Merge "Rename TYPE_SP to TYPE_SP_GATEKEEPER" (1697a83b) · Commits · e / os / android_frameworks_base

services/core/java/com/android/server/locksettings/LockSettingsService.java

+2 −1

Original line number	Diff line number	Diff line
		@@ -1243,7 +1243,8 @@ public class LockSettingsService extends ILockSettings.Stub {

		private int getFrpCredentialType() {
		PersistentData data = mStorage.readPersistentDataBlock();
		if (data.type != PersistentData.TYPE_SP && data.type != PersistentData.TYPE_SP_WEAVER) {
		if (data.type != PersistentData.TYPE_SP_GATEKEEPER &&
		data.type != PersistentData.TYPE_SP_WEAVER) {
		return CREDENTIAL_TYPE_NONE;
		}
		int credentialType = SyntheticPasswordManager.getFrpCredentialType(data.payload);

services/core/java/com/android/server/locksettings/LockSettingsStorage.java

+1 −1

Original line number	Diff line number	Diff line
		@@ -587,7 +587,7 @@ class LockSettingsStorage {
		static final int VERSION_1_HEADER_SIZE = 1 + 1 + 4 + 4;

		public static final int TYPE_NONE = 0;
		public static final int TYPE_SP = 1;
		public static final int TYPE_SP_GATEKEEPER = 1;
		public static final int TYPE_SP_WEAVER = 2;

		public static final PersistentData NONE = new PersistentData(TYPE_NONE,

services/core/java/com/android/server/locksettings/SyntheticPasswordManager.java

+8 −8

Original line number	Diff line number	Diff line
		@@ -900,7 +900,7 @@ class SyntheticPasswordManager {
		protectorSecret = transformUnderSecdiscardable(stretchedLskf,
		createSecdiscardable(protectorId, userId));
		// No need to pass in quality since the credential type already encodes sufficient info
		synchronizeFrpPassword(pwd, 0, userId);
		synchronizeGatekeeperFrpPassword(pwd, 0, userId);
		}
		if (!credential.isNone()) {
		saveState(PASSWORD_DATA_NAME, pwd.toBytes(), protectorId, userId);
		@@ -916,7 +916,7 @@ class SyntheticPasswordManager {
		LockscreenCredential userCredential,
		ICheckCredentialProgressCallback progressCallback) {
		PersistentData persistentData = mStorage.readPersistentDataBlock();
		if (persistentData.type == PersistentData.TYPE_SP) {
		if (persistentData.type == PersistentData.TYPE_SP_GATEKEEPER) {
		PasswordData pwd = PasswordData.fromBytes(persistentData.payload);
		byte[] stretchedLskf = stretchLskf(userCredential, pwd);

		@@ -941,7 +941,7 @@ class SyntheticPasswordManager {

		return weaverVerify(weaverSlot, stretchedLskfToWeaverKey(stretchedLskf)).stripPayload();
		} else {
		Slog.e(TAG, "persistentData.type must be TYPE_SP or TYPE_SP_WEAVER, but is "
		Slog.e(TAG, "persistentData.type must be TYPE_SP_GATEKEEPER or TYPE_SP_WEAVER, but is "
		+ persistentData.type);
		return VerifyCredentialResponse.ERROR;
		}
		@@ -960,7 +960,7 @@ class SyntheticPasswordManager {
		if (weaverSlot != INVALID_WEAVER_SLOT) {
		synchronizeWeaverFrpPassword(pwd, requestedQuality, userInfo.id, weaverSlot);
		} else {
		synchronizeFrpPassword(pwd, requestedQuality, userInfo.id);
		synchronizeGatekeeperFrpPassword(pwd, requestedQuality, userInfo.id);
		}
		}
		}
		@@ -994,13 +994,13 @@ class SyntheticPasswordManager {
		return true;
		}

