Loading core/java/android/app/admin/DevicePolicyManager.java +4 −1 Original line number Diff line number Diff line Loading @@ -1381,13 +1381,16 @@ public class DevicePolicyManager { * characters when the requested quality is only numeric), in which case * the currently active quality will be increased to match. * * <p>Calling with a null or empty password will clear any existing PIN, * pattern or password if the current password constraints allow it. * * <p>The calling device admin must have requested * {@link DeviceAdminInfo#USES_POLICY_RESET_PASSWORD} to be able to call * this method; if it has not, a security exception will be thrown. * * <p>Calling this from a managed profile will throw a security exception. * * @param password The new password for the user. * @param password The new password for the user. Null or empty clears the password. * @param flags May be 0 or {@link #RESET_PASSWORD_REQUIRE_ENTRY}. * @return Returns true if the password was applied, or false if it is * not acceptable for the current constraints. Loading core/java/com/android/internal/widget/LockPatternUtils.java +52 −33 Original line number Diff line number Diff line Loading @@ -191,9 +191,6 @@ public class LockPatternUtils { return trust; } /** * @param contentResolver Used to look up and save settings. */ public LockPatternUtils(Context context) { mContext = context; mContentResolver = context.getContentResolver(); Loading Loading @@ -490,17 +487,23 @@ public class LockPatternUtils { return activePasswordQuality; } public void clearLock(boolean isFallback) { clearLock(isFallback, getCurrentOrCallingUserId()); } /** * Clear any lock pattern or password. */ public void clearLock(boolean isFallback) { if(!isFallback) deleteGallery(); saveLockPassword(null, DevicePolicyManager.PASSWORD_QUALITY_SOMETHING); setLockPatternEnabled(false); saveLockPattern(null); setLong(PASSWORD_TYPE_KEY, DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED); setLong(PASSWORD_TYPE_ALTERNATE_KEY, DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED); onAfterChangingPassword(); public void clearLock(boolean isFallback, int userHandle) { if(!isFallback) deleteGallery(userHandle); saveLockPassword(null, DevicePolicyManager.PASSWORD_QUALITY_SOMETHING, isFallback, userHandle); setLockPatternEnabled(false, userHandle); saveLockPattern(null, isFallback, userHandle); setLong(PASSWORD_TYPE_KEY, DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED, userHandle); setLong(PASSWORD_TYPE_ALTERNATE_KEY, DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED, userHandle); onAfterChangingPassword(userHandle); } /** Loading Loading @@ -547,11 +550,11 @@ public class LockPatternUtils { /** * Calls back SetupFaceLock to delete the gallery file when the lock type is changed */ void deleteGallery() { if(usingBiometricWeak()) { void deleteGallery(int userId) { if(usingBiometricWeak(userId)) { Intent intent = new Intent().setAction("com.android.facelock.DELETE_GALLERY"); intent.putExtra("deleteGallery", true); mContext.sendBroadcast(intent); mContext.sendBroadcastAsUser(intent, new UserHandle(userId)); } } Loading @@ -566,11 +569,20 @@ public class LockPatternUtils { /** * Save a lock pattern. * @param pattern The new pattern to save. * @param isFallback Specifies if this is a fallback to biometric weak */ public void saveLockPattern(List<LockPatternView.Cell> pattern, boolean isFallback) { this.saveLockPattern(pattern, isFallback, getCurrentOrCallingUserId()); } /** * Save a lock pattern. * @param pattern The new pattern to save. * @param isFallback Specifies if this is a fallback to biometric weak * @param userId the user whose pattern is to be saved. */ public void saveLockPattern(List<LockPatternView.Cell> pattern, boolean isFallback, int userId) { try { int userId = getCurrentOrCallingUserId(); getLockSettings().setLockPattern(patternToString(pattern), userId); DevicePolicyManager dpm = getDevicePolicyManager(); if (pattern != null) { Loading @@ -586,17 +598,17 @@ public class LockPatternUtils { } } setBoolean(PATTERN_EVER_CHOSEN_KEY, true); setBoolean(PATTERN_EVER_CHOSEN_KEY, true, userId); if (!isFallback) { deleteGallery(); setLong(PASSWORD_TYPE_KEY, DevicePolicyManager.PASSWORD_QUALITY_SOMETHING); deleteGallery(userId); setLong(PASSWORD_TYPE_KEY, DevicePolicyManager.PASSWORD_QUALITY_SOMETHING, userId); dpm.setActivePasswordState(DevicePolicyManager.PASSWORD_QUALITY_SOMETHING, pattern.size(), 0, 0, 0, 0, 0, 0, userId); } else { setLong(PASSWORD_TYPE_KEY, DevicePolicyManager.PASSWORD_QUALITY_BIOMETRIC_WEAK); setLong(PASSWORD_TYPE_KEY, DevicePolicyManager.PASSWORD_QUALITY_BIOMETRIC_WEAK, userId); setLong(PASSWORD_TYPE_ALTERNATE_KEY, DevicePolicyManager.PASSWORD_QUALITY_SOMETHING); finishBiometricWeak(); DevicePolicyManager.PASSWORD_QUALITY_SOMETHING, userId); finishBiometricWeak(userId); dpm.setActivePasswordState(DevicePolicyManager.PASSWORD_QUALITY_BIOMETRIC_WEAK, 0, 0, 0, 0, 0, 0, 0, userId); } Loading @@ -604,7 +616,7 @@ public class LockPatternUtils { dpm.setActivePasswordState(DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED, 0, 0, 0, 0, 0, 0, 0, userId); } onAfterChangingPassword(); onAfterChangingPassword(userId); } catch (RemoteException re) { Log.e(TAG, "Couldn't save lock pattern " + re); } Loading Loading @@ -822,7 +834,7 @@ public class LockPatternUtils { } if (!isFallback) { deleteGallery(); deleteGallery(userHandle); setLong(PASSWORD_TYPE_KEY, Math.max(quality, computedQuality), userHandle); if (computedQuality != DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED) { int letters = 0; Loading Loading @@ -862,7 +874,7 @@ public class LockPatternUtils { userHandle); setLong(PASSWORD_TYPE_ALTERNATE_KEY, Math.max(quality, computedQuality), userHandle); finishBiometricWeak(); finishBiometricWeak(userHandle); dpm.setActivePasswordState(DevicePolicyManager.PASSWORD_QUALITY_BIOMETRIC_WEAK, 0, 0, 0, 0, 0, 0, 0, userHandle); } Loading @@ -870,7 +882,7 @@ public class LockPatternUtils { // password hashes have the same length for simplicity of implementation. String passwordHistory = getString(PASSWORD_HISTORY_KEY, userHandle); if (passwordHistory == null) { passwordHistory = new String(); passwordHistory = ""; } int passwordHistoryLength = getRequestedPasswordHistoryLength(); if (passwordHistoryLength == 0) { Loading @@ -897,7 +909,7 @@ public class LockPatternUtils { DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED, 0, 0, 0, 0, 0, 0, 0, userHandle); } onAfterChangingPassword(); onAfterChangingPassword(userHandle); } catch (RemoteException re) { // Cant do much Log.e(TAG, "Unable to save lock password " + re); Loading Loading @@ -1190,7 +1202,14 @@ public class LockPatternUtils { * Set whether the lock pattern is enabled. */ public void setLockPatternEnabled(boolean enabled) { setBoolean(Settings.Secure.LOCK_PATTERN_ENABLED, enabled); setLockPatternEnabled(enabled, getCurrentOrCallingUserId()); } /** * Set whether the lock pattern is enabled. */ public void setLockPatternEnabled(boolean enabled, int userHandle) { setBoolean(Settings.Secure.LOCK_PATTERN_ENABLED, enabled, userHandle); } /** Loading Loading @@ -1584,15 +1603,15 @@ public class LockPatternUtils { return (TelecomManager) mContext.getSystemService(Context.TELECOM_SERVICE); } private void finishBiometricWeak() { setBoolean(BIOMETRIC_WEAK_EVER_CHOSEN_KEY, true); private void finishBiometricWeak(int userId) { setBoolean(BIOMETRIC_WEAK_EVER_CHOSEN_KEY, true, userId); // Launch intent to show final screen, this also // moves the temporary gallery to the actual gallery Intent intent = new Intent(); intent.setClassName("com.android.facelock", "com.android.facelock.SetupEndScreen"); mContext.startActivity(intent); mContext.startActivityAsUser(intent, new UserHandle(userId)); } public void setPowerButtonInstantlyLocks(boolean enabled) { Loading