Merge changes from topic "lskf-chars-fix-2" into main

import static com.android.internal.widget.LockPatternUtils.CREDENTIAL_TYPE_PATTERN;

import static com.android.internal.widget.LockPatternUtils.CREDENTIAL_TYPE_PATTERN;

import static com.android.internal.widget.LockPatternUtils.CREDENTIAL_TYPE_PIN;

import static com.android.internal.widget.LockPatternUtils.CREDENTIAL_TYPE_PIN;

import static com.android.internal.widget.LockPatternUtils.MIN_LOCK_PASSWORD_SIZE;

import static com.android.internal.widget.LockPatternUtils.MIN_LOCK_PASSWORD_SIZE;

import static com.android.internal.widget.LockPatternUtils.MIN_LOCK_PATTERN_SIZE;

import static com.android.internal.widget.PasswordValidationError.CONTAINS_INVALID_CHARACTERS;

import static com.android.internal.widget.PasswordValidationError.CONTAINS_INVALID_CHARACTERS;

import static com.android.internal.widget.PasswordValidationError.CONTAINS_SEQUENCE;

import static com.android.internal.widget.PasswordValidationError.CONTAINS_SEQUENCE;

import static com.android.internal.widget.PasswordValidationError.NOT_ENOUGH_DIGITS;

import static com.android.internal.widget.PasswordValidationError.NOT_ENOUGH_DIGITS;

        }

        }

    }

    }

    private static boolean hasInvalidCharacters(byte[] password) {

        // Allow non-control Latin-1 characters only.

        for (byte b : password) {

            char c = (char) b;

            if (c < 32 || c > 127) {

                return true;

            }

        }

        return false;

    }

    @Override

    @Override

    public int describeContents() {

    public int describeContents() {

        return 0;

        return 0;

            return PasswordMetrics.computeForPasswordOrPin(credential.getCredential(),

            return PasswordMetrics.computeForPasswordOrPin(credential.getCredential(),

                    credential.isPin());

                    credential.isPin());

        } else if (credential.isPattern())  {

        } else if (credential.isPattern())  {

            return new PasswordMetrics(CREDENTIAL_TYPE_PATTERN);

            PasswordMetrics metrics = new PasswordMetrics(CREDENTIAL_TYPE_PATTERN);

            metrics.length = credential.size();

            return metrics;

        } else if (credential.isNone()) {

        } else if (credential.isNone()) {

            return new PasswordMetrics(CREDENTIAL_TYPE_NONE);

            return new PasswordMetrics(CREDENTIAL_TYPE_NONE);

        } else {

        } else {

            return Collections.singletonList(

            return Collections.singletonList(

                    new PasswordValidationError(CONTAINS_INVALID_CHARACTERS, 0));

                    new PasswordValidationError(CONTAINS_INVALID_CHARACTERS, 0));

        }

        }

        if (credential.isPassword() || credential.isPin()) {

        PasswordMetrics actualMetrics = computeForCredential(credential);

            return validatePassword(adminMetrics, minComplexity, credential.isPin(),

        return validatePasswordMetrics(adminMetrics, minComplexity, actualMetrics);

                    credential.getCredential());

        } else {

            return validatePasswordMetrics(adminMetrics, minComplexity,

                    new PasswordMetrics(credential.getType()));

        }

    }

    /**

     * Validates a proposed lockscreen credential against minimum metrics and complexity.

     *

     * @param adminMetrics minimum metrics to satisfy admin requirements

     * @param minComplexity minimum complexity imposed by the requester

     * @param isPin whether to validate as a PIN (true) or password (false)

     * @param password the proposed lockscreen credential as a byte[].  Must be the value from

     *                 {@link LockscreenCredential#getCredential()}.

     *

     * @return a list of validation errors. An empty list means the credential is OK.

     *

     * TODO: merge this into validateCredential() and remove the redundant hasInvalidCharacters(),

     *       once all external callers are removed

     */

    public static List<PasswordValidationError> validatePassword(

            PasswordMetrics adminMetrics, int minComplexity, boolean isPin, byte[] password) {

        if (hasInvalidCharacters(password)) {

            return Collections.singletonList(

                    new PasswordValidationError(CONTAINS_INVALID_CHARACTERS, 0));

        }

        final PasswordMetrics enteredMetrics = computeForPasswordOrPin(password, isPin);

        return validatePasswordMetrics(adminMetrics, minComplexity, enteredMetrics);

    }

    }

    /**

    /**

                || !bucket.allowsCredType(actualMetrics.credType)) {

                || !bucket.allowsCredType(actualMetrics.credType)) {

            return Collections.singletonList(new PasswordValidationError(WEAK_CREDENTIAL_TYPE, 0));

            return Collections.singletonList(new PasswordValidationError(WEAK_CREDENTIAL_TYPE, 0));

        }

        }

        if (actualMetrics.credType != CREDENTIAL_TYPE_PASSWORD

        if (actualMetrics.credType == CREDENTIAL_TYPE_PATTERN) {

                && actualMetrics.credType != CREDENTIAL_TYPE_PIN) {

            // For pattern, only need to check the length against the hardcoded minimum.  If the

            return Collections.emptyList(); // Nothing to check for pattern or none.

            // pattern length is unavailable (e.g., PasswordMetrics that was stored on-disk before

            // the pattern length started being included in it), assume it is okay.

            if (actualMetrics.length != 0 && actualMetrics.length < MIN_LOCK_PATTERN_SIZE) {

                return Collections.singletonList(new PasswordValidationError(TOO_SHORT,

                            MIN_LOCK_PATTERN_SIZE));

            }

            return Collections.emptyList();

        }

        if (actualMetrics.credType == CREDENTIAL_TYPE_NONE) {

            return Collections.emptyList(); // Nothing to check for none.

        }

        }

        if (actualMetrics.credType == CREDENTIAL_TYPE_PIN && actualMetrics.nonNumeric > 0) {

        if (actualMetrics.credType == CREDENTIAL_TYPE_PIN && actualMetrics.nonNumeric > 0) {

import androidx.test.ext.junit.runners.AndroidJUnit4;

import androidx.test.ext.junit.runners.AndroidJUnit4;

import androidx.test.filters.SmallTest;

import androidx.test.filters.SmallTest;

import com.android.internal.widget.LockPatternUtils;

import com.android.internal.widget.LockscreenCredential;

import com.android.internal.widget.LockscreenCredential;

import com.android.internal.widget.PasswordValidationError;

import com.android.internal.widget.PasswordValidationError;

                PasswordValidationError.TOO_SHORT, 6);

                PasswordValidationError.TOO_SHORT, 6);

    }

    }

    private LockscreenCredential createPattern(String patternString) {

        return LockscreenCredential.createPattern(LockPatternUtils.byteArrayToPattern(

                patternString.getBytes()));

    }

    @Test

    public void testValidateCredential_pattern() {

        PasswordMetrics adminMetrics = new PasswordMetrics(CREDENTIAL_TYPE_NONE);

        assertValidationErrors(

                validateCredential(adminMetrics, PASSWORD_COMPLEXITY_NONE, createPattern("123")),

                PasswordValidationError.TOO_SHORT, 4);

        assertValidationErrors(

                validateCredential(adminMetrics, PASSWORD_COMPLEXITY_NONE, createPattern("1234")));

    }

    /**

    /**

     * @param expected sequence of validation error codes followed by requirement values, must have

     * @param expected sequence of validation error codes followed by requirement values, must have

     *                 even number of elements. Empty means no errors.

     *                 even number of elements. Empty means no errors.