Merge "Keep track of whether LockscreenCredential is a unified profile password" into main

    // needed to do that check, since the conversion to mCredential may have been lossy.

    private final boolean mHasInvalidChars;

    // Whether the credential is a unified profile password, i.e. a long random password the system

    // generates and manages transparently to the user. Implies mType == CREDENTIAL_TYPE_PASSWORD.

    private final boolean mIsUnifiedProfilePassword;

    /**

     * Private constructor, use static builder methods instead.

     *

     * array and pass it in here. LockscreenCredential will only store the reference internally

     * without copying. This is to minimize the number of extra copies introduced.

     */

    private LockscreenCredential(int type, byte[] credential, boolean hasInvalidChars) {

    private LockscreenCredential(

            int type,

            byte[] credential,

            boolean hasInvalidChars,

            boolean isUnifiedProfilePassword) {

        Objects.requireNonNull(credential);

        if (type == CREDENTIAL_TYPE_NONE) {

            Preconditions.checkArgument(credential.length == 0);

            // LockscreenCredential object to be constructed so that the validation logic can run,

            // even though the validation logic will ultimately reject the credential as too short.

        }

        Preconditions.checkState(!isUnifiedProfilePassword || type == CREDENTIAL_TYPE_PASSWORD);

        mType = type;

        mCredential = credential;

        mHasInvalidChars = hasInvalidChars;

        mIsUnifiedProfilePassword = isUnifiedProfilePassword;

    }

    private LockscreenCredential(int type, CharSequence credential) {

        this(type, charsToBytesTruncating(credential), hasInvalidChars(credential));

        this(

                type,

                charsToBytesTruncating(credential),

                hasInvalidChars(credential),

                /* isUnifiedProfilePassword= */ false);

    }

    /**

     * Creates a LockscreenCredential object representing a none credential.

     */

    public static LockscreenCredential createNone() {

        return new LockscreenCredential(CREDENTIAL_TYPE_NONE, new byte[0], false);

        return new LockscreenCredential(CREDENTIAL_TYPE_NONE, new byte[0], false, false);

    }

    /**

     * Creates a LockscreenCredential object representing the given pattern.

     */

    public static LockscreenCredential createPattern(@NonNull List<LockPatternView.Cell> pattern) {

        return new LockscreenCredential(CREDENTIAL_TYPE_PATTERN,

                LockPatternUtils.patternToByteArray(pattern), /* hasInvalidChars= */ false);

        return new LockscreenCredential(

                CREDENTIAL_TYPE_PATTERN,

                LockPatternUtils.patternToByteArray(pattern),

                /* hasInvalidChars= */ false,

                /* isUnifiedProfilePassword= */ false);

    }

    /**

     * can then supersede the isLockTiedToParent argument in various places in LSS.

     */

    public static LockscreenCredential createUnifiedProfilePassword(@NonNull byte[] password) {

        return new LockscreenCredential(CREDENTIAL_TYPE_PASSWORD,

                copyOfArrayNonMovable(password), /* hasInvalidChars= */ false);

        return new LockscreenCredential(

                CREDENTIAL_TYPE_PASSWORD,

                copyOfArrayNonMovable(password),

                /* hasInvalidChars= */ false,

                /* isUnifiedProfilePassword= */ true);

    }

    /**

        return mHasInvalidChars;

    }

    /**

     * Returns whether this is a unified profile password credential.

     *

     * <p>Note that currently "unified profile password" is not a dedicated credential type, but

     * rather a subset of the "password" type. {@link #isPassword()} also returns true for them.

     */

    public boolean isUnifiedProfilePassword() {

        ensureNotZeroized();

        return mIsUnifiedProfilePassword;

    }

    /** Create a copy of the credential */

    public LockscreenCredential duplicate() {

        return new LockscreenCredential(mType,

        return new LockscreenCredential(

                mType,

                mCredential != null ? copyOfArrayNonMovable(mCredential) : null,

                mHasInvalidChars);

                mHasInvalidChars,

                mIsUnifiedProfilePassword);

    }

    /**

        dest.writeInt(mType);

        dest.writeByteArray(mCredential);

        dest.writeBoolean(mHasInvalidChars);

        dest.writeBoolean(mIsUnifiedProfilePassword);

    }

    public static final Parcelable.Creator<LockscreenCredential> CREATOR =

                @Override

                public LockscreenCredential createFromParcel(Parcel source) {

            return new LockscreenCredential(source.readInt(), source.createByteArray(),

                    return new LockscreenCredential(

                            source.readInt(),

                            source.createByteArray(),

                            source.readBoolean(),

                            source.readBoolean());

