1 /* 2 * Copyright (C) 2014 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License 15 */ 16 17 package android.app.trust; 18 19 import android.os.Handler; 20 import android.os.IBinder; 21 import android.os.Looper; 22 import android.os.Message; 23 import android.os.RemoteException; 24 import android.util.ArrayMap; 25 import android.util.Log; 26 27 /** 28 * See {@link com.android.server.trust.TrustManagerService} 29 * @hide 30 */ 31 public class TrustManager { 32 33 private static final int MSG_TRUST_CHANGED = 1; 34 private static final int MSG_TRUST_MANAGED_CHANGED = 2; 35 36 private static final String TAG = "TrustManager"; 37 private static final String DATA_INITIATED_BY_USER = "initiatedByUser"; 38 39 private final ITrustManager mService; 40 private final ArrayMap<TrustListener, ITrustListener> mTrustListeners; 41 42 public TrustManager(IBinder b) { 43 mService = ITrustManager.Stub.asInterface(b); 44 mTrustListeners = new ArrayMap<TrustListener, ITrustListener>(); 45 } 46 47 /** 48 * Reports that user {@param userId} has tried to unlock the device. 49 * 50 * @param successful if true, the unlock attempt was successful. 51 * 52 * Requires the {@link android.Manifest.permission#ACCESS_KEYGUARD_SECURE_STORAGE} permission. 53 */ 54 public void reportUnlockAttempt(boolean successful, int userId) { 55 try { 56 mService.reportUnlockAttempt(successful, userId); 57 } catch (RemoteException e) { 58 onError(e); 59 } 60 } 61 62 /** 63 * Reports that the list of enabled trust agents changed for user {@param userId}. 64 * 65 * Requires the {@link android.Manifest.permission#ACCESS_KEYGUARD_SECURE_STORAGE} permission. 66 */ 67 public void reportEnabledTrustAgentsChanged(int userId) { 68 try { 69 mService.reportEnabledTrustAgentsChanged(userId); 70 } catch (RemoteException e) { 71 onError(e); 72 } 73 } 74 75 /** 76 * Reports that trust is disabled until credentials have been entered for user {@param userId}. 77 * 78 * Requires the {@link android.Manifest.permission#ACCESS_KEYGUARD_SECURE_STORAGE} permission. 79 * 80 * @param userId either an explicit user id or {@link android.os.UserHandle#USER_ALL} 81 */ 82 public void reportRequireCredentialEntry(int userId) { 83 try { 84 mService.reportRequireCredentialEntry(userId); 85 } catch (RemoteException e) { 86 onError(e); 87 } 88 } 89 90 /** 91 * Registers a listener for trust events. 92 * 93 * Requires the {@link android.Manifest.permission#TRUST_LISTENER} permission. 94 */ 95 public void registerTrustListener(final TrustListener trustListener) { 96 try { 97 ITrustListener.Stub iTrustListener = new ITrustListener.Stub() { 98 @Override 99 public void onTrustChanged(boolean enabled, int userId, boolean initiatedByUser) { 100 Message m = mHandler.obtainMessage(MSG_TRUST_CHANGED, (enabled ? 1 : 0), userId, 101 trustListener); 102 if (initiatedByUser) { 103 m.getData().putBoolean(DATA_INITIATED_BY_USER, initiatedByUser); 104 } 105 m.sendToTarget(); 106 } 107 108 @Override 109 public void onTrustManagedChanged(boolean managed, int userId) { 110 mHandler.obtainMessage(MSG_TRUST_MANAGED_CHANGED, (managed ? 1 : 0), userId, 111 trustListener).sendToTarget(); 112 } 113 }; 114 mService.registerTrustListener(iTrustListener); 115 mTrustListeners.put(trustListener, iTrustListener); 116 } catch (RemoteException e) { 117 onError(e); 118 } 119 } 120 121 /** 122 * Unregisters a listener for trust events. 123 * 124 * Requires the {@link android.Manifest.permission#TRUST_LISTENER} permission. 125 */ 126 public void unregisterTrustListener(final TrustListener trustListener) { 127 ITrustListener iTrustListener = mTrustListeners.remove(trustListener); 128 if (iTrustListener != null) { 129 try { 130 mService.unregisterTrustListener(iTrustListener); 131 } catch (RemoteException e) { 132 onError(e); 133 } 134 } 135 } 136 137 private void onError(Exception e) { 138 Log.e(TAG, "Error while calling TrustManagerService", e); 139 } 140 141 private final Handler mHandler = new Handler(Looper.getMainLooper()) { 142 @Override 143 public void handleMessage(Message msg) { 144 switch(msg.what) { 145 case MSG_TRUST_CHANGED: 146 boolean initiatedByUser = msg.peekData() != null && 147 msg.peekData().getBoolean(DATA_INITIATED_BY_USER); 148 ((TrustListener)msg.obj).onTrustChanged( 149 msg.arg1 != 0, msg.arg2, initiatedByUser); 150 151 break; 152 case MSG_TRUST_MANAGED_CHANGED: 153 ((TrustListener)msg.obj).onTrustManagedChanged(msg.arg1 != 0, msg.arg2); 154 } 155 } 156 }; 157 158 public interface TrustListener { 159 160 /** 161 * Reports that the trust state has changed. 162 * @param enabled if true, the system believes the environment to be trusted. 163 * @param userId the user, for which the trust changed. 164 * @param initiatedByUser indicates that the user has explicitly initiated an action that 165 * proves the user is about to use the device. 166 */ 167 void onTrustChanged(boolean enabled, int userId, boolean initiatedByUser); 168 169 /** 170 * Reports that whether trust is managed has changed 171 * @param enabled if true, at least one trust agent is managing trust. 172 * @param userId the user, for which the state changed. 173 */ 174 void onTrustManagedChanged(boolean enabled, int userId); 175 } 176 } 177
