Loading services/core/java/com/android/server/LockSettingsService.java +9 −5 Original line number Diff line number Diff line Loading @@ -1563,8 +1563,9 @@ public class LockSettingsService extends ILockSettings.Stub { // migration to synthetic password. synchronized (mSpManager) { if (shouldMigrateToSyntheticPasswordLocked(userId)) { initializeSyntheticPasswordLocked(storedHash.hash, credential, storedHash.type, userId); AuthenticationToken auth = initializeSyntheticPasswordLocked( storedHash.hash, credential, storedHash.type, userId); activateEscrowTokens(auth, userId); } } } Loading Loading @@ -2073,10 +2074,12 @@ public class LockSettingsService extends ILockSettings.Stub { pwdHandle, null, userId).authToken; } } if (isSyntheticPasswordBasedCredentialLocked(userId)) { disableEscrowTokenOnNonManagedDevicesIfNeeded(userId); if (!mSpManager.hasEscrowData(userId)) { throw new SecurityException("Escrow token is disabled on the current user"); } } long handle = mSpManager.createTokenBasedSyntheticPassword(token, userId); if (auth != null) { mSpManager.activateTokenBasedSyntheticPassword(handle, auth, userId); Loading @@ -2087,6 +2090,7 @@ public class LockSettingsService extends ILockSettings.Stub { private void activateEscrowTokens(AuthenticationToken auth, int userId) throws RemoteException { if (DEBUG) Slog.d(TAG, "activateEscrowTokens: user=" + userId); disableEscrowTokenOnNonManagedDevicesIfNeeded(userId); synchronized (mSpManager) { for (long handle : mSpManager.getPendingTokensForUser(userId)) { Slog.i(TAG, String.format("activateEscrowTokens: %x %d ", handle, userId)); Loading services/core/java/com/android/server/SyntheticPasswordManager.java +3 −3 Original line number Diff line number Diff line Loading @@ -65,14 +65,14 @@ import java.util.Set; * for each user (stored under DEFAULT_HANDLE): * SP_HANDLE_NAME: GateKeeper password handle of synthetic password. Only available if user * credential exists, cleared when user clears their credential. * SP_E0_NAME, SP_P1_NAME: Secret to derive synthetic password when combining with escrow * SP_E0_NAME, SP_P1_NAME: Secret to derive synthetic password when combined with escrow * tokens. Destroyed when escrow support is turned off for the given user. * * for each SP blob under the user (stored under the corresponding handle): * SP_BLOB_NAME: The encrypted synthetic password. Always exists. * PASSWORD_DATA_NAME: Metadata about user credential. Only exists for password based SP. * SECDISCARDABLE_NAME: Part of the necessary ingredient to decrypt SP_BLOB_NAME in order * to facilitate secure deletion. Exists if this is a non-weaver SP * SECDISCARDABLE_NAME: Part of the necessary ingredient to decrypt SP_BLOB_NAME for the * purpose of secure deletion. Exists if this is a non-weaver SP * (both password and token based), or it's a token-based SP under weaver. * WEAVER_SLOT: Metadata about the weaver slot used. Only exists if this is a SP under weaver. * Loading services/tests/servicestests/src/com/android/server/SyntheticPasswordTests.java +20 −0 Original line number Diff line number Diff line Loading @@ -320,6 +320,26 @@ public class SyntheticPasswordTests extends BaseLockSettingsServiceTests { assertTrue(hasSyntheticPassword(PRIMARY_USER_ID)); } public void testEscrowTokenActivatedLaterWithUserPasswordNeedsMigration() throws RemoteException { final String TOKEN = "some-high-entropy-secure-token"; final String PASSWORD = "password"; // Set up pre-SP user password disableSyntheticPassword(PRIMARY_USER_ID); mService.setLockCredential(PASSWORD, LockPatternUtils.CREDENTIAL_TYPE_PASSWORD, null, PRIMARY_USER_ID); enableSyntheticPassword(PRIMARY_USER_ID); long handle = mService.addEscrowToken(TOKEN.getBytes(), PRIMARY_USER_ID); // Token not activated immediately since user password exists assertFalse(mService.isEscrowTokenActive(handle, PRIMARY_USER_ID)); // Activate token (password gets migrated to SP at the same time) assertEquals(VerifyCredentialResponse.RESPONSE_OK, mService.verifyCredential(PASSWORD, LockPatternUtils.CREDENTIAL_TYPE_PASSWORD, 0, PRIMARY_USER_ID).getResponseCode()); // Verify token is activated assertTrue(mService.isEscrowTokenActive(handle, PRIMARY_USER_ID)); } // b/34600579 //TODO: add non-migration work profile case, and unify/un-unify transition. //TODO: test token after user resets password Loading Loading