Loading @@ -1686,8 +1705,8 @@ public class LockPatternUtils { getTrustManager().reportRequireCredentialEntry(userId); } private void onAfterChangingPassword() { getTrustManager().reportEnabledTrustAgentsChanged(getCurrentOrCallingUserId()); private void onAfterChangingPassword(int userHandle) { getTrustManager().reportEnabledTrustAgentsChanged(userHandle); } public boolean isCredentialRequiredToDecrypt(boolean defaultValue) { Loading services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +9 −2 Original line number Diff line number Diff line Loading @@ -77,6 +77,7 @@ import android.security.Credentials; import android.security.IKeyChainService; import android.security.KeyChain; import android.security.KeyChain.KeyChainConnection; import android.text.TextUtils; import android.util.Log; import android.util.PrintWriterPrinter; import android.util.Printer; Loading Loading @@ -2575,13 +2576,15 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { return strictestAdmin; } public boolean resetPassword(String password, int flags, int userHandle) { public boolean resetPassword(String passwordOrNull, int flags, int userHandle) { if (!mHasFeature) { return false; } enforceCrossUserPermission(userHandle); enforceNotManagedProfile(userHandle, "reset the password"); String password = passwordOrNull != null ? passwordOrNull : ""; int quality; synchronized (this) { // This api can only be called by an active device admin, Loading Loading @@ -2685,7 +2688,11 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { long ident = Binder.clearCallingIdentity(); try { LockPatternUtils utils = new LockPatternUtils(mContext); if (!TextUtils.isEmpty(password)) { utils.saveLockPassword(password, quality, false, userHandle); } else { utils.clearLock(false, userHandle); } boolean requireEntry = (flags & DevicePolicyManager.RESET_PASSWORD_REQUIRE_ENTRY) != 0; if (requireEntry) { utils.requireCredentialEntry(UserHandle.USER_ALL); Loading Loading
core/java/android/app/admin/DevicePolicyManager.java +4 −1 Original line number Diff line number Diff line Loading @@ -1381,13 +1381,16 @@ public class DevicePolicyManager { * characters when the requested quality is only numeric), in which case * the currently active quality will be increased to match. * * <p>Calling with a null or empty password will clear any existing PIN, * pattern or password if the current password constraints allow it. * * <p>The calling device admin must have requested * {@link DeviceAdminInfo#USES_POLICY_RESET_PASSWORD} to be able to call * this method; if it has not, a security exception will be thrown. * * <p>Calling this from a managed profile will throw a security exception. * * @param password The new password for the user. * @param password The new password for the user. Null or empty clears the password. * @param flags May be 0 or {@link #RESET_PASSWORD_REQUIRE_ENTRY}. * @return Returns true if the password was applied, or false if it is * not acceptable for the current constraints. Loading
core/java/com/android/internal/widget/LockPatternUtils.java +52 −33 Original line number Diff line number Diff line Loading @@ -191,9 +191,6 @@ public class LockPatternUtils { return trust; } /** * @param contentResolver Used to look up and save settings. */ public LockPatternUtils(Context context) { mContext = context; mContentResolver = context.getContentResolver(); Loading Loading @@ -490,17 +487,23 @@ public class LockPatternUtils { return activePasswordQuality; } public void clearLock(boolean isFallback) { clearLock(isFallback, getCurrentOrCallingUserId()); } /** * Clear any lock pattern or password. */ public void clearLock(boolean isFallback) { if(!isFallback) deleteGallery(); saveLockPassword(null, DevicePolicyManager.PASSWORD_QUALITY_SOMETHING); setLockPatternEnabled(false); saveLockPattern(null); setLong(PASSWORD_TYPE_KEY, DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED); setLong(PASSWORD_TYPE_ALTERNATE_KEY, DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED); onAfterChangingPassword(); public