Fixes setting password through DevicePolicyManager (987672d2) · Commits · e / os / android_frameworks_base

core/java/com/android/internal/widget/LockPatternUtils.java

+17 −8

Original line number	Diff line number	Diff line
		@@ -359,7 +359,8 @@ public class LockPatternUtils {
		* @return Whether the password matches any in the history.
		*/
		public boolean checkPasswordHistory(String password) {
		String passwordHashString = new String(passwordToHash(password));
		String passwordHashString = new String(
		passwordToHash(password, getCurrentOrCallingUserId()));
		String passwordHistory = getString(PASSWORD_HISTORY_KEY);
		if (passwordHistory == null) {
		return false;
		@@ -828,7 +829,7 @@ public class LockPatternUtils {
		if (passwordHistoryLength == 0) {
		passwordHistory = "";
		} else {
		byte[] hash = passwordToHash(password);
		byte[] hash = passwordToHash(password, userHandle);
		passwordHistory = new String(hash) + "," + passwordHistory;
		// Cut it to contain passwordHistoryLength hashes
		// and passwordHistoryLength -1 commas.
		@@ -944,13 +945,13 @@ public class LockPatternUtils {
		}
		}

		private String getSalt() {
		long salt = getLong(LOCK_PASSWORD_SALT_KEY, 0);
		private String getSalt(int userId) {
		long salt = getLong(LOCK_PASSWORD_SALT_KEY, 0, userId);
		if (salt == 0) {
		try {
		salt = SecureRandom.getInstance("SHA1PRNG").nextLong();
		setLong(LOCK_PASSWORD_SALT_KEY, salt);
		Log.v(TAG, "Initialized lock password salt");
		setLong(LOCK_PASSWORD_SALT_KEY, salt, userId);
		Log.v(TAG, "Initialized lock password salt for user: " + userId);
		} catch (NoSuchAlgorithmException e) {
		// Throw an exception rather than storing a password we'll never be able to recover
		throw new IllegalStateException("Couldn't get SecureRandom number", e);
		@@ -966,14 +967,14 @@ public class LockPatternUtils {
		* @param password the gesture pattern.
		* @return the hash of the pattern in a byte array.
		*/
		public byte[] passwordToHash(String password) {
		public byte[] passwordToHash(String password, int userId) {
		if (password == null) {
		return null;
		}
		String algo = null;
		byte[] hashed = null;
		try {
		byte[] saltedPassword = (password + getSalt()).getBytes();
		byte[] saltedPassword = (password + getSalt(userId)).getBytes();
		byte[] sha1 = MessageDigest.getInstance(algo = "SHA-1").digest(saltedPassword);
		byte[] md5 = MessageDigest.getInstance(algo = "MD5").digest(saltedPassword);
		hashed = (toHex(sha1) + toHex(md5)).getBytes();
		@@ -1336,6 +1337,14 @@ public class LockPatternUtils {
		return true;
		}

		private long getLong(String secureSettingKey, long defaultValue, int userHandle) {
		try {
		return getLockSettings().getLong(secureSettingKey, defaultValue, userHandle);
		} catch (RemoteException re) {
		return defaultValue;
		}
		}

		private long getLong(String secureSettingKey, long defaultValue) {
		try {
		return getLockSettings().getLong(secureSettingKey, defaultValue,

services/core/java/com/android/server/LockSettingsService.java

+3 −2

Original line number	Diff line number	Diff line
		@@ -346,7 +346,8 @@ public class LockSettingsService extends ILockSettings.Stub {

		maybeUpdateKeystore(password, userId);

		writeFile(getLockPasswordFilename(userId), mLockPatternUtils.passwordToHash(password));
		writeFile(getLockPasswordFilename(userId),
		mLockPatternUtils.passwordToHash(password, userId));
		}

		@Override
		@@ -391,7 +392,7 @@ public class LockSettingsService extends ILockSettings.Stub {
		return true;
		}
		// Compare the hash from the file with the entered password's hash
		final byte[] hash = mLockPatternUtils.passwordToHash(password);
		final byte[] hash = mLockPatternUtils.passwordToHash(password, userId);
		final boolean matched = Arrays.equals(stored, hash);
		if (matched && !TextUtils.isEmpty(password)) {
		maybeUpdateKeystore(password, userId);