Add a method which allows storing PIN length on disk from cache (b9dc08c0) · Commits · e / os / android_frameworks_base

core/java/com/android/internal/widget/ILockSettings.aidl

+1 −0

Original line number	Original line	Diff line number	Diff line
	@@ -57,6 +57,7 @@ interface ILockSettings {
	void removeGatekeeperPasswordHandle(long gatekeeperPasswordHandle);		void removeGatekeeperPasswordHandle(long gatekeeperPasswordHandle);
	int getCredentialType(int userId);		int getCredentialType(int userId);
	int getPinLength(int userId);		int getPinLength(int userId);
			boolean refreshStoredPinLength(int userId);
	byte[] getHashFactor(in LockscreenCredential currentCredential, int userId);		byte[] getHashFactor(in LockscreenCredential currentCredential, int userId);
	void setSeparateProfileChallengeEnabled(int userId, boolean enabled, in LockscreenCredential managedUserPassword);		void setSeparateProfileChallengeEnabled(int userId, boolean enabled, in LockscreenCredential managedUserPassword);
	boolean getSeparateProfileChallengeEnabled(int userId);		boolean getSeparateProfileChallengeEnabled(int userId);

core/java/com/android/internal/widget/LockPatternUtils.java

+18 −0

Original line number	Original line	Diff line number	Diff line
	@@ -622,6 +622,24 @@ public class LockPatternUtils {
	return PIN_LENGTH_UNAVAILABLE;		return PIN_LENGTH_UNAVAILABLE;
	}		}
	}		}

			/**
			* This method saves the pin length value to disk based on the user's auto pin
			* confirmation flag setting. If the auto pin confirmation flag is disabled, or if the
			* user does not have a PIN setup, or if length of PIN is less than minimum storable PIN length
			* value, the pin length value is set to PIN_LENGTH_UNAVAILABLE. Otherwise, if the
			* flag is enabled, the pin length value is set to the actual length of the user's PIN.
			* @param userId user id of the user whose pin length we want to save
			* @return true/false depending on whether PIN length has been saved or not
			*/
			public boolean refreshStoredPinLength(int userId) {
			try {
			return getLockSettings().refreshStoredPinLength(userId);
			} catch (RemoteException e) {
			Log.e(TAG, "Could not store PIN length on disk " + e);
			return false;
			}
			}
	/**		/**
	* Records that the user has chosen a pattern at some time, even if the pattern is		* Records that the user has chosen a pattern at some time, even if the pattern is
	* currently cleared.		* currently cleared.

services/core/java/com/android/server/locksettings/LockSettingsService.java

+21 −0

Original line number	Original line	Diff line number	Diff line
	@@ -116,6 +116,7 @@ import android.text.TextUtils;
	import android.util.ArrayMap;		import android.util.ArrayMap;
	import android.util.ArraySet;		import android.util.ArraySet;
	import android.util.EventLog;		import android.util.EventLog;
			import android.util.Log;
	import android.util.LongSparseArray;		import android.util.LongSparseArray;
	import android.util.Slog;		import android.util.Slog;
	import android.util.SparseArray;		import android.util.SparseArray;
	@@ -1228,6 +1229,26 @@ public class LockSettingsService extends ILockSettings.Stub {
	}		}
	}		}

			/**
			* {@link LockPatternUtils#refreshStoredPinLength(int)}
			* @param userId user id of the user whose pin length we want to save
			* @return true/false depending on whether PIN length has been saved or not
			*/
			@Override
			public boolean refreshStoredPinLength(int userId) {
			checkPasswordHavePermission();
			synchronized (mSpManager) {
			PasswordMetrics passwordMetrics = getUserPasswordMetrics(userId);
			if (passwordMetrics != null) {
			final long protectorId = getCurrentLskfBasedProtectorId(userId);
			return mSpManager.refreshPinLengthOnDisk(passwordMetrics, protectorId, userId);
			} else {
			Log.w(TAG, "PasswordMetrics is not available");
			return false;
			}
			}
			}

	/**		/**
	* This API is cached; whenever the result would change,		* This API is cached; whenever the result would change,
	* {@link com.android.internal.widget.LockPatternUtils#invalidateCredentialTypeCache}		* {@link com.android.internal.widget.LockPatternUtils#invalidateCredentialTypeCache}

services/core/java/com/android/server/locksettings/LockSettingsStorage.java

+5 −0

Original line number	Original line	Diff line number	Diff line
	@@ -120,6 +120,11 @@ class LockSettingsStorage {
	writeKeyValue(mOpenHelper.getWritableDatabase(), key, value, userId);		writeKeyValue(mOpenHelper.getWritableDatabase(), key, value, userId);
	}		}

			@VisibleForTesting
			public boolean isAutoPinConfirmSettingEnabled(int userId) {
			return getBoolean(LockPatternUtils.AUTO_PIN_CONFIRM, false, userId);
			}

