Loading core/java/android/security/flags.aconfig +0 −7 Original line number Original line Diff line number Diff line Loading @@ -82,13 +82,6 @@ flag { bug: "337870680" bug: "337870680" } } flag { name: "report_primary_auth_attempts" namespace: "biometrics" description: "Report primary auth attempts from LockSettingsService" bug: "285053096" } flag { flag { name: "dump_attestation_verifications" name: "dump_attestation_verifications" namespace: "hardware_backed_security" namespace: "hardware_backed_security" Loading core/java/com/android/internal/widget/LockPatternUtils.java +2 −3 Original line number Original line Diff line number Diff line Loading @@ -22,7 +22,6 @@ import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_NUMERIC; import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_NUMERIC_COMPLEX; import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_NUMERIC_COMPLEX; import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_SOMETHING; import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_SOMETHING; import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED; import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED; import static android.security.Flags.reportPrimaryAuthAttempts; import static android.security.Flags.shouldTrustManagerListenForPrimaryAuth; import static android.security.Flags.shouldTrustManagerListenForPrimaryAuth; import static com.android.internal.widget.flags.Flags.hideLastCharWithPhysicalInput; import static com.android.internal.widget.flags.Flags.hideLastCharWithPhysicalInput; Loading Loading @@ -472,7 +471,7 @@ public class LockPatternUtils { return; return; } } getDevicePolicyManager().reportFailedPasswordAttempt(userId); getDevicePolicyManager().reportFailedPasswordAttempt(userId); if (!reportPrimaryAuthAttempts() || !shouldTrustManagerListenForPrimaryAuth()) { if (!shouldTrustManagerListenForPrimaryAuth()) { getTrustManager().reportUnlockAttempt(/* authenticated= */ false, userId); getTrustManager().reportUnlockAttempt(/* authenticated= */ false, userId); } } } } Loading @@ -483,7 +482,7 @@ public class LockPatternUtils { return; return; } } getDevicePolicyManager().reportSuccessfulPasswordAttempt(userId); getDevicePolicyManager().reportSuccessfulPasswordAttempt(userId); if (!reportPrimaryAuthAttempts() || !shouldTrustManagerListenForPrimaryAuth()) { if (!shouldTrustManagerListenForPrimaryAuth()) { getTrustManager().reportUnlockAttempt(/* authenticated= */ true, userId); getTrustManager().reportUnlockAttempt(/* authenticated= */ true, userId); } } } } Loading services/core/java/com/android/server/locksettings/LockSettingsService.java +2 −6 Original line number Original line Diff line number Diff line Loading @@ -31,7 +31,6 @@ import static android.content.Intent.ACTION_MAIN_USER_LOCKSCREEN_KNOWLEDGE_FACTO import static android.content.pm.PackageManager.PERMISSION_GRANTED; import static android.content.pm.PackageManager.PERMISSION_GRANTED; import static android.os.UserHandle.USER_ALL; import static android.os.UserHandle.USER_ALL; import static android.os.UserHandle.USER_SYSTEM; import static android.os.UserHandle.USER_SYSTEM; import static android.security.Flags.reportPrimaryAuthAttempts; import static com.android.internal.widget.LockPatternUtils.CREDENTIAL_TYPE_NONE; import static com.android.internal.widget.LockPatternUtils.CREDENTIAL_TYPE_NONE; import static com.android.internal.widget.LockPatternUtils.CREDENTIAL_TYPE_PASSWORD_OR_PIN; import static com.android.internal.widget.LockPatternUtils.CREDENTIAL_TYPE_PASSWORD_OR_PIN; Loading Loading @@ -2483,11 +2482,8 @@ public class LockSettingsService extends ILockSettings.Stub { requireStrongAuth(STRONG_AUTH_REQUIRED_AFTER_LOCKOUT, userId); requireStrongAuth(STRONG_AUTH_REQUIRED_AFTER_LOCKOUT, userId); } } } } if (reportPrimaryAuthAttempts()) { final boolean success = response.getResponseCode() == VerifyCredentialResponse.RESPONSE_OK; final boolean success = response.getResponseCode() == VerifyCredentialResponse.RESPONSE_OK; notifyLockSettingsStateListeners(success, userId); notifyLockSettingsStateListeners(success, userId); } return response; return response; } } Loading services/tests/servicestests/src/com/android/server/locksettings/LockSettingsServiceTests.java +0 −4 Original line number Original line Diff line number Diff line Loading @@ -18,7 +18,6 @@ package com.android.server.locksettings; import static android.Manifest.permission.CONFIGURE_FACTORY_RESET_PROTECTION; import static android.Manifest.permission.CONFIGURE_FACTORY_RESET_PROTECTION; import static android.security.Flags.FLAG_CLEAR_STRONG_AUTH_ON_ADD_PRIMARY_CREDENTIAL; import static android.security.Flags.FLAG_CLEAR_STRONG_AUTH_ON_ADD_PRIMARY_CREDENTIAL; import static android.security.Flags.FLAG_REPORT_PRIMARY_AUTH_ATTEMPTS; import static com.android.internal.widget.LockPatternUtils.CREDENTIAL_TYPE_NONE; import static com.android.internal.widget.LockPatternUtils.CREDENTIAL_TYPE_NONE; import static com.android.internal.widget.LockPatternUtils.CREDENTIAL_TYPE_PASSWORD; import static com.android.internal.widget.LockPatternUtils.CREDENTIAL_TYPE_PASSWORD; Loading Loading @@ -558,7 +557,6 @@ public class LockSettingsServiceTests extends BaseLockSettingsServiceTests { @Test @Test public void testVerifyCredential_notifyLockSettingsStateListeners_whenGoodPassword() public void testVerifyCredential_notifyLockSettingsStateListeners_whenGoodPassword() throws Exception { throws Exception { mSetFlagsRule.enableFlags(FLAG_REPORT_PRIMARY_AUTH_ATTEMPTS); final LockscreenCredential password = newPassword("password"); final LockscreenCredential password = newPassword("password"); setCredential(PRIMARY_USER_ID, password); setCredential(PRIMARY_USER_ID, password); final LockSettingsStateListener listener = mock(LockSettingsStateListener.class); final LockSettingsStateListener listener = mock(LockSettingsStateListener.class); Loading @@ -574,7 +572,6 @@ public class LockSettingsServiceTests extends BaseLockSettingsServiceTests { @Test @Test public void testVerifyCredential_notifyLockSettingsStateListeners_whenBadPassword() public void testVerifyCredential_notifyLockSettingsStateListeners_whenBadPassword() throws Exception { throws Exception { mSetFlagsRule.enableFlags(FLAG_REPORT_PRIMARY_AUTH_ATTEMPTS); final LockscreenCredential password = newPassword("password"); final LockscreenCredential password = newPassword("password"); setCredential(PRIMARY_USER_ID, password); setCredential(PRIMARY_USER_ID, password); final LockscreenCredential badPassword = newPassword("badPassword"); final LockscreenCredential badPassword = newPassword("badPassword"); Loading @@ -590,7 +587,6 @@ public class LockSettingsServiceTests extends BaseLockSettingsServiceTests { @Test @Test public void testLockSettingsStateListener_registeredThenUnregistered() throws Exception { public void testLockSettingsStateListener_registeredThenUnregistered() throws Exception { mSetFlagsRule.enableFlags(FLAG_REPORT_PRIMARY_AUTH_ATTEMPTS); final LockscreenCredential password = newPassword("password"); final LockscreenCredential password = newPassword("password"); setCredential(PRIMARY_USER_ID, password); setCredential(PRIMARY_USER_ID, password); final