1 /* 2 * Copyright (C) 2014 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License 15 */ 16 17 package android.app.trust; 18 19 import android.os.Handler; 20 import android.os.IBinder; 21 import android.os.Looper; 22 import android.os.Message; 23 import android.os.RemoteException; 24 import android.util.ArrayMap; 25 import android.util.Log; 26 27 /** 28 * See {@link com.android.server.trust.TrustManagerService} 29 * @hide 30 */ 31 public class TrustManager { 32 33 private static final int MSG_TRUST_CHANGED = 1; 34 private static final int MSG_TRUST_MANAGED_CHANGED = 2; 35 36 private static final String TAG = "TrustManager"; 37 private static final String DATA_INITIATED_BY_USER = "initiatedByUser"; 38 39 private final ITrustManager mService; 40 private final ArrayMap<TrustListener, ITrustListener> mTrustListeners; 41 42 public TrustManager(IBinder b) { 43 mService = ITrustManager.Stub.asInterface(b); 44 mTrustListeners = new ArrayMap<TrustListener, ITrustListener>(); 45 } 46 47 /** 48 * Reports that user {@param userId} has tried to unlock the device. 49 * 50 * @param successful if true, the unlock attempt was successful. 51 * 52 * Requires the {@link android.Manifest.permission#ACCESS_KEYGUARD_SECURE_STORAGE} permission. 53 */ 54 public void reportUnlockAttempt(boolean successful, int userId) { 55 try { 56 mService.reportUnlockAttempt(successful, userId); 57 } catch (RemoteException e) { 58 onError(e); 59 } 60 } 61 62 /** 63 * Reports that the list of enabled trust agents changed for user {@param userId}. 64 * 65 * Requires the {@link android.Manifest.permission#ACCESS_KEYGUARD_SECURE_STORAGE} permission. 66 */ 67 public void reportEnabledTrustAgentsChanged(int userId) { 68 try { 69 mService.reportEnabledTrustAgentsChanged(userId); 70 } catch (RemoteException e) { 71 onError(e); 72 } 73 } 74 75 /** 76 * Reports that trust is disabled until credentials have been entered for user {@param userId}. 77 * 78 * Requires the {@link android.Manifest.permission#ACCESS_KEYGUARD_SECURE_STORAGE} permission. 79 * 80 * @param userId either an explicit user id or {@link android.os.UserHandle#USER_ALL} 81 */ 82 public void reportRequireCredentialEntry(int userId) { 83 try { 84 mService.reportRequireCredentialEntry(userId); 85 } catch (RemoteException e) { 86 onError(e); 87 } 88 } 89 90 /** 91 * Reports that the visibility of the keyguard has changed. 92 * 93 * Requires the {@link android.Manifest.permission#ACCESS_KEYGUARD_SECURE_STORAGE} permission. 94 */ 95 public void reportKeyguardShowingChanged() { 96 try { 97 mService.reportKeyguardShowingChanged(); 98 } catch (RemoteException e) { 99 onError(e); 100 } 101 } 102 103 /** 104 * Registers a listener for trust events. 105 * 106 * Requires the {@link android.Manifest.permission#TRUST_LISTENER} permission. 107 */ 108 public void registerTrustListener(final TrustListener trustListener) { 109 try { 110 ITrustListener.Stub iTrustListener = new ITrustListener.Stub() { 111 @Override 112 public void onTrustChanged(boolean enabled, int userId, boolean initiatedByUser) { 113 Message m = mHandler.obtainMessage(MSG_TRUST_CHANGED, (enabled ? 1 : 0), userId, 114 trustListener); 115 if (initiatedByUser) { 116 m.getData().putBoolean(DATA_INITIATED_BY_USER, initiatedByUser); 117 } 118 m.sendToTarget(); 119 } 120 121 @Override 122 public void onTrustManagedChanged(boolean managed, int userId) { 123 mHandler.obtainMessage(MSG_TRUST_MANAGED_CHANGED, (managed ? 1 : 0), userId, 124 trustListener).sendToTarget(); 125 } 126 }; 127 mService.registerTrustListener(iTrustListener); 128 mTrustListeners.put(trustListener, iTrustListener); 129 } catch (RemoteException e) { 130 onError(e); 131 } 132 } 133 134 /** 135 * Unregisters a listener for trust events. 136 * 137 * Requires the {@link android.Manifest.permission#TRUST_LISTENER} permission. 138 */ 139 public void unregisterTrustListener(final TrustListener trustListener) { 140 ITrustListener iTrustListener = mTrustListeners.remove(trustListener); 141 if (iTrustListener != null) { 142 try { 143 mService.unregisterTrustListener(iTrustListener); 144 } catch (RemoteException e) { 145 onError(e); 146 } 147 } 148 } 149 150 private void onError(Exception e) { 151 Log.e(TAG, "Error while calling TrustManagerService", e); 152 } 153 154 private final Handler mHandler = new Handler(Looper.getMainLooper()) { 155 @Override 156 public void handleMessage(Message msg) { 157 switch(msg.what) { 158 case MSG_TRUST_CHANGED: 159 boolean initiatedByUser = msg.peekData() != null && 160 msg.peekData().getBoolean(DATA_INITIATED_BY_USER); 161 ((TrustListener)msg.obj).onTrustChanged( 162 msg.arg1 != 0, msg.arg2, initiatedByUser); 163 164 break; 165 case MSG_TRUST_MANAGED_CHANGED: 166 ((TrustListener)msg.obj).onTrustManagedChanged(msg.arg1 != 0, msg.arg2); 167 } 168 } 169 }; 170 171 public interface TrustListener { 172 173 /** 174 * Reports that the trust state has changed. 175 * @param enabled if true, the system believes the environment to be trusted. 176 * @param userId the user, for which the trust changed. 177 * @param initiatedByUser indicates that the user has explicitly initiated an action that 178 * proves the user is about to use the device. 179 */ 180 void onTrustChanged(boolean enabled, int userId, boolean initiatedByUser); 181 182 /** 183 * Reports that whether trust is managed has changed 184 * @param enabled if true, at least one trust agent is managing trust. 185 * @param userId the user, for which the state changed. 186 */ 187 void onTrustManagedChanged(boolean enabled, int userId); 188 } 189 } 190
