2 * Copyright (c) 2015 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License
17 #ifndef __CAPI_DPM_SECURITY_POLICY_H__
18 #define __CAPI_DPM_SECURITY_POLICY_H__
22 #include <dpm/device-policy-manager.h>
26 * @brief This file provides APIs to control security functionality such as
27 * device encryption and screen lock.
35 * @addtogroup CAPI_DPM_SECURITY_POLICY_MODULE
41 * @brief Locks device screen immediately.
42 * @details An administrator can use this API to lock the device screen
46 * @privilege %http://tizen.org/privilege/dpm.lock
47 * @param[in] handle Device policy manager handle
48 * @return #DPM_ERROR_NONE on success, otherwise a negative value
49 * @retval #DPM_ERROR_NONE Successful
50 * @retval #DPM_ERROR_INVALID_PARAMETER Invalid parameter
51 * @retval #DPM_ERROR_PERMISSION_DENIED The application does not have
52 * the privilege to call this API
53 * @pre The handle must be created by dpm_manager_create().
54 * @see dpm_manager_create()
56 int dpm_security_lockout_screen(device_policy_manager_h handle);
60 * @brief Encrypts or decrypts internal storage.
61 * @details An administrator can use this API to enable full device
62 * encryption, which includes device memory and internal SD card.
63 * Before calling this API, administrator must ensure that
64 * the device password is set to alphanumeric quality.
65 * The administrator can set an alphanumeric password by using
66 * dpm_set_password_quality() API
69 * @privilege %http://tizen.org/privilege/dpm.security
70 * @param[in] handle Device policy manager handle
71 * @param[in] encrypt true if encryption is required, false if decryption is
73 * @return #DPM_ERROR_NONE on success, otherwise a negative value
74 * @retval #DPM_ERROR_NONE Successful
75 * @retval #DPM_ERROR_INVALID_PARAMETER Invalid parameter
76 * @retval #DPM_ERROR_PERMISSION_DENIED The application does not have
77 * the privilege to call this API
78 * @pre The handle must be created by dpm_manager_create().
79 * @see dpm_manager_create()
80 * @see dpm_security_is_internal_storage_encrypted()
82 int dpm_security_set_internal_storage_encryption(device_policy_manager_h handle, bool encrypt);
85 * @brief Checks the internal storage encryption state.
86 * @details An administrator can use this API to check whether internal
87 * storage encryption is enabled.
89 * @param[in] handle Device policy manager handle
90 * @param[out] is_encrypted true if internal storage is encrypted or being encrypted,
92 * @return #DPM_ERROR_NONE on success, otherwise a negative value
93 * @retval #DPM_ERROR_NONE Successful
94 * @retval #DPM_ERROR_INVALID_PARAMETER Invalid parameter
95 * @retval #DPM_ERROR_TIMED_OUT Time out
96 * @pre The handle must be created by dpm_manager_create().
97 * @see dpm_manager_create()
98 * @see dpm_security_set_internal_storage_encryption()
100 int dpm_security_is_internal_storage_encrypted(device_policy_manager_h handle, bool *is_encrypted);
104 * @brief Encrypts or decrypts external storage.
105 * @details An administrator can use this API to enable external SD card
106 * encryption. Before calling this API, administrator must
107 * ensure that the device password is set to alphanumeric quality.
108 * The administrator can set an alphanumeric password by using
109 * dpm_set_password_quality() API
112 * @privilege %http://tizen.org/privilege/dpm.security
113 * @param[in] handle Device policy manager handle
114 * @param[in] encrypt true if encryption is required, false if decryption is
116 * @return #DPM_ERROR_NONE on success, otherwise a negative value
117 * @retval #DPM_ERROR_NONE Successful
118 * @retval #DPM_ERROR_INVALID_PARAMETER Invalid parameter
119 * @retval #DPM_ERROR_PERMISSION_DENIED The application does not have
120 * the privilege to call this API
121 * @pre The handle must be created by dpm_manager_create().
122 * @see dpm_manager_create()
123 * @see dpm_security_is_external_storage_encryped()
125 int dpm_security_set_external_storage_encryption(device_policy_manager_h handle, bool encrypt);
128 * @brief Checks the external storage encryption state.
129 * @details An administrator can use this API to check whether external
130 * storage encryption is enabled.
132 * @param[in] handle Device policy manager handle
133 * @param[out] is_encrypted true if external storage is encrypted or being encrypted,
135 * @return #DPM_ERROR_NONE on success, otherwise a negative value
136 * @retval #DPM_ERROR_NONE Successful
137 * @retval #DPM_ERROR_INVALID_PARAMETER Invalid parameter
138 * @retval #DPM_ERROR_TIMED_OUT Time out
139 * @pre The handle must be created by dpm_manager_create().
140 * @see dpm_manager_create()
141 * @see dpm_security_set_external_storage_encryption()
143 int dpm_security_is_external_storage_encrypted(device_policy_manager_h handle, bool *is_encrypted);
146 * @brief Enumeration for device wipe type.
150 DPM_SECURITY_WIPE_INTERNAL_STORAGE = (1 << 0), /**< Wipe internal memory */
151 DPM_SECURITY_WIPE_EXTERNAL_STORAGE = (1 << 1), /**< Wipe external memory */
152 } dpm_security_wipe_type_e;
156 * @brief Wipes external memory, internal memory, or both selectively.
157 * @details Device Admin can use this API to wipe both SD card data
158 * and application data.
159 * Calling this API may require rebooting the device.
162 * @privilege %http://tizen.org/privilege/dpm.wipe
163 * @param[in] handle Device policy manager handle
164 * @param[in] type The target storage for wipe
165 * @return #DPM_ERROR_NONE on success, otherwise a negative value
166 * @retval #DPM_ERROR_NONE Successful
167 * @retval #DPM_ERROR_INVALID_PARAMETER Invalid parameter
168 * @retval #DPM_ERROR_PERMISSION_DENIED The application does not have
169 * the privilege to call this API
170 * @pre The handle must be created by dpm_manager_create().
171 * @see dpm_manager_create()
173 int dpm_security_wipe_data(device_policy_manager_h handle, dpm_security_wipe_type_e type);
183 #endif //! __CAPI_DPM_SECURITY_POLICY_H__