Properly validate credential in setLock(int, byte[], int, byte[]) am: 27a062bc am: 303d2547

import com.android.internal.widget.LockPatternUtils;

import com.android.internal.widget.LockPatternView;

import com.android.internal.widget.LockscreenCredential;

import com.android.internal.widget.PasswordValidationError;

import com.android.internal.widget.VerifyCredentialResponse;

import java.nio.charset.Charset;

        }

        Objects.requireNonNull(password, "Password cannot be null.");

        complexity = PasswordMetrics.sanitizeComplexityLevel(complexity);

        // TODO: b/131755827 add devicePolicyManager support for Auto

        DevicePolicyManager devicePolicyManager =

                (DevicePolicyManager) mContext.getSystemService(Context.DEVICE_POLICY_SERVICE);

        PasswordMetrics adminMetrics =

                devicePolicyManager.getPasswordMinimumMetrics(mContext.getUserId());

                mLockPatternUtils.getRequestedPasswordMetrics(mContext.getUserId());

        try (LockscreenCredential credential = createLockscreenCredential(lockType, password)) {

            return PasswordMetrics.validateCredential(adminMetrics, complexity,

                    credential).size() == 0;

            return -1;

        }

        complexity = PasswordMetrics.sanitizeComplexityLevel(complexity);

        // TODO: b/131755827 add devicePolicyManager support for Auto

        DevicePolicyManager devicePolicyManager =

                (DevicePolicyManager) mContext.getSystemService(Context.DEVICE_POLICY_SERVICE);

        PasswordMetrics adminMetrics =

                devicePolicyManager.getPasswordMinimumMetrics(mContext.getUserId());

                mLockPatternUtils.getRequestedPasswordMetrics(mContext.getUserId());

        PasswordMetrics minMetrics =

                PasswordMetrics.applyComplexity(adminMetrics, isPin, complexity);

        return minMetrics.length;

                currentLockType, currentPassword);

        LockscreenCredential newCredential = createLockscreenCredential(

                newLockType, newPassword);

        PasswordMetrics adminMetrics =

                mLockPatternUtils.getRequestedPasswordMetrics(mContext.getUserId());

        List<PasswordValidationError> errors = PasswordMetrics.validateCredential(adminMetrics,

                DevicePolicyManager.PASSWORD_COMPLEXITY_NONE, newCredential);

        if (!errors.isEmpty()) {

            Log.e(TAG, "New credential is not valid: " + errors.get(0));

            return false;

        }

        return mLockPatternUtils.setLockCredential(newCredential, currentCredential, userId);

    }

        assertFalse(mKeyguardManager.isDeviceSecure());

    }

    @Test

    public void setLock_validatesCredential() {

        // setLock() should validate the credential before setting it.  Test one example, which is

        // that PINs must contain only ASCII digits 0-9, i.e. bytes 48-57.  Using bytes 0-9 is

        // incorrect and should *not* be accepted.

        byte[] invalidPin = new byte[] { 1, 2, 3, 4 };

        byte[] validPin = "1234".getBytes();

        assertFalse(mKeyguardManager.setLock(KeyguardManager.PIN, invalidPin, -1, null));

        assertFalse(mKeyguardManager.isDeviceSecure());

        assertTrue(mKeyguardManager.setLock(KeyguardManager.PIN, validPin, -1, null));

        assertTrue(mKeyguardManager.isDeviceSecure());

        assertTrue(mKeyguardManager.setLock(-1, null, KeyguardManager.PIN, validPin));

    }

    @Test

    public void checkLock_correctCredentials() {

        // Set to `true` to behave as if SET_INITIAL_LOCK permission had been granted.