LockscreenCredential badPassword = newPassword("badPassword"); final LockscreenCredential badPassword = newPassword("badPassword"); Loading services/tests/servicestests/src/com/android/server/security/authenticationpolicy/AuthenticationPolicyServiceTest.java +0 −2 Original line number Original line Diff line number Diff line Loading @@ -18,7 +18,6 @@ package com.android.server.security.authenticationpolicy; import static android.adaptiveauth.Flags.FLAG_ENABLE_ADAPTIVE_AUTH; import static android.adaptiveauth.Flags.FLAG_ENABLE_ADAPTIVE_AUTH; import static android.adaptiveauth.Flags.FLAG_REPORT_BIOMETRIC_AUTH_ATTEMPTS; import static android.adaptiveauth.Flags.FLAG_REPORT_BIOMETRIC_AUTH_ATTEMPTS; import static android.security.Flags.FLAG_REPORT_PRIMARY_AUTH_ATTEMPTS; import static android.security.authenticationpolicy.AuthenticationPolicyManager.ERROR_UNSUPPORTED; import static android.security.authenticationpolicy.AuthenticationPolicyManager.ERROR_UNSUPPORTED; import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.SOME_AUTH_REQUIRED_AFTER_ADAPTIVE_AUTH_REQUEST; import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.SOME_AUTH_REQUIRED_AFTER_ADAPTIVE_AUTH_REQUEST; Loading Loading @@ -112,7 +111,6 @@ public class AuthenticationPolicyServiceTest { MockitoAnnotations.initMocks(this); MockitoAnnotations.initMocks(this); mSetFlagsRule.enableFlags(FLAG_ENABLE_ADAPTIVE_AUTH); mSetFlagsRule.enableFlags(FLAG_ENABLE_ADAPTIVE_AUTH); mSetFlagsRule.enableFlags(FLAG_REPORT_PRIMARY_AUTH_ATTEMPTS); mSetFlagsRule.enableFlags(FLAG_REPORT_BIOMETRIC_AUTH_ATTEMPTS); mSetFlagsRule.enableFlags(FLAG_REPORT_BIOMETRIC_AUTH_ATTEMPTS); mContext = spy(ApplicationProvider.getApplicationContext()); mContext = spy(ApplicationProvider.getApplicationContext()); Loading Loading
core/java/android/security/flags.aconfig +0 −7 Original line number Original line Diff line number Diff line Loading @@ -82,13 +82,6 @@ flag { bug: "337870680" bug: "337870680" } } flag { name: "report_primary_auth_attempts" namespace: "biometrics" description: "Report primary auth attempts from LockSettingsService" bug: "285053096" } flag { flag { name: "dump_attestation_verifications" name: "dump_attestation_verifications" namespace: "hardware_backed_security" namespace: "hardware_backed_security" Loading
core/java/com/android/internal/widget/LockPatternUtils.java +2 −3 Original line number Original line Diff line number Diff line Loading @@ -22,7 +22,6 @@ import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_NUMERIC; import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_NUMERIC_COMPLEX; import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_NUMERIC_COMPLEX; import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_SOMETHING; import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_SOMETHING; import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED; import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED; import static android.security.Flags.reportPrimaryAuthAttempts; import static android.security.Flags.shouldTrustManagerListenForPrimaryAuth; import static android.security.Flags.shouldTrustManagerListenForPrimaryAuth; import static com.android.internal.widget.flags.Flags.hideLastCharWithPhysicalInput; import static com.android.internal.widget.flags.Flags.hideLastCharWithPhysicalInput; Loading Loading @@ -472,7 +471,7 @@ public class LockPatternUtils { return; return; } } getDevicePolicyManager().reportFailedPasswordAttempt(userId); getDevicePolicyManager().reportFailedPasswordAttempt(userId); if (!reportPrimaryAuthAttempts() || !shouldTrustManagerListenForPrimaryAuth()) { if (!shouldTrustManagerListenForPrimaryAuth()) { getTrustManager().reportUnlockAttempt(/* authenticated= */ false, userId); getTrustManager().reportUnlockAttempt(/* authenticated= */ false, userId); } } } } Loading @@ -483,7 +482,7 @@ public class LockPatternUtils { return; return; } } getDevicePolicyManager().reportSuccessfulPasswordAttempt(userId); getDevicePolicyManager().reportSuccessfulPasswordAttempt(userId); if (!reportPrimaryAuthAttempts() || !shouldTrustManagerListenForPrimaryAuth()) { if (!shouldTrustManagerListenForPrimaryAuth()) { getTrustManager().reportUnlockAttempt(/* authenticated= */ true, userId); getTrustManager().reportUnlockAttempt(/* authenticated= */ true, userId); } } } } Loading
services/core/java/com/android/server/locksettings/LockSettingsService.java +2 −6 Original line number Original line Diff line number Diff line Loading @@ -31,7 +31,6 @@ import static android.content.Intent.ACTION_MAIN_USER_LOCKSCREEN_KNOWLEDGE_FACTO import static android.content.pm.PackageManager.PERMISSION_GRANTED; import static android.content.pm.PackageManager.PERMISSION_GRANTED; import static android.os.UserHandle.USER_ALL; import static android.os.UserHandle.USER_ALL; import static android.os.UserHandle.USER_SYSTEM; import static android.os.UserHandle.USER_SYSTEM; import static android.security.Flags.reportPrimaryAuthAttempts; import static com.android.internal.widget.LockPatternUtils.CREDENTIAL_TYPE_NONE; import static com.android.internal.widget.LockPatternUtils.CREDENTIAL_TYPE_NONE; import static com.android.internal.widget.LockPatternUtils.CREDENTIAL_TYPE_PASSWORD_OR_PIN; import static com.android.internal.widget.LockPatternUtils.CREDENTIAL_TYPE_PASSWORD_OR_PIN; Loading Loading @@ -2483,11 +2482,8 @@ public class LockSettingsService extends ILockSettings.Stub { requireStrongAuth(STRONG_AUTH_REQUIRED_AFTER_LOCKOUT, userId); requireStrongAuth(STRONG_AUTH_REQUIRED_AFTER_LOCKOUT, userId); } } } } if (reportPrimaryAuthAttempts()) { final boolean success = response.getResponseCode() == VerifyCredentialResponse.RESPONSE_OK; final boolean success = response.getResponseCode() == VerifyCredentialResponse.RESPONSE_OK; notifyLockSettingsStateListeners(success, userId); notifyLockSettingsStateListeners(success, userId); } return response; return response; } } Loading
services/tests/servicestests/src/com/android/server/locksettings/LockSettingsServiceTests.java +0 −4 Original line number Original line Diff line number Diff line Loading @@ -18,7 +18,6 @@ package com.android.server.locksettings; import static android.Manifest.permission.CONFIGURE_FACTORY_RESET_PROTECTION; import static android.Manifest.permission.CONFIGURE_FACTORY_RESET_PROTECTION; import static android.security.Flags.FLAG_CLEAR_STRONG_AUTH_ON_ADD_PRIMARY_CREDENTIAL; import static android.security.Flags.FLAG_CLEAR_STRONG_AUTH_ON_ADD_PRIMARY_CREDENTIAL; import static android.security.Flags.FLAG_REPORT_PRIMARY_AUTH_ATTEMPTS; import static com.android.internal.widget.LockPatternUtils.CREDENTIAL_TYPE_NONE; import static com.android.internal.widget.LockPatternUtils.CREDENTIAL_TYPE_NONE; import static com.android.internal.widget.LockPatternUtils.CREDENTIAL_TYPE_PASSWORD; import static com.android.internal.widget.LockPatternUtils.CREDENTIAL_TYPE_PASSWORD; Loading Loading @@ -558,7 +557,6 @@ public class LockSettingsServiceTests extends BaseLockSettingsServiceTests { @Test @Test public void testVerifyCredential_notifyLockSettingsStateListeners_whenGoodPassword() public void testVerifyCredential_notifyLockSettingsStateListeners_whenGoodPassword() throws