		private void synchronizeFrpPassword(@Nullable PasswordData pwd, int requestedQuality,
		private void synchronizeGatekeeperFrpPassword(@Nullable PasswordData pwd, int requestedQuality,
		int userId) {
		if (shouldSynchronizeFrpCredential(pwd, userId)) {
		Slogf.d(TAG, "Syncing Gatekeeper-based FRP credential tied to user %d", userId);
		if (!isNoneCredential(pwd)) {
		mStorage.writePersistentDataBlock(PersistentData.TYPE_SP, userId, requestedQuality,
		pwd.toBytes());
		mStorage.writePersistentDataBlock(PersistentData.TYPE_SP_GATEKEEPER, userId,
		requestedQuality, pwd.toBytes());
		} else {
		mStorage.writePersistentDataBlock(PersistentData.TYPE_NONE, userId, 0, null);
		}
		@@ -1224,7 +1224,7 @@ class SyntheticPasswordManager {
		pwd.credentialType = credential.getType();
		saveState(PASSWORD_DATA_NAME, pwd.toBytes(), protectorId, userId);
		syncState(userId);
		synchronizeFrpPassword(pwd, 0, userId);
		synchronizeGatekeeperFrpPassword(pwd, 0, userId);
		} else {
		Slog.w(TAG, "Fail to re-enroll user password for user " + userId);
		// continue the flow anyway

services/tests/servicestests/src/com/android/server/locksettings/LockSettingsStorageTests.java

+5 −5

Original line number	Diff line number	Diff line
		@@ -389,11 +389,11 @@ public class LockSettingsStorageTests {

		@Test
		public void testPersistentData_serializeUnserialize() {
		byte[] serialized = PersistentData.toBytes(PersistentData.TYPE_SP, SOME_USER_ID,
		byte[] serialized = PersistentData.toBytes(PersistentData.TYPE_SP_GATEKEEPER, SOME_USER_ID,
		DevicePolicyManager.PASSWORD_QUALITY_COMPLEX, PAYLOAD);
		PersistentData deserialized = PersistentData.fromBytes(serialized);

		assertEquals(PersistentData.TYPE_SP, deserialized.type);
		assertEquals(PersistentData.TYPE_SP_GATEKEEPER, deserialized.type);
		assertEquals(DevicePolicyManager.PASSWORD_QUALITY_COMPLEX, deserialized.qualityForUi);
		assertArrayEquals(PAYLOAD, deserialized.payload);
		}
		@@ -424,13 +424,13 @@ public class LockSettingsStorageTests {
		// the wire format in the future.
		byte[] serializedVersion1 = new byte[] {
		1, /* PersistentData.VERSION_1 */
		1, /* PersistentData.TYPE_SP */
		1, /* PersistentData.TYPE_SP_GATEKEEPER */
		0x00, 0x00, 0x04, 0x0A, /* SOME_USER_ID */
		0x00, 0x03, 0x00, 0x00, /* PASSWORD_NUMERIC_COMPLEX */
		1, 2, -1, -2, 33, /* PAYLOAD */
		};
		PersistentData deserialized = PersistentData.fromBytes(serializedVersion1);
		assertEquals(PersistentData.TYPE_SP, deserialized.type);
		assertEquals(PersistentData.TYPE_SP_GATEKEEPER, deserialized.type);
		assertEquals(SOME_USER_ID, deserialized.userId);
		assertEquals(DevicePolicyManager.PASSWORD_QUALITY_NUMERIC_COMPLEX,
		deserialized.qualityForUi);
		@@ -438,7 +438,7 @@ public class LockSettingsStorageTests {

		// Make sure the constants we use on the wire do not change.
		assertEquals(0, PersistentData.TYPE_NONE);
		assertEquals(1, PersistentData.TYPE_SP);
		assertEquals(1, PersistentData.TYPE_SP_GATEKEEPER);
		assertEquals(2, PersistentData.TYPE_SP_WEAVER);
		}