Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit dded065c authored by Adrian Roos's avatar Adrian Roos Committed by Android (Google) Code Review
Browse files

Merge "Trust Agents: Add facility to request credential entry"

parents 779b3f04 2c12cfa1
Loading
Loading
Loading
Loading
+1 −0
Original line number Diff line number Diff line
@@ -26,6 +26,7 @@ import android.app.trust.ITrustListener;
interface ITrustManager {
    void reportUnlockAttempt(boolean successful, int userId);
    void reportEnabledTrustAgentsChanged(int userId);
    void reportRequireCredentialEntry(int userId);
    void registerTrustListener(in ITrustListener trustListener);
    void unregisterTrustListener(in ITrustListener trustListener);
}
+15 −0
Original line number Diff line number Diff line
@@ -70,6 +70,21 @@ public class TrustManager {
        }
    }

    /**
     * Reports that trust is disabled until credentials have been entered for user {@param userId}.
     *
     * Requires the {@link android.Manifest.permission#ACCESS_KEYGUARD_SECURE_STORAGE} permission.
     *
     * @param userId either an explicit user id or {@link android.os.UserHandle#USER_ALL}
     */
    public void reportRequireCredentialEntry(int userId) {
        try {
            mService.reportRequireCredentialEntry(userId);
        } catch (RemoteException e) {
            onError(e);
        }
    }

    /**
     * Registers a listener for trust events.
     *
+7 −0
Original line number Diff line number Diff line
@@ -1460,4 +1460,11 @@ public class LockPatternUtils {
        }
        return activeTrustAgents;
    }

    /**
     * @see android.app.trust.TrustManager#reportRequireCredentialEntry(int)
     */
    public void requireCredentialEntry(int userId) {
        getTrustManager().reportRequireCredentialEntry(userId);
    }
}
+28 −2
Original line number Diff line number Diff line
@@ -88,6 +88,7 @@ public class TrustManagerService extends SystemService {
    private static final int MSG_UNREGISTER_LISTENER = 2;
    private static final int MSG_DISPATCH_UNLOCK_ATTEMPT = 3;
    private static final int MSG_ENABLED_AGENTS_CHANGED = 4;
    private static final int MSG_REQUIRE_CREDENTIAL_ENTRY = 5;

    private final ArraySet<AgentInfo> mActiveAgents = new ArraySet<AgentInfo>();
    private final ArrayList<ITrustListener> mTrustListeners = new ArrayList<ITrustListener>();
@@ -314,6 +315,17 @@ public class TrustManagerService extends SystemService {
        }
    }


    private void requireCredentialEntry(int userId) {
        if (userId == UserHandle.USER_ALL) {
            mUserHasAuthenticatedSinceBoot.clear();
            updateTrustAll();
        } else {
            mUserHasAuthenticatedSinceBoot.put(userId, false);
            updateTrust(userId);
        }
    }

    // Listeners

    private void addListener(ITrustListener listener) {
@@ -366,6 +378,17 @@ public class TrustManagerService extends SystemService {
            mHandler.sendEmptyMessage(MSG_ENABLED_AGENTS_CHANGED);
        }

        @Override
        public void reportRequireCredentialEntry(int userId) throws RemoteException {
            enforceReportPermission();
            if (userId == UserHandle.USER_ALL || userId >= UserHandle.USER_OWNER) {
                mHandler.obtainMessage(MSG_REQUIRE_CREDENTIAL_ENTRY, userId, 0).sendToTarget();
            } else {
                throw new IllegalArgumentException(
                        "userId must be an explicit user id or USER_ALL");
            }
        }

        @Override
        public void registerTrustListener(ITrustListener trustListener) throws RemoteException {
            enforceListenerPermission();
@@ -379,8 +402,8 @@ public class TrustManagerService extends SystemService {
        }

        private void enforceReportPermission() {
            mContext.enforceCallingPermission(Manifest.permission.ACCESS_KEYGUARD_SECURE_STORAGE,
                    "reporting trust events");
            mContext.enforceCallingOrSelfPermission(
                    Manifest.permission.ACCESS_KEYGUARD_SECURE_STORAGE, "reporting trust events");
        }

        private void enforceListenerPermission() {
@@ -460,6 +483,9 @@ public class TrustManagerService extends SystemService {
                case MSG_ENABLED_AGENTS_CHANGED:
                    refreshAgentList();
                    break;
                case MSG_REQUIRE_CREDENTIAL_ENTRY:
                    requireCredentialEntry(msg.arg1);
                    break;
            }
        }
    };