Merge changes If683f4c3,Ic361128a,I9c45eb00,Iaf4be81a,I17b60363 into main (b662dcea) · Commits · e / os / android_frameworks_base

core/java/android/app/KeyguardManager.java

+1 −1

Original line number	Diff line number	Diff line
		@@ -1285,7 +1285,7 @@ public class KeyguardManager {
		if (response == null) {
		return false;
		}
		return response.getResponseCode() == VerifyCredentialResponse.RESPONSE_OK;
		return response.isMatched();
		}
		}

core/java/com/android/internal/widget/LockPatternChecker.java

+4 −5

Original line number	Diff line number	Diff line
		package com.android.internal.widget;

		import static com.android.internal.widget.flags.Flags.runCheckCredentialWithHigherPriority;

		import android.annotation.NonNull;
		import android.os.AsyncTask;
		import android.os.Process;

		import android.util.Log;

		import com.android.internal.widget.LockPatternUtils.RequestThrottledException;

		import static com.android.internal.widget.flags.Flags.runCheckCredentialWithHigherPriority;

		/**
		* Helper class to check/verify PIN/Password/Pattern asynchronously.
		*/
		@@ -52,8 +51,8 @@ public final class LockPatternChecker {
		* Invoked when a security verification is finished.
		*
		* @param response The response, optionally containing Gatekeeper HAT or Gatekeeper Password
		* @param throttleTimeoutMs The amount of time in ms to wait before reattempting
		* the call. Only non-0 if the response is {@link VerifyCredentialResponse#RESPONSE_RETRY}.
		* @param throttleTimeoutMs The amount of time in ms to wait before reattempting the call.
		* Only non-0 if {@link VerifyCredentialResponse#hasTimeout()}.
		*/
		void onVerified(@NonNull VerifyCredentialResponse response, int throttleTimeoutMs);
		}

core/java/com/android/internal/widget/LockPatternUtils.java

+2 −2

Original line number	Diff line number	Diff line
		@@ -518,9 +518,9 @@ public class LockPatternUtils {
		credential, userId, wrapCallback(progressCallback));
		if (response == null) {
		return false;
		} else if (response.getResponseCode() == VerifyCredentialResponse.RESPONSE_OK) {
		} else if (response.isMatched()) {
		return true;
		} else if (response.getResponseCode() == VerifyCredentialResponse.RESPONSE_RETRY) {
		} else if (response.hasTimeout()) {
		throw new RequestThrottledException(response.getTimeout());
		} else {
		return false;

core/java/com/android/internal/widget/VerifyCredentialResponse.java

+67 −11

Original line number	Diff line number	Diff line
		@@ -39,29 +39,29 @@ public final class VerifyCredentialResponse implements Parcelable {
		* Credential verification failed for a reason that isn't covered by one of the more specific
		* response codes.
		*/
		public static final int RESPONSE_OTHER_ERROR = -1;
		private static final int RESPONSE_OTHER_ERROR = -1;

		/** Credential was successfully verified. */
		public static final int RESPONSE_OK = 0;
		private static final int RESPONSE_OK = 0;

		/**
		* Either the credential could not be verified because a timeout is still active, or the
		* credential was incorrect and there is a timeout before the next attempt will be allowed.
		* {@link #getTimeout()} gives the timeout.
		*/
		public static final int RESPONSE_RETRY = 1;
		private static final int RESPONSE_RETRY = 1;

		/** Credential was shorter than the minimum length. */
		public static final int RESPONSE_CRED_TOO_SHORT = 2;
		private static final int RESPONSE_CRED_TOO_SHORT = 2;

		/** Credential was incorrect and was already tried recently. */
		public static final int RESPONSE_CRED_ALREADY_TRIED = 3;
		private static final int RESPONSE_CRED_ALREADY_TRIED = 3;

		/**
		* Credential was incorrect and none of {@link #RESPONSE_RETRY}, {@link
		* #RESPONSE_CRED_TOO_SHORT}, or {@link #RESPONSE_CRED_ALREADY_TRIED} applies.
		*/
		public static final int RESPONSE_CRED_INCORRECT = 4;
		private static final int RESPONSE_CRED_INCORRECT = 4;

