Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit aa79ca1b authored by Aaron Liu's avatar Aaron Liu
Browse files

Ensure that input is disabled when locked out. 

In the password security method, if we are locked out, one can use the
ime enter button to invoke #verifyPasswordAndUnlock which sets
setPasswordEntryInputEnabled(true). This allows the user to input a
password and bypass  the security screen when locked out.

The solution is to ensure that setPasswordEntryInputEnabled(false) when
locked out to prevent any input at all in the text field. Additionally,
we cache the locked out state and use this as a condition to proceed or
not when verifying the password to unlock.

Fixes: 284441628
Test: tested lockout with password, pin, and pattern, with power cycling
and doing various inputs.
Test: added a unit test

Change-Id: Iceb71eb2a79e14e3c62f7ac63c3c06275af0cecf
parent 205c965c

packages/SystemUI/src/com/android/keyguard/KeyguardAbsKeyInputViewController.java

+5 −0
Original line number Diff line number Diff line
@@ -53,6 +53,7 @@ public abstract class KeyguardAbsKeyInputViewController<T extends KeyguardAbsKey 
    private boolean mDismissing;

    protected AsyncTask<?, ?, ?> mPendingLockCheck;

    protected boolean mResumed;

    protected boolean mLockedOut;



    private final KeyDownListener mKeyDownListener = (keyCode, keyEvent) -> {

        // Fingerprint sensor sends a KeyEvent.KEYCODE_UNKNOWN.
@@ -137,6 +138,8 @@ public abstract class KeyguardAbsKeyInputViewController<T extends KeyguardAbsKey 
    // Prevent user from using the PIN/Password entry until scheduled deadline.

    protected void handleAttemptLockout(long elapsedRealtimeDeadline) {

        mView.setPasswordEntryEnabled(false);

        mView.setPasswordEntryInputEnabled(false);

        mLockedOut = true;

        long elapsedRealtime = SystemClock.elapsedRealtime();

        long secondsInFuture = (long) Math.ceil(

                (elapsedRealtimeDeadline - elapsedRealtime) / 1000.0);
@@ -158,6 +161,7 @@ public abstract class KeyguardAbsKeyInputViewController<T extends KeyguardAbsKey 
            @Override

            public void onFinish() {

                mMessageAreaController.setMessage("");

                mLockedOut = false;

                resetState();

            }

        }.start();
@@ -193,6 +197,7 @@ public abstract class KeyguardAbsKeyInputViewController<T extends KeyguardAbsKey 


    protected void verifyPasswordAndUnlock() {

        if (mDismissing) return; // already verified but haven't been dismissed; don't do it again.

        if (mLockedOut) return;



        final LockscreenCredential password = mView.getEnteredCredential();

        mView.setPasswordEntryInputEnabled(false);

packages/SystemUI/tests/src/com/android/keyguard/KeyguardAbsKeyInputViewControllerTest.java

+12 −0
Original line number Diff line number Diff line
@@ -26,6 +26,7 @@ import static org.mockito.Mockito.verify; 
import static org.mockito.Mockito.verifyZeroInteractions;

import static org.mockito.Mockito.when;



import android.os.SystemClock;

import android.testing.AndroidTestingRunner;

import android.testing.TestableLooper.RunWithLooper;

import android.view.KeyEvent;
@@ -183,4 +184,15 @@ public class KeyguardAbsKeyInputViewControllerTest extends SysuiTestCase { 
        mKeyguardAbsKeyInputViewController.onResume(KeyguardSecurityView.VIEW_REVEALED);

        verify(mLockPatternUtils).getLockoutAttemptDeadline(anyInt());

    }



    @Test

    public void testLockedOut_verifyPasswordAndUnlock_doesNotEnableViewInput() {

        mKeyguardAbsKeyInputViewController.handleAttemptLockout(

                SystemClock.elapsedRealtime() + 1000);

        mKeyguardAbsKeyInputViewController.verifyPasswordAndUnlock();

        verify(mAbsKeyInputView).setPasswordEntryInputEnabled(false);

        verify(mAbsKeyInputView).setPasswordEntryEnabled(false);

        verify(mAbsKeyInputView, never()).setPasswordEntryInputEnabled(true);

        verify(mAbsKeyInputView, never()).setPasswordEntryEnabled(true);

    }

}