void clearLock(boolean isFallback, int userHandle) { if(!isFallback) deleteGallery(userHandle); saveLockPassword(null, DevicePolicyManager.PASSWORD_QUALITY_SOMETHING, isFallback, userHandle); setLockPatternEnabled(false, userHandle); saveLockPattern(null, isFallback, userHandle); setLong(PASSWORD_TYPE_KEY, DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED, userHandle); setLong(PASSWORD_TYPE_ALTERNATE_KEY, DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED, userHandle); onAfterChangingPassword(userHandle); } /** Loading Loading @@ -547,11 +550,11 @@ public class LockPatternUtils { /** * Calls back SetupFaceLock to delete the gallery file when the lock type is changed */ void deleteGallery() { if(usingBiometricWeak()) { void deleteGallery(int userId) { if(usingBiometricWeak(userId)) { Intent intent = new Intent().setAction("com.android.facelock.DELETE_GALLERY"); intent.putExtra("deleteGallery", true); mContext.sendBroadcast(intent); mContext.sendBroadcastAsUser(intent, new UserHandle(userId)); } } Loading @@ -566,11 +569,20 @@ public class LockPatternUtils { /** * Save a lock pattern. * @param pattern The new pattern to save. * @param isFallback Specifies if this is a fallback to biometric weak */ public void saveLockPattern(List<LockPatternView.Cell> pattern, boolean isFallback) { this.saveLockPattern(pattern, isFallback, getCurrentOrCallingUserId()); } /** * Save a lock pattern. * @param pattern The new pattern to save. * @param isFallback Specifies if this is a fallback to biometric weak * @param userId the user whose pattern is to be saved. */ public void saveLockPattern(List<LockPatternView.Cell> pattern, boolean isFallback, int userId) { try { int userId = getCurrentOrCallingUserId(); getLockSettings().setLockPattern(patternToString(pattern), userId); DevicePolicyManager dpm = getDevicePolicyManager(); if (pattern != null) { Loading @@ -586,17 +598,17 @@ public class LockPatternUtils { } } setBoolean(PATTERN_EVER_CHOSEN_KEY, true); setBoolean(PATTERN_EVER_CHOSEN_KEY, true, userId); if (!isFallback) { deleteGallery(); setLong(PASSWORD_TYPE_KEY, DevicePolicyManager.PASSWORD_QUALITY_SOMETHING); deleteGallery(userId); setLong(PASSWORD_TYPE_KEY, DevicePolicyManager.PASSWORD_QUALITY_SOMETHING, userId); dpm.setActivePasswordState(DevicePolicyManager.PASSWORD_QUALITY_SOMETHING, pattern.size(), 0, 0, 0, 0, 0, 0, userId); } else { setLong(PASSWORD_TYPE_KEY, DevicePolicyManager.PASSWORD_QUALITY_BIOMETRIC_WEAK); setLong(PASSWORD_TYPE_KEY, DevicePolicyManager.PASSWORD_QUALITY_BIOMETRIC_WEAK, userId); setLong(PASSWORD_TYPE_ALTERNATE_KEY, DevicePolicyManager.PASSWORD_QUALITY_SOMETHING); finishBiometricWeak(); DevicePolicyManager.PASSWORD_QUALITY_SOMETHING, userId); finishBiometricWeak(userId); dpm.setActivePasswordState(DevicePolicyManager.PASSWORD_QUALITY_BIOMETRIC_WEAK, 0, 0, 0, 0, 0, 0, 0, userId); } Loading @@ -604,7 +616,7 @@ public class LockPatternUtils { dpm.setActivePasswordState(DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED, 0, 0, 0, 0, 0, 0, 0, userId); } onAfterChangingPassword(); onAfterChangingPassword(userId); } catch (RemoteException re) { Log.e(TAG, "Couldn't save lock pattern " + re); } Loading Loading @@ -822,7 +834,7 @@ public class LockPatternUtils { } if (!isFallback) { deleteGallery(); deleteGallery(userHandle); setLong(PASSWORD_TYPE_KEY, Math.max(quality, computedQuality), userHandle); if (computedQuality != DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED) { int letters = 0; Loading Loading @@ -862,7 +874,7 @@ public class LockPatternUtils { userHandle); setLong(PASSWORD_TYPE_ALTERNATE_KEY, Math.max(quality, computedQuality), userHandle); finishBiometricWeak(); finishBiometricWeak(userHandle); dpm.setActivePasswordState(DevicePolicyManager.PASSWORD_QUALITY_BIOMETRIC_WEAK, 