services/core/java/com/android/server/LockSettingsService.java +9 −5 Original line number Diff line number Diff line Loading @@ -1563,8 +1563,9 @@ public class LockSettingsService extends ILockSettings.Stub { // migration to synthetic password. synchronized (mSpManager) { if (shouldMigrateToSyntheticPasswordLocked(userId)) { initializeSyntheticPasswordLocked(storedHash.hash, credential, storedHash.type, userId); AuthenticationToken auth = initializeSyntheticPasswordLocked( storedHash.hash, credential, storedHash.type, userId); activateEscrowTokens(auth, userId); } } } Loading Loading @@ -2073,10 +2074,12 @@ public class LockSettingsService extends ILockSettings.Stub { pwdHandle, null, userId).authToken; } } if (isSyntheticPasswordBasedCredentialLocked(userId)) { disableEscrowTokenOnNonManagedDevicesIfNeeded(userId); if (!mSpManager.hasEscrowData(userId)) { throw new SecurityException("Escrow token is disabled on the current user"); } } long handle = mSpManager.createTokenBasedSyntheticPassword(token, userId); if (auth != null) { mSpManager.activateTokenBasedSyntheticPassword(handle, auth, userId); Loading @@ -2087,6 +2090,7 @@ public class LockSettingsService extends ILockSettings.Stub { private void activateEscrowTokens(AuthenticationToken auth, int userId) throws RemoteException { if (DEBUG) Slog.d(TAG, "activateEscrowTokens: user=" + userId); disableEscrowTokenOnNonManagedDevicesIfNeeded(userId); synchronized (mSpManager) { for (long handle : mSpManager.getPendingTokensForUser(userId)) { Slog.i(TAG, String.format("activateEscrowTokens: %x %d ", handle, userId)); Loading
services/core/java/com/android/server/SyntheticPasswordManager.java +3 −3 Original line number Diff line number Diff line Loading @@ -65,14 +65,14 @@ import java.util.Set; * for each user (stored under DEFAULT_HANDLE): * SP_HANDLE_NAME: GateKeeper password handle of synthetic password. Only available if user * credential exists, cleared when user clears their credential. * SP_E0_NAME, SP_P1_NAME: Secret to derive synthetic password when combining with escrow * SP_E0_NAME, SP_P1_NAME: Secret to derive synthetic password when combined with escrow * tokens. Destroyed when escrow support is turned off for the given user. * * for each SP blob under the user (stored under the corresponding handle): * SP_BLOB_NAME: The encrypted synthetic password. Always exists. * PASSWORD_DATA_NAME: Metadata about user credential. Only exists for password based SP. * SECDISCARDABLE_NAME: Part of the necessary ingredient to decrypt SP_BLOB_NAME in order * to facilitate secure deletion. Exists if this is a non-weaver SP * SECDISCARDABLE_NAME: Part of the necessary ingredient to decrypt SP_BLOB_NAME for the * purpose of secure deletion. Exists if this is a non-weaver SP * (both password and token based), or it's a token-based SP under weaver. * WEAVER_SLOT: Metadata about the weaver slot used. Only exists if this is a SP under weaver. * Loading
services/tests/servicestests/src/com/android/server/SyntheticPasswordTests.java +20 −0 Original line number Diff line number Diff line Loading @@ -320,6 +320,26 @@ public class SyntheticPasswordTests extends BaseLockSettingsServiceTests { assertTrue(hasSyntheticPassword(PRIMARY_USER_ID)); } public void testEscrowTokenActivatedLaterWithUserPasswordNeedsMigration() throws RemoteException { final String TOKEN = "some-high-entropy-secure-token"; final String PASSWORD = "password"; // Set up pre-SP user password disableSyntheticPassword(PRIMARY_USER_ID); mService.setLockCredential(PASSWORD, LockPatternUtils.CREDENTIAL_TYPE_PASSWORD, null, PRIMARY_USER_ID); enableSyntheticPassword(PRIMARY_USER_ID); long handle = mService.addEscrowToken(TOKEN.getBytes(), PRIMARY_USER_ID); // Token not activated immediately since user password exists assertFalse(mService.isEscrowTokenActive(handle, PRIMARY_USER_ID)); // Activate token (password gets migrated to SP at the same time) assertEquals(VerifyCredentialResponse.RESPONSE_OK, mService.verifyCredential(PASSWORD, LockPatternUtils.CREDENTIAL_TYPE_PASSWORD, 0, PRIMARY_USER_ID).getResponseCode()); // Verify token is activated assertTrue(mService.isEscrowTokenActive(handle, PRIMARY_USER_ID)); } // b/34600579 //TODO: add non-migration work profile case, and unify/un-unify transition. //TODO: test token after user resets password Loading