	@VisibleForTesting		@VisibleForTesting
	public void writeKeyValue(SQLiteDatabase db, String key, String value, int userId) {		public void writeKeyValue(SQLiteDatabase db, String key, String value, int userId) {
	ContentValues cv = new ContentValues();		ContentValues cv = new ContentValues();

services/core/java/com/android/server/locksettings/SyntheticPasswordManager.java

+42 −16

Original line number	Original line	Diff line number	Diff line
	@@ -16,6 +16,7 @@

	package com.android.server.locksettings;		package com.android.server.locksettings;

			import static com.android.internal.widget.LockPatternUtils.CREDENTIAL_TYPE_PIN;
	import static com.android.internal.widget.LockPatternUtils.EscrowTokenStateChangeCallback;		import static com.android.internal.widget.LockPatternUtils.EscrowTokenStateChangeCallback;
	import static com.android.internal.widget.LockPatternUtils.PIN_LENGTH_UNAVAILABLE;		import static com.android.internal.widget.LockPatternUtils.PIN_LENGTH_UNAVAILABLE;

	@@ -545,6 +546,11 @@ class SyntheticPasswordManager {
	return null;		return null;
	}		}

			@VisibleForTesting
			public boolean isAutoPinConfirmationFeatureAvailable() {
			return LockPatternUtils.isAutoPinConfirmFeatureAvailable();
			}

	private synchronized boolean isWeaverAvailable() {		private synchronized boolean isWeaverAvailable() {
	if (mWeaver != null) {		if (mWeaver != null) {
	return true;		return true;
	@@ -901,8 +907,8 @@ class SyntheticPasswordManager {
	LockscreenCredential credential, SyntheticPassword sp, int userId) {		LockscreenCredential credential, SyntheticPassword sp, int userId) {
	long protectorId = generateProtectorId();		long protectorId = generateProtectorId();
	int pinLength = PIN_LENGTH_UNAVAILABLE;		int pinLength = PIN_LENGTH_UNAVAILABLE;
	if (LockPatternUtils.isAutoPinConfirmFeatureAvailable()) {		if (isAutoPinConfirmationFeatureAvailable()) {
	pinLength = derivePinLength(credential, userId);		pinLength = derivePinLength(credential.size(), credential.isPin(), userId);
	}		}
	// There's no need to store password data about an empty LSKF.		// There's no need to store password data about an empty LSKF.
	PasswordData pwd = credential.isNone() ? null :		PasswordData pwd = credential.isNone() ? null :
	@@ -978,13 +984,13 @@ class SyntheticPasswordManager {
	return protectorId;		return protectorId;
	}		}

	private int derivePinLength(LockscreenCredential credential, int userId) {		private int derivePinLength(int sizeOfCredential, boolean isPinCredential, int userId) {
	if (!credential.isPin()		if (!isPinCredential
	\|\| !mStorage.getBoolean(LockPatternUtils.AUTO_PIN_CONFIRM, false, userId)		\|\| !mStorage.isAutoPinConfirmSettingEnabled(userId)
	\|\| credential.size() < LockPatternUtils.MIN_AUTO_PIN_REQUIREMENT_LENGTH) {		\|\| sizeOfCredential < LockPatternUtils.MIN_AUTO_PIN_REQUIREMENT_LENGTH) {
	return PIN_LENGTH_UNAVAILABLE;		return PIN_LENGTH_UNAVAILABLE;
	}		}
	return credential.size();		return sizeOfCredential;
	}		}

	public VerifyCredentialResponse verifyFrpCredential(IGateKeeperService gatekeeper,		public VerifyCredentialResponse verifyFrpCredential(IGateKeeperService gatekeeper,
	@@ -1347,16 +1353,36 @@ class SyntheticPasswordManager {
	savePasswordMetrics(credential, result.syntheticPassword, protectorId, userId);		savePasswordMetrics(credential, result.syntheticPassword, protectorId, userId);
	syncState(userId); // Not strictly needed as the upgrade can be re-done, but be safe.		syncState(userId); // Not strictly needed as the upgrade can be re-done, but be safe.
	}		}
	if (LockPatternUtils.isAutoPinConfirmFeatureAvailable()		return result;
	&& result.syntheticPassword != null && pwd != null) {		}
	int expectedPinLength = derivePinLength(credential, userId);
	if (pwd.pinLength != expectedPinLength) {		/**
	pwd.pinLength = expectedPinLength;		* {@link LockPatternUtils#refreshStoredPinLength(int)}
			* @param passwordMetrics passwordMetrics object containing the cached pin length
			* @param userId userId of the user whose pin length we want to store on disk
			* @param protectorId current LSKF based protectorId
			* @return true/false depending on whether PIN length has been saved on disk
			*/
			public boolean refreshPinLengthOnDisk(PasswordMetrics passwordMetrics,
			long protectorId, int userId) {
			if (!isAutoPinConfirmationFeatureAvailable()) {
			return false;
			}

			byte[] pwdDataBytes = loadState(PASSWORD_DATA_NAME, protectorId, userId);
			if (pwdDataBytes == null) {
			return false;
			}

			PasswordData pwd = PasswordData.fromBytes(pwdDataBytes);
			int pinLength = derivePinLength(passwordMetrics.length,
			passwordMetrics.credType == CREDENTIAL_TYPE_PIN, userId);
			if (pwd.pinLength != pinLength) {
			pwd.pinLength = pinLength;
	saveState(PASSWORD_DATA_NAME, pwd.toBytes(), protectorId, userId);		saveState(PASSWORD_DATA_NAME, pwd.toBytes(), protectorId, userId);
	syncState(userId);		syncState(userId);
	}		}
	}		return true;
	return result;
	}		}

	/**		/**