Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 2ae403a0 authored by Eric Biggers's avatar Eric Biggers
Browse files

Cleanly handle unknown response codes in setLockCredentialInternal() 

Instead of throwing an exception when getting an unknown
VerifyCredentialResponse code, just treat RESPONSE_ERROR and unknown
codes the same way.  This is needed to prevent the exception case from
being reached when RESPONSE_ERROR is split up.

A later CL could introduce different behavior for different response
codes, such as logging different messages.  For now I'd simply like to
make this call site consistent with all other non-test code, which does
not differentiate between RESPONSE_ERROR and unknown errors.

Test: atest FrameworksServicesTests:com.android.server.locksettings
Bug: 395976735
Flag: EXEMPT only changes behavior in case that isn't reachable yet
Change-Id: I55c7f841fa15027209de4ae9f46f2cd725e167d0
parent 121ac926

services/core/java/com/android/server/locksettings/LockSettingsService.java

+15 −15
Original line number Diff line number Diff line
@@ -1931,18 +1931,22 @@ public class LockSettingsService extends ILockSettings.Stub { 
    /**

     * Set a new LSKF for the given user/profile. Only succeeds if the synthetic password for the

     * user is protected by the given {@param savedCredential}.

     * <p>

     * When setting a new credential where there was none, updates the strong auth state for

     *

     * <p>When setting a new credential where there was none, updates the strong auth state for

     * {@param userId} to <tt>STRONG_AUTH_NOT_REQUIRED</tt>.

     *

     * @param savedCredential if the user is a profile with unified challenge and savedCredential is

     *     empty, LSS will try to re-derive the profile password internally.

     *     TODO (b/80170828): Fix this so profile password is always passed in.

     *     empty, LSS will try to re-derive the profile password internally. TODO (b/80170828): Fix

     *     this so profile password is always passed in.

     * @param isLockTiedToParent is {@code true} if {@code userId} is a profile and its new

     *     credentials are being tied to its parent's credentials.

     * @return {@code false} if verification of savedCredential failed

     */

    private boolean setLockCredentialInternal(LockscreenCredential credential,

            LockscreenCredential savedCredential, int userId, boolean isLockTiedToParent) {

    private boolean setLockCredentialInternal(

            LockscreenCredential credential,

            LockscreenCredential savedCredential,

            int userId,

            boolean isLockTiedToParent) {

        Objects.requireNonNull(credential);

        Objects.requireNonNull(savedCredential);

        synchronized (mSpManager) {
@@ -1967,18 +1971,14 @@ public class LockSettingsService extends ILockSettings.Stub { 
            SyntheticPassword sp = authResult.syntheticPassword;



            if (sp == null) {

                if (response == null

                        || response.getResponseCode() == VerifyCredentialResponse.RESPONSE_ERROR) {

                if (response != null

                        && response.getResponseCode() == VerifyCredentialResponse.RESPONSE_RETRY) {

                    Slog.w(TAG, "Failed to enroll: rate limit exceeded.");

                } else {

                    Slog.w(TAG, "Failed to enroll: incorrect credential.");

                    return false;

                }

                if (response.getResponseCode() == VerifyCredentialResponse.RESPONSE_RETRY) {

                    Slog.w(TAG, "Failed to enroll: rate limit exceeded.");

                return false;

            }

                // Should not be reachable, but just in case.

                throw new IllegalStateException("password change failed");

            }



            onSyntheticPasswordUnlocked(userId, sp);

            setLockCredentialWithSpLocked(credential, sp, userId);