Merge changes Iba28fb35,I72ddc018 into main

import com.android.internal.annotations.VisibleForTesting;

import com.android.internal.util.ArrayUtils;

import com.android.server.LocalServices;

import com.google.android.collect.Lists;

        }

    }

    private LockSettingsInternal getLockSettingsInternal() {

        LockSettingsInternal service = LocalServices.getService(LockSettingsInternal.class);

        if (service == null) {

            throw new SecurityException("Only available to system server itself");

        }

        return service;

    }

    /**

     * Create an escrow token for the current user, which can later be used to unlock FBE

     * or change user password.

     *

     * After adding, if the user currently has lockscreen password, they will need to perform a

     * confirm credential operation in order to activate the token for future use. If the user

     * has no secure lockscreen, then the token is activated immediately.

     *

     * <p>This method is only available to code running in the system server process itself.

     *

     * @return a unique 64-bit token handle which is needed to refer to this token later.

     */

    public long addEscrowToken(byte[] token, int userId,

            @Nullable EscrowTokenStateChangeCallback callback) {

        return getLockSettingsInternal().addEscrowToken(token, userId, callback);

    }

    /**

     * Create a weak escrow token for the current user, which can later be used to unlock FBE

     * or change user password.

        }

    }

    /**

     * Callback interface to notify when an added escrow token has been activated.

     */

    public interface EscrowTokenStateChangeCallback {

        /**

         * The method to be called when the token is activated.

         * @param handle 64 bit handle corresponding to the escrow token

         * @param userId user for whom the escrow token has been added

         */

        void onEscrowTokenActivated(long handle, int userId);

    }

    /**

     * Remove an escrow token.

     *

     * <p>This method is only available to code running in the system server process itself.

     *

     * @return true if the given handle refers to a valid token previously returned from

     * {@link #addEscrowToken}, whether it's active or not. return false otherwise.

     */

    public boolean removeEscrowToken(long handle, int userId) {

        return getLockSettingsInternal().removeEscrowToken(handle, userId);

    }

    /**

     * Remove a weak escrow token.

     *

    }

    /**

     * Check if the given escrow token is active or not. Only active token can be used to call

     * {@link #setLockCredentialWithToken} and {@link #unlockUserWithToken}

     *

     * <p>This method is only available to code running in the system server process itself.

     */

    public boolean isEscrowTokenActive(long handle, int userId) {

        return getLockSettingsInternal().isEscrowTokenActive(handle, userId);

    }

    /**

     * Check if the given weak escrow token is active or not. Only active token can be used to call

     * {@link #setLockCredentialWithToken} and {@link #unlockUserWithToken}

     * Checks if the given weak escrow token is active or not. Only an active token can be used to

     * set the user's lock credential or unlock the user.

     */

    public boolean isWeakEscrowTokenActive(long handle, int userId) {

        try {

        }

    }

    /**

     * Change a user's lock credential with a pre-configured escrow token.

     *

     * <p>This method is only available to code running in the system server process itself.

     *

     * @param credential The new credential to be set

     * @param tokenHandle Handle of the escrow token

     * @param token Escrow token

     * @param userHandle The user who's lock credential to be changed

     * @return {@code true} if the operation is successful.

     */

    public boolean setLockCredentialWithToken(@NonNull LockscreenCredential credential,

            long tokenHandle, byte[] token, int userHandle) {

        if (!hasSecureLockScreen() && credential.getType() != CREDENTIAL_TYPE_NONE) {

            throw new UnsupportedOperationException(

                    "This operation requires the lock screen feature.");

        }

        LockSettingsInternal localService = getLockSettingsInternal();

        return localService.setLockCredentialWithToken(credential, tokenHandle, token, userHandle);

    }

    /**

     * Unlock the specified user by an pre-activated escrow token. This should have the same effect

     * on device encryption as the user entering their lockscreen credentials for the first time after

     * boot, this includes unlocking the user's credential-encrypted storage as well as the keystore

     *

     * <p>This method is only available to code running in the system server process itself.

     *

     * @return {@code true} if the supplied token is valid and unlock succeeds,

     *         {@code false} otherwise.

     */

    public boolean unlockUserWithToken(long tokenHandle, byte[] token, int userId) {

        return getLockSettingsInternal().unlockUserWithToken(tokenHandle, token, userId);

    }

    /**

     * Callback to be notified about progress when checking credentials.

     */

        }

    }

    public void createNewUser(@UserIdInt int userId, int userSerialNumber) {

        getLockSettingsInternal().createNewUser(userId, userSerialNumber);

    }

    public void removeUser(@UserIdInt int userId) {

        getLockSettingsInternal().removeUser(userId);

    }

   /**

     * Starts a session to verify lockscreen credentials provided by a remote device.