		@IntDef({
		RESPONSE_OTHER_ERROR,
		@@ -176,11 +176,26 @@ public final class VerifyCredentialResponse implements Parcelable {
		return fromError(RESPONSE_OTHER_ERROR);
		}

		/** Builds a {@link VerifyCredentialResponse} with {@link #RESPONSE_CRED_TOO_SHORT}. */
		public static VerifyCredentialResponse credTooShort() {
		return fromError(RESPONSE_CRED_TOO_SHORT);
		}

		/** Builds a {@link VerifyCredentialResponse} with {@link #RESPONSE_CRED_ALREADY_TRIED}. */
		public static VerifyCredentialResponse credAlreadyTried() {
		return fromError(RESPONSE_CRED_ALREADY_TRIED);
		}

		/** Builds a {@link VerifyCredentialResponse} with {@link #RESPONSE_CRED_INCORRECT}. */
		public static VerifyCredentialResponse credIncorrect() {
		return fromError(RESPONSE_CRED_INCORRECT);
		}

		/**
		* Builds a {@link VerifyCredentialResponse} for an error response that does not use any of the
		* additional fields.
		*/
		public static VerifyCredentialResponse fromError(@ResponseCode int responseCode) {
		private static VerifyCredentialResponse fromError(@ResponseCode int responseCode) {
		Preconditions.checkArgument(
		responseCode == RESPONSE_OTHER_ERROR
		\|\| responseCode == RESPONSE_CRED_TOO_SHORT
		@@ -235,14 +250,55 @@ public final class VerifyCredentialResponse implements Parcelable {
		return Duration.ofMillis(mTimeout);
		}

		public @ResponseCode int getResponseCode() {
		return mResponseCode;
		}

		/** Returns true if credential verification succeeded. */
		public boolean isMatched() {
		return mResponseCode == RESPONSE_OK;
		}

		/**
		* Returns true if credential verification failed and there is a timeout before the next request
		* will be allowed.
		*/
		public boolean hasTimeout() {
		return mResponseCode == RESPONSE_RETRY;
		}

		/**
		* Returns true if credential verification failed because the credential was shorter than the
		* minimum length.
		*/
		public boolean isCredTooShort() {
		return mResponseCode == RESPONSE_CRED_TOO_SHORT;
		}

		/**
		* Returns true if credential verification failed because the credential was incorrect and was
		* already tried recently.
		*/
		public boolean isCredAlreadyTried() {
		return mResponseCode == RESPONSE_CRED_ALREADY_TRIED;
		}

		/**
		* Returns true if the credential is known for certain to be incorrect. Returns false in all
		* other cases: credential verification succeeded, or credential verification failed but it is
		* not known for certain that the credential is incorrect. (A credential that failed to verify
		* could still be correct if there is an active timeout or if there was a transient error.)
		*/
		public boolean isCredCertainlyIncorrect() {
		return mResponseCode == RESPONSE_CRED_TOO_SHORT
		\|\| mResponseCode == RESPONSE_CRED_ALREADY_TRIED
		\|\| mResponseCode == RESPONSE_CRED_INCORRECT;
		}

		/**
		* Returns true if credential verification failed for a reason that isn't covered by {@link
		* #hasTimeout()} or {@link #isCredCertainlyIncorrect()}.
		*/
		public boolean isOtherError() {
		return mResponseCode == RESPONSE_OTHER_ERROR;
		}

		@Override
		public String toString() {
		return "Response: " + mResponseCode

services/core/java/com/android/server/locksettings/BiometricDeferredQueue.java

+2 −3

Original line number	Diff line number	Diff line
		@@ -300,9 +300,8 @@ public class BiometricDeferredQueue {
		Slog.wtf(TAG, "VerifyChallenge failed, null response");
		return null;
		}
		if (response.getResponseCode() != VerifyCredentialResponse.RESPONSE_OK) {
		Slog.wtf(TAG, "VerifyChallenge failed, response: "
		+ response.getResponseCode());
		if (!response.isMatched()) {
		Slog.wtf(TAG, "VerifyChallenge failed: " + response);
		return null;
		}
		if (response.getGatekeeperHAT() == null) {