TrustManager.java revision 56878a93989a49538fabccfb7218face645030bf
1/* 2 * Copyright (C) 2014 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License 15 */ 16 17package android.app.trust; 18 19import android.annotation.IntDef; 20import android.os.Handler; 21import android.os.IBinder; 22import android.os.Looper; 23import android.os.Message; 24import android.os.RemoteException; 25import android.os.UserHandle; 26import android.util.ArrayMap; 27import android.util.Log; 28import android.util.SparseIntArray; 29 30import java.lang.annotation.Retention; 31import java.lang.annotation.RetentionPolicy; 32 33/** 34 * See {@link com.android.server.trust.TrustManagerService} 35 * @hide 36 */ 37public class TrustManager { 38 39 private static final int MSG_TRUST_CHANGED = 1; 40 private static final int MSG_TRUST_MANAGED_CHANGED = 2; 41 42 private static final String TAG = "TrustManager"; 43 private static final String DATA_FLAGS = "initiatedByUser"; 44 45 private final ITrustManager mService; 46 private final ArrayMap<TrustListener, ITrustListener> mTrustListeners; 47 48 public TrustManager(IBinder b) { 49 mService = ITrustManager.Stub.asInterface(b); 50 mTrustListeners = new ArrayMap<TrustListener, ITrustListener>(); 51 } 52 53 /** 54 * Changes the lock status for the given user. This is only applicable to Managed Profiles, 55 * other users should be handled by Keyguard. 56 * 57 * @param userId The id for the user to be locked/unlocked. 58 * @param locked The value for that user's locked state. 59 */ 60 public void setDeviceLockedForUser(int userId, boolean locked) { 61 try { 62 mService.setDeviceLockedForUser(userId, locked); 63 } catch (RemoteException e) { 64 onError(e); 65 } 66 } 67 68 /** 69 * Reports that user {@param userId} has tried to unlock the device. 70 * 71 * @param successful if true, the unlock attempt was successful. 72 * 73 * Requires the {@link android.Manifest.permission#ACCESS_KEYGUARD_SECURE_STORAGE} permission. 74 */ 75 public void reportUnlockAttempt(boolean successful, int userId) { 76 try { 77 mService.reportUnlockAttempt(successful, userId); 78 } catch (RemoteException e) { 79 onError(e); 80 } 81 } 82 83 /** 84 * Reports that the list of enabled trust agents changed for user {@param userId}. 85 * 86 * Requires the {@link android.Manifest.permission#ACCESS_KEYGUARD_SECURE_STORAGE} permission. 87 */ 88 public void reportEnabledTrustAgentsChanged(int userId) { 89 try { 90 mService.reportEnabledTrustAgentsChanged(userId); 91 } catch (RemoteException e) { 92 onError(e); 93 } 94 } 95 96 /** 97 * Reports that the visibility of the keyguard has changed. 98 * 99 * Requires the {@link android.Manifest.permission#ACCESS_KEYGUARD_SECURE_STORAGE} permission. 100 */ 101 public void reportKeyguardShowingChanged() { 102 try { 103 mService.reportKeyguardShowingChanged(); 104 } catch (RemoteException e) { 105 onError(e); 106 } 107 } 108 109 /** 110 * Registers a listener for trust events. 111 * 112 * Requires the {@link android.Manifest.permission#TRUST_LISTENER} permission. 113 */ 114 public void registerTrustListener(final TrustListener trustListener) { 115 try { 116 ITrustListener.Stub iTrustListener = new ITrustListener.Stub() { 117 @Override 118 public void onTrustChanged(boolean enabled, int userId, int flags) { 119 Message m = mHandler.obtainMessage(MSG_TRUST_CHANGED, (enabled ? 1 : 0), userId, 120 trustListener); 121 if (flags != 0) { 122 m.getData().putInt(DATA_FLAGS, flags); 123 } 124 m.sendToTarget(); 125 } 126 127 @Override 128 public void onTrustManagedChanged(boolean managed, int userId) { 129 mHandler.obtainMessage(MSG_TRUST_MANAGED_CHANGED, (managed ? 1 : 0), userId, 130 trustListener).sendToTarget(); 131 } 132 }; 133 mService.registerTrustListener(iTrustListener); 134 mTrustListeners.put(trustListener, iTrustListener); 135 } catch (RemoteException e) { 136 onError(e); 137 } 138 } 139 140 /** 141 * Unregisters a listener for trust events. 142 * 143 * Requires the {@link android.Manifest.permission#TRUST_LISTENER} permission. 144 */ 145 public void unregisterTrustListener(final TrustListener trustListener) { 146 ITrustListener iTrustListener = mTrustListeners.remove(trustListener); 147 if (iTrustListener != null) { 148 try { 149 mService.unregisterTrustListener(iTrustListener); 150 } catch (RemoteException e) { 151 onError(e); 152 } 153 } 154 } 155 156 private void onError(Exception e) { 157 Log.e(TAG, "Error while calling TrustManagerService", e); 158 } 159 160 private final Handler mHandler = new Handler(Looper.getMainLooper()) { 161 @Override 162 public void handleMessage(Message msg) { 163 switch(msg.what) { 164 case MSG_TRUST_CHANGED: 165 int flags = msg.peekData() != null ? msg.peekData().getInt(DATA_FLAGS) : 0; 166 ((TrustListener)msg.obj).onTrustChanged(msg.arg1 != 0, msg.arg2, flags); 167 break; 168 case MSG_TRUST_MANAGED_CHANGED: 169 ((TrustListener)msg.obj).onTrustManagedChanged(msg.arg1 != 0, msg.arg2); 170 } 171 } 172 }; 173 174 public interface TrustListener { 175 176 /** 177 * Reports that the trust state has changed. 178 * @param enabled if true, the system believes the environment to be trusted. 179 * @param userId the user, for which the trust changed. 180 * @param flags flags specified by the trust agent when granting trust. See 181 * {@link android.service.trust.TrustAgentService#grantTrust(CharSequence, long, int) 182 * TrustAgentService.grantTrust(CharSequence, long, int)}. 183 */ 184 void onTrustChanged(boolean enabled, int userId, int flags); 185 186 /** 187 * Reports that whether trust is managed has changed 188 * @param enabled if true, at least one trust agent is managing trust. 189 * @param userId the user, for which the state changed. 190 */ 191 void onTrustManagedChanged(boolean enabled, int userId); 192 } 193} 194