Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 18f4dfd3 authored by Android Build Merger (Role)'s avatar Android Build Merger (Role) Committed by Android (Google) Code Review
Browse files

Merge "Merge "Generate challenge and reset lockout only if user has enrolled... 

Merge "Merge "Generate challenge and reset lockout only if user has enrolled biometrics" into qt-dev am: c6dd30da" into qt-dev-plus-aosp
parents b8b339bf f4e812e6

services/core/java/com/android/server/biometrics/BiometricService.java

+2 −3
Original line number Diff line number Diff line
@@ -760,7 +760,6 @@ public class BiometricService extends SystemService { 
        @Override // Binder call

        public int canAuthenticate(String opPackageName) {

            checkPermission();

            checkAppOp(opPackageName, Binder.getCallingUid());



            final int userId = UserHandle.getCallingUserId();

            final long ident = Binder.clearCallingIdentity();
@@ -833,9 +832,9 @@ public class BiometricService extends SystemService { 
    }



    private void checkPermission() {

        if (getContext().checkCallingPermission(USE_FINGERPRINT)

        if (getContext().checkCallingOrSelfPermission(USE_FINGERPRINT)

                != PackageManager.PERMISSION_GRANTED) {

            getContext().enforceCallingPermission(USE_BIOMETRIC,

            getContext().enforceCallingOrSelfPermission(USE_BIOMETRIC,

                    "Must have USE_BIOMETRIC permission");

        }

    }

services/core/java/com/android/server/locksettings/LockSettingsService.java

+7 −5
Original line number Diff line number Diff line
@@ -421,8 +421,9 @@ public class LockSettingsService extends ILockSettings.Stub { 
                    new PasswordSlotManager());

        }



        public boolean hasBiometrics() {

            return BiometricManager.hasBiometrics(mContext);

        public boolean hasEnrolledBiometrics() {

            BiometricManager bm = mContext.getSystemService(BiometricManager.class);

            return bm.canAuthenticate() == BiometricManager.BIOMETRIC_SUCCESS;

        }



        public int binderGetCallingUid() {
@@ -2502,7 +2503,8 @@ public class LockSettingsService extends ILockSettings.Stub { 
        // TODO: When lockout is handled under the HAL for all biometrics (fingerprint),

        // we need to generate challenge for each one, have it signed by GK and reset lockout

        // for each modality.

        if (!hasChallenge && pm.hasSystemFeature(PackageManager.FEATURE_FACE)) {

        if (!hasChallenge && pm.hasSystemFeature(PackageManager.FEATURE_FACE)

                && mInjector.hasEnrolledBiometrics()) {

            challenge = mContext.getSystemService(FaceManager.class).generateChallenge();

        }
@@ -2544,8 +2546,8 @@ public class LockSettingsService extends ILockSettings.Stub { 
        if (response.getResponseCode() == VerifyCredentialResponse.RESPONSE_OK) {

            notifyActivePasswordMetricsAvailable(credentialType, userCredential, userId);

            unlockKeystore(authResult.authToken.deriveKeyStorePassword(), userId);

            // Reset lockout

            if (mInjector.hasBiometrics()) {

            // Reset lockout only if user has enrolled templates

            if (mInjector.hasEnrolledBiometrics()) {

                BiometricManager bm = mContext.getSystemService(BiometricManager.class);

                Slog.i(TAG, "Resetting lockout, length: "

                        + authResult.gkResponse.getPayload().length);

services/tests/servicestests/src/com/android/server/locksettings/LockSettingsServiceTestable.java

+1 −1
Original line number Diff line number Diff line
@@ -110,7 +110,7 @@ public class LockSettingsServiceTestable extends LockSettingsService { 
        }



        @Override

        public boolean hasBiometrics() {

        public boolean hasEnrolledBiometrics() {

            return false;

        }