locksettings: improve logging of LSKF verification am: 6318c7e1

    }

    private void unlockKeystore(byte[] password, int userHandle) {

        if (DEBUG) Slog.v(TAG, "Unlock keystore for user: " + userHandle);

        Authorization.onLockScreenEvent(false, userHandle, password, null);

    }

            NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException,

            InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException,

            CertificateException, IOException {

        if (DEBUG) Slog.v(TAG, "Get child profile decrypted key");

        Slogf.d(TAG, "Decrypting password for tied profile %d", userId);

        byte[] storedData = mStorage.readChildProfileLock(userId);

        if (storedData == null) {

            throw new FileNotFoundException("Child profile lock file not found");

     * {@link com.android.server.SystemServiceManager#unlockUser} </em>

     */

    private void unlockUser(@UserIdInt int userId) {

        Slogf.i(TAG, "Unlocking user %d", userId);

        // TODO: make this method fully async so we can update UI with progress strings

        final boolean alreadyUnlocked = mUserManager.isUserUnlockingOrUnlocked(userId);

        final CountDownLatch latch = new CountDownLatch(1);

            Slog.e(TAG, "FRP credential can only be verified prior to provisioning.");

            return VerifyCredentialResponse.ERROR;

        }

        Slog.d(TAG, "doVerifyCredential: user=" + userId);

        Slogf.i(TAG, "Verifying lockscreen credential for user %d", userId);

        final AuthenticationResult authResult;

        VerifyCredentialResponse response;

            }

        }

        if (response.getResponseCode() == VerifyCredentialResponse.RESPONSE_OK) {

            Slogf.i(TAG, "Successfully verified lockscreen credential for user %d", userId);

            onCredentialVerified(authResult.syntheticPassword,

                    PasswordMetrics.computeForCredential(credential), userId);

            if ((flags & VERIFY_FLAG_REQUEST_GK_PW_HANDLE) != 0) {

    public byte[] getHashFactor(LockscreenCredential currentCredential, int userId) {

        checkPasswordReadPermission();

        try {

            Slogf.d(TAG, "Getting password history hash factor for user %d", userId);

            if (isProfileWithUnifiedLock(userId)) {

                try {

                    currentCredential = getDecryptedPasswordForTiedProfile(userId);

            synchronized (mSpManager) {

                mSpManager.verifyChallenge(getGateKeeperService(), sp, 0L, userId);

            }

            Slogf.i(TAG, "Restored synthetic password for user %d using reboot escrow", userId);

            onCredentialVerified(sp, loadPasswordMetrics(sp, userId), userId);

        }

    }

            storedType = pwd.credentialType;

        }

        if (!credential.checkAgainstStoredType(storedType)) {

            Slog.e(TAG, TextUtils.formatSimple("Credential type mismatch: expected %d actual %d",

                    storedType, credential.getType()));

            Slogf.e(TAG, "Credential type mismatch: stored type is %s but provided type is %s",

                    LockPatternUtils.credentialTypeToString(storedType),

                    LockPatternUtils.credentialTypeToString(credential.getType()));

            result.gkResponse = VerifyCredentialResponse.ERROR;

            return result;

        }