TrustManager.java revision 00a9b890853e9660dde5854fe786b80f6c3e616c
1/* 2 * Copyright (C) 2014 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License 15 */ 16 17package android.app.trust; 18 19import android.Manifest; 20import android.annotation.IntDef; 21import android.annotation.RequiresPermission; 22import android.os.Handler; 23import android.os.IBinder; 24import android.os.Looper; 25import android.os.Message; 26import android.os.RemoteException; 27import android.os.UserHandle; 28import android.util.ArrayMap; 29import android.util.Log; 30import android.util.SparseIntArray; 31 32import java.lang.annotation.Retention; 33import java.lang.annotation.RetentionPolicy; 34 35/** 36 * See {@link com.android.server.trust.TrustManagerService} 37 * @hide 38 */ 39public class TrustManager { 40 41 private static final int MSG_TRUST_CHANGED = 1; 42 private static final int MSG_TRUST_MANAGED_CHANGED = 2; 43 44 private static final String TAG = "TrustManager"; 45 private static final String DATA_FLAGS = "initiatedByUser"; 46 47 private final ITrustManager mService; 48 private final ArrayMap<TrustListener, ITrustListener> mTrustListeners; 49 50 public TrustManager(IBinder b) { 51 mService = ITrustManager.Stub.asInterface(b); 52 mTrustListeners = new ArrayMap<TrustListener, ITrustListener>(); 53 } 54 55 /** 56 * Changes the lock status for the given user. This is only applicable to Managed Profiles, 57 * other users should be handled by Keyguard. 58 * 59 * Requires the {@link android.Manifest.permission#ACCESS_KEYGUARD_SECURE_STORAGE} permission. 60 * 61 * @param userId The id for the user to be locked/unlocked. 62 * @param locked The value for that user's locked state. 63 */ 64 @RequiresPermission(Manifest.permission.ACCESS_KEYGUARD_SECURE_STORAGE) 65 public void setDeviceLockedForUser(int userId, boolean locked) { 66 try { 67 mService.setDeviceLockedForUser(userId, locked); 68 } catch (RemoteException e) { 69 onError(e); 70 } 71 } 72 73 /** 74 * Reports that user {@param userId} has tried to unlock the device. 75 * 76 * @param successful if true, the unlock attempt was successful. 77 * 78 * Requires the {@link android.Manifest.permission#ACCESS_KEYGUARD_SECURE_STORAGE} permission. 79 */ 80 public void reportUnlockAttempt(boolean successful, int userId) { 81 try { 82 mService.reportUnlockAttempt(successful, userId); 83 } catch (RemoteException e) { 84 onError(e); 85 } 86 } 87 88 /** 89 * Reports that the list of enabled trust agents changed for user {@param userId}. 90 * 91 * Requires the {@link android.Manifest.permission#ACCESS_KEYGUARD_SECURE_STORAGE} permission. 92 */ 93 public void reportEnabledTrustAgentsChanged(int userId) { 94 try { 95 mService.reportEnabledTrustAgentsChanged(userId); 96 } catch (RemoteException e) { 97 onError(e); 98 } 99 } 100 101 /** 102 * Reports that the visibility of the keyguard has changed. 103 * 104 * Requires the {@link android.Manifest.permission#ACCESS_KEYGUARD_SECURE_STORAGE} permission. 105 */ 106 public void reportKeyguardShowingChanged() { 107 try { 108 mService.reportKeyguardShowingChanged(); 109 } catch (RemoteException e) { 110 onError(e); 111 } 112 } 113 114 /** 115 * Registers a listener for trust events. 116 * 117 * Requires the {@link android.Manifest.permission#TRUST_LISTENER} permission. 118 */ 119 public void registerTrustListener(final TrustListener trustListener) { 120 try { 121 ITrustListener.Stub iTrustListener = new ITrustListener.Stub() { 122 @Override 123 public void onTrustChanged(boolean enabled, int userId, int flags) { 124 Message m = mHandler.obtainMessage(MSG_TRUST_CHANGED, (enabled ? 1 : 0), userId, 125 trustListener); 126 if (flags != 0) { 127 m.getData().putInt(DATA_FLAGS, flags); 128 } 129 m.sendToTarget(); 130 } 131 132 @Override 133 public void onTrustManagedChanged(boolean managed, int userId) { 134 mHandler.obtainMessage(MSG_TRUST_MANAGED_CHANGED, (managed ? 1 : 0), userId, 135 trustListener).sendToTarget(); 136 } 137 }; 138 mService.registerTrustListener(iTrustListener); 139 mTrustListeners.put(trustListener, iTrustListener); 140 } catch (RemoteException e) { 141 onError(e); 142 } 143 } 144 145 /** 146 * Unregisters a listener for trust events. 147 * 148 * Requires the {@link android.Manifest.permission#TRUST_LISTENER} permission. 149 */ 150 public void unregisterTrustListener(final TrustListener trustListener) { 151 ITrustListener iTrustListener = mTrustListeners.remove(trustListener); 152 if (iTrustListener != null) { 153 try { 154 mService.unregisterTrustListener(iTrustListener); 155 } catch (RemoteException e) { 156 onError(e); 157 } 158 } 159 } 160 161 private void onError(Exception e) { 162 Log.e(TAG, "Error while calling TrustManagerService", e); 163 } 164 165 private final Handler mHandler = new Handler(Looper.getMainLooper()) { 166 @Override 167 public void handleMessage(Message msg) { 168 switch(msg.what) { 169 case MSG_TRUST_CHANGED: 170 int flags = msg.peekData() != null ? msg.peekData().getInt(DATA_FLAGS) : 0; 171 ((TrustListener)msg.obj).onTrustChanged(msg.arg1 != 0, msg.arg2, flags); 172 break; 173 case MSG_TRUST_MANAGED_CHANGED: 174 ((TrustListener)msg.obj).onTrustManagedChanged(msg.arg1 != 0, msg.arg2); 175 } 176 } 177 }; 178 179 public interface TrustListener { 180 181 /** 182 * Reports that the trust state has changed. 183 * @param enabled if true, the system believes the environment to be trusted. 184 * @param userId the user, for which the trust changed. 185 * @param flags flags specified by the trust agent when granting trust. See 186 * {@link android.service.trust.TrustAgentService#grantTrust(CharSequence, long, int) 187 * TrustAgentService.grantTrust(CharSequence, long, int)}. 188 */ 189 void onTrustChanged(boolean enabled, int userId, int flags); 190 191 /** 192 * Reports that whether trust is managed has changed 193 * @param enabled if true, at least one trust agent is managing trust. 194 * @param userId the user, for which the state changed. 195 */ 196 void onTrustManagedChanged(boolean enabled, int userId); 197 } 198} 199