Copyright (C) 2014 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 *      http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License
15 */
16
17package android.app.trust;
18
19import android.Manifest;
20import android.annotation.IntDef;
21import android.annotation.RequiresPermission;
22import android.os.Handler;
23import android.os.IBinder;
24import android.os.Looper;
25import android.os.Message;
26import android.os.RemoteException;
27import android.os.UserHandle;
28import android.util.ArrayMap;
29import android.util.Log;
30import android.util.SparseIntArray;
31
32import java.lang.annotation.Retention;
33import java.lang.annotation.RetentionPolicy;
34
35/**
36 * See {@link com.android.server.trust.TrustManagerService}
37 * @hide
38 */
39public class TrustManager {
40
41    private static final int MSG_TRUST_CHANGED = 1;
42    private static final int MSG_TRUST_MANAGED_CHANGED = 2;
43
44    private static final String TAG = "TrustManager";
45    private static final String DATA_FLAGS = "initiatedByUser";
46
47    private final ITrustManager mService;
48    private final ArrayMap<TrustListener, ITrustListener> mTrustListeners;
49
50    public TrustManager(IBinder b) {
51        mService = ITrustManager.Stub.asInterface(b);
52        mTrustListeners = new ArrayMap<TrustListener, ITrustListener>();
53    }
54
55    /**
56     * Changes the lock status for the given user. This is only applicable to Managed Profiles,
57     * other users should be handled by Keyguard.
58     *
59     * Requires the {@link android.Manifest.permission#ACCESS_KEYGUARD_SECURE_STORAGE} permission.
60     *
61     * @param userId The id for the user to be locked/unlocked.
62     * @param locked The value for that user's locked state.
63     */
64    @RequiresPermission(Manifest.permission.ACCESS_KEYGUARD_SECURE_STORAGE)
65    public void setDeviceLockedForUser(int userId, boolean locked) {
66        try {
67            mService.setDeviceLockedForUser(userId, locked);
68        } catch (RemoteException e) {
69            onError(e);
70        }
71    }
72
73    /**
74     * Reports that user {@param userId} has tried to unlock the device.
75     *
76     * @param successful if true, the unlock attempt was successful.
77     *
78     * Requires the {@link android.Manifest.permission#ACCESS_KEYGUARD_SECURE_STORAGE} permission.
79     */
80    public void reportUnlockAttempt(boolean successful, int userId) {
81        try {
82            mService.reportUnlockAttempt(successful, userId);
83        } catch (RemoteException e) {
84            onError(e);
85        }
86    }
87
88    /**
89     * Reports that the list of enabled trust agents changed for user {@param userId}.
90     *
91     * Requires the {@link android.Manifest.permission#ACCESS_KEYGUARD_SECURE_STORAGE} permission.
92     */
93    public void reportEnabledTrustAgentsChanged(int userId) {
94        try {
95            mService.reportEnabledTrustAgentsChanged(userId);
96        } catch (RemoteException e) {
97            onError(e);
98        }
99    }
100
101    /**
102     * Reports that the visibility of the keyguard has changed.
103     *
104     * Requires the {@link android.Manifest.permission#ACCESS_KEYGUARD_SECURE_STORAGE} permission.
105     */
106    public void reportKeyguardShowingChanged() {
107        try {
108            mService.reportKeyguardShowingChanged();
109        } catch (RemoteException e) {
110            onError(e);
111        }
112    }
113
114    /**
115     * Registers a listener for trust events.
116     *
117     * Requires the {@link android.Manifest.permission#TRUST_LISTENER} permission.
118     */
119    public void registerTrustListener(final TrustListener trustListener) {
120        try {
121            ITrustListener.Stub iTrustListener = new ITrustListener.Stub() {
122                @Override
123                public void onTrustChanged(boolean enabled, int userId, int flags) {
124                    Message m = mHandler.obtainMessage(MSG_TRUST_CHANGED, (enabled ? 1 : 0), userId,
125                            trustListener);
126                    if (flags != 0) {
127                        m.getData().putInt(DATA_FLAGS, flags);
128                    }
129                    m.sendToTarget();
130                }
131
132                @Override
133                public void onTrustManagedChanged(boolean managed, int userId) {
134                    mHandler.obtainMessage(MSG_TRUST_MANAGED_CHANGED, (managed ? 1 : 0), userId,
135                            trustListener).sendToTarget();
136                }
137            };
138            mService.registerTrustListener(iTrustListener);
139            mTrustListeners.put(trustListener, iTrustListener);
140        } catch (RemoteException e) {
141            onError(e);
142        }
143    }
144
145    /**
146     * Unregisters a listener for trust events.
147     *
148     * Requires the {@link android.Manifest.permission#TRUST_LISTENER} permission.
149     */
150    public void unregisterTrustListener(final TrustListener trustListener) {
151        ITrustListener iTrustListener = mTrustListeners.remove(trustListener);
152        if (iTrustListener != null) {
153            try {
154                mService.unregisterTrustListener(iTrustListener);
155            } catch (RemoteException e) {
156                onError(e);
157            }
158        }
159    }
160
161    private void onError(Exception e) {
162        Log.e(TAG, "Error while calling TrustManagerService", e);
163    }
164
165    private final Handler mHandler = new Handler(Looper.getMainLooper()) {
166        @Override
167        public void handleMessage(Message msg) {
168            switch(msg.what) {
169                case MSG_TRUST_CHANGED:
170                    int flags = msg.peekData() != null ? msg.peekData().getInt(DATA_FLAGS) : 0;
171                    ((TrustListener)msg.obj).onTrustChanged(msg.arg1 != 0, msg.arg2, flags);
172                    break;
173                case MSG_TRUST_MANAGED_CHANGED:
174                    ((TrustListener)msg.obj).onTrustManagedChanged(msg.arg1 != 0, msg.arg2);
175            }
176        }
177    };
178
179    public interface TrustListener {
180
181        /**
182         * Reports that the trust state has changed.
183         * @param enabled if true, the system believes the environment to be trusted.
184         * @param userId the user, for which the trust changed.
185         * @param flags flags specified by the trust agent when granting trust. See
186         *     {@link android.service.trust.TrustAgentService#grantTrust(CharSequence, long, int)
187         *                 TrustAgentService.grantTrust(CharSequence, long, int)}.
188         */
189        void onTrustChanged(boolean enabled, int userId, int flags);
190
191        /**
192         * Reports that whether trust is managed has changed
193         * @param enabled if true, at least one trust agent is managing trust.
194         * @param userId the user, for which the state changed.
195         */
196        void onTrustManagedChanged(boolean enabled, int userId);
197    }
198}
199