Exception { throws Exception { mSetFlagsRule.enableFlags(FLAG_REPORT_PRIMARY_AUTH_ATTEMPTS); final LockscreenCredential password = newPassword("password"); final LockscreenCredential password = newPassword("password"); setCredential(PRIMARY_USER_ID, password); setCredential(PRIMARY_USER_ID, password); final LockSettingsStateListener listener = mock(LockSettingsStateListener.class); final LockSettingsStateListener listener = mock(LockSettingsStateListener.class); Loading @@ -574,7 +572,6 @@ public class LockSettingsServiceTests extends BaseLockSettingsServiceTests { @Test @Test public void testVerifyCredential_notifyLockSettingsStateListeners_whenBadPassword() public void testVerifyCredential_notifyLockSettingsStateListeners_whenBadPassword() throws Exception { throws Exception { mSetFlagsRule.enableFlags(FLAG_REPORT_PRIMARY_AUTH_ATTEMPTS); final LockscreenCredential password = newPassword("password"); final LockscreenCredential password = newPassword("password"); setCredential(PRIMARY_USER_ID, password); setCredential(PRIMARY_USER_ID, password); final LockscreenCredential badPassword = newPassword("badPassword"); final LockscreenCredential badPassword = newPassword("badPassword"); Loading @@ -590,7 +587,6 @@ public class LockSettingsServiceTests extends BaseLockSettingsServiceTests { @Test @Test public void testLockSettingsStateListener_registeredThenUnregistered() throws Exception { public void testLockSettingsStateListener_registeredThenUnregistered() throws Exception { mSetFlagsRule.enableFlags(FLAG_REPORT_PRIMARY_AUTH_ATTEMPTS); final LockscreenCredential password = newPassword("password"); final LockscreenCredential password = newPassword("password"); setCredential(PRIMARY_USER_ID, password); setCredential(PRIMARY_USER_ID, password); final LockscreenCredential badPassword = newPassword("badPassword"); final LockscreenCredential badPassword = newPassword("badPassword"); Loading
services/tests/servicestests/src/com/android/server/security/authenticationpolicy/AuthenticationPolicyServiceTest.java +0 −2 Original line number Original line Diff line number Diff line Loading @@ -18,7 +18,6 @@ package com.android.server.security.authenticationpolicy; import static android.adaptiveauth.Flags.FLAG_ENABLE_ADAPTIVE_AUTH; import static android.adaptiveauth.Flags.FLAG_ENABLE_ADAPTIVE_AUTH; import static android.adaptiveauth.Flags.FLAG_REPORT_BIOMETRIC_AUTH_ATTEMPTS; import static android.adaptiveauth.Flags.FLAG_REPORT_BIOMETRIC_AUTH_ATTEMPTS; import static android.security.Flags.FLAG_REPORT_PRIMARY_AUTH_ATTEMPTS; import static android.security.authenticationpolicy.AuthenticationPolicyManager.ERROR_UNSUPPORTED; import static android.security.authenticationpolicy.AuthenticationPolicyManager.ERROR_UNSUPPORTED; import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.SOME_AUTH_REQUIRED_AFTER_ADAPTIVE_AUTH_REQUEST; import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.SOME_AUTH_REQUIRED_AFTER_ADAPTIVE_AUTH_REQUEST; Loading Loading @@ -112,7 +111,6 @@ public class AuthenticationPolicyServiceTest { MockitoAnnotations.initMocks(this); MockitoAnnotations.initMocks(this); mSetFlagsRule.enableFlags(FLAG_ENABLE_ADAPTIVE_AUTH); mSetFlagsRule.enableFlags(FLAG_ENABLE_ADAPTIVE_AUTH); mSetFlagsRule.enableFlags(FLAG_REPORT_PRIMARY_AUTH_ATTEMPTS); mSetFlagsRule.enableFlags(FLAG_REPORT_BIOMETRIC_AUTH_ATTEMPTS); mSetFlagsRule.enableFlags(FLAG_REPORT_BIOMETRIC_AUTH_ATTEMPTS); mContext = spy(ApplicationProvider.getApplicationContext()); mContext = spy(ApplicationProvider.getApplicationContext()); Loading
