1 /*
2  * Copyright (C) 2017 The Android Open Source Project
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  *      http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 package android.service.oemlock;
18 
19 import android.annotation.Nullable;
20 import android.annotation.RequiresPermission;
21 import android.annotation.SystemApi;
22 import android.annotation.SystemService;
23 import android.content.Context;
24 import android.os.RemoteException;
25 
26 /**
27  * Interface for managing the OEM lock on the device.
28  *
29  * This will only be available if the device implements OEM lock protection.
30  *
31  * Multiple actors have an opinion on whether the device can be OEM unlocked and they must all be in
32  * agreement for unlock to be possible.
33  *
34  * @hide
35  */
36 @SystemApi
37 @SystemService(Context.OEM_LOCK_SERVICE)
38 public class OemLockManager {
39     private IOemLockService mService;
40 
41     /** @hide */
OemLockManager(IOemLockService service)42     public OemLockManager(IOemLockService service) {
43         mService = service;
44     }
45 
46     /**
47      * Sets whether the carrier has allowed this device to be OEM unlocked.
48      *
49      * Depending on the implementation, the validity of the request might need to be proved. This
50      * can be acheived by passing a signature that the system will use to verify the request is
51      * legitimate.
52      *
53      * All actors involved must agree for OEM unlock to be possible.
54      *
55      * @param allowed Whether the device should be allowed to be unlocked.
56      * @param signature Optional proof of request validity, {@code null} for none.
57      * @throws IllegalArgumentException if a signature is required but was not provided.
58      * @throws SecurityException if the wrong signature was provided.
59      *
60      * @see #isOemUnlockAllowedByCarrier()
61      */
62     @RequiresPermission(android.Manifest.permission.MANAGE_CARRIER_OEM_UNLOCK_STATE)
setOemUnlockAllowedByCarrier(boolean allowed, @Nullable byte[] signature)63     public void setOemUnlockAllowedByCarrier(boolean allowed, @Nullable byte[] signature) {
64         try {
65             mService.setOemUnlockAllowedByCarrier(allowed, signature);
66         } catch (RemoteException e) {
67             throw e.rethrowFromSystemServer();
68         }
69     }
70 
71     /**
72      * Returns whether the carrier has allowed this device to be OEM unlocked.
73      * @return Whether OEM unlock is allowed by the carrier, or true if no OEM lock is present.
74      *
75      * @see #setOemUnlockAllowedByCarrier(boolean, byte[])
76      */
77     @RequiresPermission(android.Manifest.permission.MANAGE_CARRIER_OEM_UNLOCK_STATE)
isOemUnlockAllowedByCarrier()78     public boolean isOemUnlockAllowedByCarrier() {
79         try {
80             return mService.isOemUnlockAllowedByCarrier();
81         } catch (RemoteException e) {
82             throw e.rethrowFromSystemServer();
83         }
84     }
85 
86     /**
87      * Sets whether the user has allowed this device to be unlocked.
88      *
89      * All actors involved must agree for OEM unlock to be possible.
90      *
91      * @param unlocked Whether the device should be made OEM unlocked.
92      *
93      * @see #isOemUnlockAllowedByUser()
94      */
95     @RequiresPermission(android.Manifest.permission.MANAGE_USER_OEM_UNLOCK_STATE)
setOemUnlockAllowedByUser(boolean allowed)96     public void setOemUnlockAllowedByUser(boolean allowed) {
97         try {
98             mService.setOemUnlockAllowedByUser(allowed);
99         } catch (RemoteException e) {
100             throw e.rethrowFromSystemServer();
101         }
102     }
103 
104     /**
105      * Returns whether, or not, the user has allowed this device to be OEM unlocked.
106      * @return Whether OEM unlock is allowed by the user, or true if no OEM lock is present.
107      *
108      * @see #setOemUnlockAllowedByUser(boolean)
109      */
110     @RequiresPermission(android.Manifest.permission.MANAGE_USER_OEM_UNLOCK_STATE)
isOemUnlockAllowedByUser()111     public boolean isOemUnlockAllowedByUser() {
112         try {
113             return mService.isOemUnlockAllowedByUser();
114         } catch (RemoteException e) {
115             throw e.rethrowFromSystemServer();
116         }
117     }
118 }
119