                }

    @Override

    public int hashCode() {

        // Effective Java — Always override hashCode when you override equals

        return Objects.hash(mType, Arrays.hashCode(mCredential), mHasInvalidChars);

        return Objects.hash(

                mType, Arrays.hashCode(mCredential), mHasInvalidChars, mIsUnifiedProfilePassword);

    }

    @Override

        if (o == this) return true;

        if (!(o instanceof LockscreenCredential)) return false;

        final LockscreenCredential other = (LockscreenCredential) o;

        return mType == other.mType && Arrays.equals(mCredential, other.mCredential)

            && mHasInvalidChars == other.mHasInvalidChars;

        return mType == other.mType

                && Arrays.equals(mCredential, other.mCredential)

                && mHasInvalidChars == other.mHasInvalidChars

                && mIsUnifiedProfilePassword == other.mIsUnifiedProfilePassword;

    }

    private static boolean hasInvalidChars(CharSequence chars) {

import org.junit.runner.RunWith;

import java.util.Arrays;

import java.util.Random;

/** atest FrameworksCoreTests:LockscreenCredentialTest */

@RunWith(AndroidJUnit4.class)

public class LockscreenCredentialTest {

        assertFalse(none.isPin());

        assertFalse(none.isPassword());

        assertFalse(none.isPattern());

        assertFalse(none.isUnifiedProfilePassword());

        assertFalse(none.hasInvalidChars());

        none.validateBasicRequirements();

    }

        assertFalse(pin.isNone());

        assertFalse(pin.isPassword());

        assertFalse(pin.isPattern());

        assertFalse(pin.isUnifiedProfilePassword());

        assertFalse(pin.hasInvalidChars());

        pin.validateBasicRequirements();

    }

        assertFalse(password.isNone());

        assertFalse(password.isPin());

        assertFalse(password.isPattern());

        assertFalse(password.isUnifiedProfilePassword());

        assertFalse(password.hasInvalidChars());

        password.validateBasicRequirements();

    }

        assertFalse(pattern.isNone());

        assertFalse(pattern.isPin());

        assertFalse(pattern.isPassword());

        assertFalse(pattern.isUnifiedProfilePassword());

        assertFalse(pattern.hasInvalidChars());

        pattern.validateBasicRequirements();

    }

    @Test

    public void testUnifiedProfilePasswordCredential() {

        final byte[] passwordBytes = new byte[40];

        new Random().nextBytes(passwordBytes);

        final LockscreenCredential password =

                LockscreenCredential.createUnifiedProfilePassword(passwordBytes);

        assertTrue(password.isPassword());

        assertTrue(password.isUnifiedProfilePassword());

        assertEquals(passwordBytes.length, password.size());

        assertArrayEquals(passwordBytes, password.getCredential());

        assertFalse(password.isNone());

        assertFalse(password.isPin());

        assertFalse(password.isPattern());

        assertFalse(password.hasInvalidChars());

        password.validateBasicRequirements();

    }

    // Constructing a LockscreenCredential with a too-short length, even 0, should not throw an

    // exception.  This is because LockscreenCredential needs to be able to represent a request to

    // set a credential that is too short.

            password.hasInvalidChars();

            fail("Sanitized credential still accessible");

        } catch (IllegalStateException expected) { }

        try {

            password.isUnifiedProfilePassword();

            fail("Sanitized credential still accessible");

        } catch (IllegalStateException expected) {

        }

        try {

            password.getCredential();

            fail("Sanitized credential still accessible");

        // the same byte[] (due to the truncation bug) but different values of mHasInvalidChars.

        assertNotEquals(LockscreenCredential.createPassword("™™™™"),

                LockscreenCredential.createPassword("\"\"\"\""));

        // Test that mIsUnifiedProfilePassword is compared.

        final String password = "password";

        assertNotEquals(

                LockscreenCredential.createPassword(password),

                LockscreenCredential.createUnifiedProfilePassword(password.getBytes()));

    }

    @Test

        // Test that mHasInvalidChars is duplicated.

        credential = LockscreenCredential.createPassword("™™™™");

        assertEquals(credential, credential.duplicate());

        // Test that mIsUnifiedProfilePassword is duplicated.

        credential = LockscreenCredential.createUnifiedProfilePassword("password".getBytes());

        assertEquals(credential, credential.duplicate());

    }

    @Test