0, 0, 0, 0, 0, 0, 0, userHandle); } Loading @@ -870,7 +882,7 @@ public class LockPatternUtils { // password hashes have the same length for simplicity of implementation. String passwordHistory = getString(PASSWORD_HISTORY_KEY, userHandle); if (passwordHistory == null) { passwordHistory = new String(); passwordHistory = ""; } int passwordHistoryLength = getRequestedPasswordHistoryLength(); if (passwordHistoryLength == 0) { Loading @@ -897,7 +909,7 @@ public class LockPatternUtils { DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED, 0, 0, 0, 0, 0, 0, 0, userHandle); } onAfterChangingPassword(); onAfterChangingPassword(userHandle); } catch (RemoteException re) { // Cant do much Log.e(TAG, "Unable to save lock password " + re); Loading Loading @@ -1190,7 +1202,14 @@ public class LockPatternUtils { * Set whether the lock pattern is enabled. */ public void setLockPatternEnabled(boolean enabled) { setBoolean(Settings.Secure.LOCK_PATTERN_ENABLED, enabled); setLockPatternEnabled(enabled, getCurrentOrCallingUserId()); } /** * Set whether the lock pattern is enabled. */ public void setLockPatternEnabled(boolean enabled, int userHandle) { setBoolean(Settings.Secure.LOCK_PATTERN_ENABLED, enabled, userHandle); } /** Loading Loading @@ -1584,15 +1603,15 @@ public class LockPatternUtils { return (TelecomManager) mContext.getSystemService(Context.TELECOM_SERVICE); } private void finishBiometricWeak() { setBoolean(BIOMETRIC_WEAK_EVER_CHOSEN_KEY, true); private void finishBiometricWeak(int userId) { setBoolean(BIOMETRIC_WEAK_EVER_CHOSEN_KEY, true, userId); // Launch intent to show final screen, this also // moves the temporary gallery to the actual gallery Intent intent = new Intent(); intent.setClassName("com.android.facelock", "com.android.facelock.SetupEndScreen"); mContext.startActivity(intent); mContext.startActivityAsUser(intent, new UserHandle(userId)); } public void setPowerButtonInstantlyLocks(boolean enabled) { Loading Loading @@ -1686,8 +1705,8 @@ public class LockPatternUtils { getTrustManager().reportRequireCredentialEntry(userId); } private void onAfterChangingPassword() { getTrustManager().reportEnabledTrustAgentsChanged(getCurrentOrCallingUserId()); private void onAfterChangingPassword(int userHandle) { getTrustManager().reportEnabledTrustAgentsChanged(userHandle); } public boolean isCredentialRequiredToDecrypt(boolean defaultValue) { Loading
services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java +9 −2 Original line number Diff line number Diff line Loading @@ -77,6 +77,7 @@ import android.security.Credentials; import android.security.IKeyChainService; import android.security.KeyChain; import android.security.KeyChain.KeyChainConnection; import android.text.TextUtils; import android.util.Log; import android.util.PrintWriterPrinter; import android.util.Printer; Loading Loading @@ -2575,13 +2576,15 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { return strictestAdmin; } public boolean resetPassword(String password, int flags, int userHandle) { public boolean resetPassword(String passwordOrNull, int flags, int userHandle) { if (!mHasFeature) { return false; } enforceCrossUserPermission(userHandle); enforceNotManagedProfile(userHandle, "reset the password"); String password = passwordOrNull != null ? passwordOrNull : ""; int quality; synchronized (this) { // This api can only be called by an active device admin, Loading Loading @@ -2685,7 +2688,11 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { long ident = Binder.clearCallingIdentity(); try { LockPatternUtils utils = new LockPatternUtils(mContext); if (!TextUtils.isEmpty(password)) { utils.saveLockPassword(password, quality, false, userHandle); } else { utils.clearLock(false, userHandle); } boolean requireEntry = (flags & DevicePolicyManager.RESET_PASSWORD_REQUIRE_ENTRY) != 0; if (requireEntry) { utils.requireCredentialEntry(UserHandle.USER_ALL); Loading
