Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 06a905a7 authored by Eric Biggers's avatar Eric Biggers Committed by Automerger Merge Worker
Browse files

Merge "Avoid NPE when trying to unlock user with wrong token handle" into main... 

Merge "Avoid NPE when trying to unlock user with wrong token handle" into main am: 5197fd2f am: 63f5f356

Original change: https://android-review.googlesource.com/c/platform/frameworks/base/+/2928493



Change-Id: I6c2595ff534aac51d0a12ee534081e0a9b5241de
Signed-off-by: default avatarAutomerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
parents 46fe04e1 63f5f356

services/core/java/com/android/server/locksettings/SyntheticPasswordManager.java

+8 −2
Original line number Diff line number Diff line
@@ -1541,8 +1541,14 @@ class SyntheticPasswordManager { 
     */

    public @NonNull AuthenticationResult unlockTokenBasedProtector(

            IGateKeeperService gatekeeper, long protectorId, byte[] token, int userId) {

        SyntheticPasswordBlob blob = SyntheticPasswordBlob.fromBytes(loadState(SP_BLOB_NAME,

                    protectorId, userId));

        byte[] data = loadState(SP_BLOB_NAME, protectorId, userId);

        if (data == null) {

            AuthenticationResult result = new AuthenticationResult();

            result.gkResponse = VerifyCredentialResponse.ERROR;

            Slogf.w(TAG, "spblob not found for protector %016x, user %d", protectorId, userId);

            return result;

        }

        SyntheticPasswordBlob blob = SyntheticPasswordBlob.fromBytes(data);

        return unlockTokenBasedProtectorInternal(gatekeeper, protectorId, blob.mProtectorType,

                token, userId);

    }

services/tests/servicestests/src/com/android/server/locksettings/SyntheticPasswordTests.java

+8 −0
Original line number Diff line number Diff line
@@ -505,6 +505,14 @@ public class SyntheticPasswordTests extends BaseLockSettingsServiceTests { 
        assertEquals(CREDENTIAL_TYPE_NONE, mService.getCredentialType(PRIMARY_USER_ID));

    }



    @Test

    public void testUnlockUserWithTokenWithBadHandleReturnsFalse() {

        final long badTokenHandle = 123456789;

        final byte[] token = "some-high-entropy-secure-token".getBytes();

        mService.initializeSyntheticPassword(PRIMARY_USER_ID);

        assertFalse(mLocalService.unlockUserWithToken(badTokenHandle, token, PRIMARY_USER_ID));

    }



    @Test

    public void testGetHashFactorPrimaryUser() throws RemoteException {

        LockscreenCredential password = newPassword("password");