     */

/*

 * Copyright (C) 2025 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

package com.android.server.locksettings;

/**

 * Callback interface to notify when an added escrow token has been activated.

 */

public interface EscrowTokenStateChangeCallback {

    /**

     * The method to be called when the token is activated.

     * @param handle 64 bit handle corresponding to the escrow token

     * @param userId user for whom the escrow token has been added

     */

    void onEscrowTokenActivated(long handle, int userId);

}

 * limitations under the License.

 */

package com.android.internal.widget;

package com.android.server.locksettings;

import android.annotation.IntDef;

import android.annotation.Nullable;

import android.annotation.UserIdInt;

import android.app.admin.PasswordMetrics;

import com.android.internal.widget.LockscreenCredential;

import java.lang.annotation.Retention;

import java.lang.annotation.RetentionPolicy;

/**

 * LockSettingsService local system service interface.

 *

 * @hide Only for use within the system server.

 */

public abstract class LockSettingsInternal {

    /** ErrorCode for armRebootEscrow failures. **/

     * @return a unique 64-bit token handle which is needed to refer to this token later.

     */

    public abstract long addEscrowToken(byte[] token, int userId,

            LockPatternUtils.EscrowTokenStateChangeCallback callback);

            EscrowTokenStateChangeCallback callback);

    /**

     * Remove an escrow token.

    public abstract boolean isEscrowTokenActive(long handle, int userId);

    /**

     * Set the lock credential.

     * Changes a user's lockscreen credential using a pre-activated escrow token.

     *

     * @return true if password is set.

     * @param credential The new credential to be set

     * @param tokenHandle Handle of the escrow token

     * @param token Escrow token

     * @param userId The ID of the user whose lockscreen credential to change

     * @return {@code true} if the operation is successful

     */

    public abstract boolean setLockCredentialWithToken(LockscreenCredential credential,

            long tokenHandle, byte[] token, int userId);

    /**

     * Unlocks the specified user using a pre-activated escrow token. This has the same effect on

     * device encryption as the user entering their lockscreen credential for the first time after

     * boot. This includes unlocking the user's credential-encrypted storage and keystore.

     *

     * @return {@code true} if the supplied token is valid and unlock succeeds,

     *         {@code false} otherwise.

     */

    public abstract boolean unlockUserWithToken(long tokenHandle, byte[] token, int userId);

    /**

import static com.android.internal.widget.LockPatternUtils.CREDENTIAL_TYPE_PASSWORD_OR_PIN;

import static com.android.internal.widget.LockPatternUtils.CREDENTIAL_TYPE_PIN;

import static com.android.internal.widget.LockPatternUtils.CURRENT_LSKF_BASED_PROTECTOR_ID_KEY;

import static com.android.internal.widget.LockPatternUtils.EscrowTokenStateChangeCallback;

import static com.android.internal.widget.LockPatternUtils.PIN_LENGTH_UNAVAILABLE;

import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_LOCKOUT;

import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_FOR_UNATTENDED_UPDATE;

import com.android.internal.widget.IWeakEscrowTokenActivatedListener;

import com.android.internal.widget.IWeakEscrowTokenRemovedListener;

import com.android.internal.widget.LockPatternUtils;

import com.android.internal.widget.LockSettingsInternal;

import com.android.internal.widget.LockSettingsStateListener;

import com.android.internal.widget.LockscreenCredential;

import com.android.internal.widget.RebootEscrowListener;

import com.android.internal.widget.VerifyCredentialResponse;

import com.android.server.LocalServices;

import com.android.server.ServiceThread;

        @Override

        public boolean setLockCredentialWithToken(LockscreenCredential credential, long tokenHandle,

                byte[] token, int userId) {

        if (!mHasSecureLockScreen

                && credential != null && credential.getType() != CREDENTIAL_TYPE_NONE) {

            if (!mHasSecureLockScreen && credential.getType() != CREDENTIAL_TYPE_NONE) {

                throw new UnsupportedOperationException(

                        "This operation requires secure lock screen feature.");

                        "This operation requires the lock screen feature.");

            }

            if (!LockSettingsService.this.setLockCredentialWithToken(

                    credential, tokenHandle, token, userId)) {

 * limitations under the License.

 */

package com.android.internal.widget;

package com.android.server.locksettings;

/**

 * Callback interface between LockSettingService and other system services to be notified about the

 * state of primary authentication (i.e. PIN/pattern/password).

 * @hide

 */

public interface LockSettingsStateListener {

    /**