Loading core/java/com/android/internal/widget/LockPatternUtils.java +1 −18 Original line number Diff line number Diff line Loading @@ -558,7 +558,7 @@ public class LockPatternUtils { /** * Returns the password history hash factor, needed to check new password against password * history with {@link #checkPasswordHistory(String, byte[], int)} * history with {@link #checkPasswordHistory(byte[], byte[], int)} */ public byte[] getPasswordHistoryHashFactor(byte[] currentPassword, int userId) { try { Loading Loading @@ -1242,23 +1242,6 @@ public class LockPatternUtils { return res; } /** * Transform a pattern byte array to base zero form. * @param bytes pattern byte array. * @return The pattern in base zero form. */ public static byte[] patternByteArrayToBaseZero(byte[] bytes) { if (bytes == null) { return new byte[0]; } final int patternSize = bytes.length; byte[] res = new byte[patternSize]; for (int i = 0; i < patternSize; i++) { res[i] = (byte) (bytes[i] - '1'); } return res; } /* * Generate an SHA-1 hash for the pattern. Not the most secure, but it is * at least a second level of protection. First level is that the file Loading services/core/java/com/android/server/locksettings/LockSettingsService.java +1 −16 Original line number Diff line number Diff line Loading @@ -1853,26 +1853,11 @@ public class LockSettingsService extends ILockSettings.Stub { return VerifyCredentialResponse.ERROR; } boolean shouldReEnrollBaseZero = storedHash.type == CREDENTIAL_TYPE_PATTERN && storedHash.isBaseZeroPattern; byte[] credentialToVerify; if (shouldReEnrollBaseZero) { credentialToVerify = LockPatternUtils.patternByteArrayToBaseZero(credential); } else { credentialToVerify = credential; } response = verifyCredential(userId, storedHash, credentialToVerify, response = verifyCredential(userId, storedHash, credential, challengeType, challenge, progressCallback); if (response.getResponseCode() == VerifyCredentialResponse.RESPONSE_OK) { mStrongAuth.reportSuccessfulStrongAuthUnlock(userId); if (shouldReEnrollBaseZero) { setLockCredentialInternal(credential, storedHash.type, credentialToVerify, DevicePolicyManager.PASSWORD_QUALITY_SOMETHING, userId, false, /* isLockTiedToParent= */ false); } } return response; Loading services/core/java/com/android/server/locksettings/LockSettingsStorage.java +5 −30 Original line number Diff line number Diff line Loading @@ -77,7 +77,6 @@ class LockSettingsStorage { private static final String SYSTEM_DIRECTORY = "/system/"; private static final String LOCK_PATTERN_FILE = "gatekeeper.pattern.key"; private static final String BASE_ZERO_LOCK_PATTERN_FILE = "gatekeeper.gesture.key"; private static final String LOCK_PASSWORD_FILE = "gatekeeper.password.key"; private static final String CHILD_PROFILE_LOCK_FILE = "gatekeeper.profile.key"; Loading @@ -98,33 +97,23 @@ class LockSettingsStorage { private static final int VERSION_GATEKEEPER = 1; private CredentialHash(byte[] hash, @CredentialType int type) { this(hash, type, false /* isBaseZeroPattern */); } private CredentialHash( byte[] hash, @CredentialType int type, boolean isBaseZeroPattern) { if (type != LockPatternUtils.CREDENTIAL_TYPE_NONE) { if (hash == null) { throw new RuntimeException("Empty hash for CredentialHash"); throw new IllegalArgumentException("Empty hash for CredentialHash"); } } else /* type == LockPatternUtils.CREDENTIAL_TYPE_NONE */ { if (hash != null) { throw new RuntimeException("None type CredentialHash should not have hash"); throw new IllegalArgumentException( "None type CredentialHash should not have hash"); } } this.hash = hash; this.type = type; this.isBaseZeroPattern = isBaseZeroPattern; } private static CredentialHash createBaseZeroPattern(byte[] hash) { return new CredentialHash(hash, LockPatternUtils.CREDENTIAL_TYPE_PATTERN, true /* isBaseZeroPattern */); } static CredentialHash create(byte[] hash, int type) { if (type == LockPatternUtils.CREDENTIAL_TYPE_NONE) { throw new RuntimeException("Bad type for CredentialHash"); throw new IllegalArgumentException("Bad type for CredentialHash"); } return new CredentialHash(hash, type); } Loading @@ -135,11 +124,8 @@ class LockSettingsStorage { byte[] hash; @CredentialType int type; boolean isBaseZeroPattern; public byte[] toBytes() { Preconditions.checkState(!isBaseZeroPattern, "base zero patterns are not serializable"); try { ByteArrayOutputStream os = new ByteArrayOutputStream(); DataOutputStream dos = new DataOutputStream(os); Loading Loading @@ -274,12 +260,6 @@ class LockSettingsStorage { if (!ArrayUtils.isEmpty(stored)) { return new CredentialHash(stored, LockPatternUtils.CREDENTIAL_TYPE_PATTERN); } stored = readFile(getBaseZeroLockPatternFilename(userId)); if (!ArrayUtils.isEmpty(stored)) { return CredentialHash.createBaseZeroPattern(stored); } return null; } Loading Loading @@ -323,8 +303,7 @@ class LockSettingsStorage { } public boolean hasPattern(int userId) { return hasFile(getLockPatternFilename(userId)) || hasFile(getBaseZeroLockPatternFilename(userId)); return hasFile(getLockPatternFilename(userId)); } public boolean hasCredential(int userId) { Loading Loading @@ -444,10 +423,6 @@ class LockSettingsStorage { return getLockCredentialFilePathForUser(userId, LOCK_PASSWORD_FILE); } private String getBaseZeroLockPatternFilename(int userId) { return getLockCredentialFilePathForUser(userId, BASE_ZERO_LOCK_PATTERN_FILE); } @VisibleForTesting String getChildProfileLockFile(int userId) { return getLockCredentialFilePathForUser(userId, CHILD_PROFILE_LOCK_FILE); Loading services/tests/servicestests/src/com/android/server/locksettings/LockSettingsStorageTests.java +0 −2 Original line number Diff line number Diff line Loading @@ -436,7 +436,6 @@ public class LockSettingsStorageTests extends AndroidTestCase { assertEquals(LockPatternUtils.CREDENTIAL_TYPE_PASSWORD, deserialized.type); assertArrayEquals(PAYLOAD, deserialized.hash); assertFalse(deserialized.isBaseZeroPattern); } public void testCredentialHash_unserialize_versionGatekeeper() { Loading @@ -452,7 +451,6 @@ public class LockSettingsStorageTests extends AndroidTestCase { assertEquals(LockPatternUtils.CREDENTIAL_TYPE_PASSWORD, deserialized.type); assertArrayEquals(PAYLOAD, deserialized.hash); assertFalse(deserialized.isBaseZeroPattern); // Make sure the constants we use on the wire do not change. assertEquals(-1, LockPatternUtils.CREDENTIAL_TYPE_NONE); Loading Loading
core/java/com/android/internal/widget/LockPatternUtils.java +1 −18 Original line number Diff line number Diff line Loading @@ -558,7 +558,7 @@ public class LockPatternUtils { /** * Returns the password history hash factor, needed to check new password against password * history with {@link #checkPasswordHistory(String, byte[], int)} * history with {@link #checkPasswordHistory(byte[], byte[], int)} */ public byte[] getPasswordHistoryHashFactor(byte[] currentPassword, int userId) { try { Loading Loading @@ -1242,23 +1242,6 @@ public class LockPatternUtils { return res; } /** * Transform a pattern byte array to base zero form. * @param bytes pattern byte array. * @return The pattern in base zero form. */ public static byte[] patternByteArrayToBaseZero(byte[] bytes) { if (bytes == null) { return new byte[0]; } final int patternSize = bytes.length; byte[] res = new byte[patternSize]; for (int i = 0; i < patternSize; i++) { res[i] = (byte) (bytes[i] - '1'); } return res; } /* * Generate an SHA-1 hash for the pattern. Not the most secure, but it is * at least a second level of protection. First level is that the file Loading
services/core/java/com/android/server/locksettings/LockSettingsService.java +1 −16 Original line number Diff line number Diff line Loading @@ -1853,26 +1853,11 @@ public class LockSettingsService extends ILockSettings.Stub { return VerifyCredentialResponse.ERROR; } boolean shouldReEnrollBaseZero = storedHash.type == CREDENTIAL_TYPE_PATTERN && storedHash.isBaseZeroPattern; byte[] credentialToVerify; if (shouldReEnrollBaseZero) { credentialToVerify = LockPatternUtils.patternByteArrayToBaseZero(credential); } else { credentialToVerify = credential; } response = verifyCredential(userId, storedHash, credentialToVerify, response = verifyCredential(userId, storedHash, credential, challengeType, challenge, progressCallback); if (response.getResponseCode() == VerifyCredentialResponse.RESPONSE_OK) { mStrongAuth.reportSuccessfulStrongAuthUnlock(userId); if (shouldReEnrollBaseZero) { setLockCredentialInternal(credential, storedHash.type, credentialToVerify, DevicePolicyManager.PASSWORD_QUALITY_SOMETHING, userId, false, /* isLockTiedToParent= */ false); } } return response; Loading
services/core/java/com/android/server/locksettings/LockSettingsStorage.java +5 −30 Original line number Diff line number Diff line Loading @@ -77,7 +77,6 @@ class LockSettingsStorage { private static final String SYSTEM_DIRECTORY = "/system/"; private static final String LOCK_PATTERN_FILE = "gatekeeper.pattern.key"; private static final String BASE_ZERO_LOCK_PATTERN_FILE = "gatekeeper.gesture.key"; private static final String LOCK_PASSWORD_FILE = "gatekeeper.password.key"; private static final String CHILD_PROFILE_LOCK_FILE = "gatekeeper.profile.key"; Loading @@ -98,33 +97,23 @@ class LockSettingsStorage { private static final int VERSION_GATEKEEPER = 1; private CredentialHash(byte[] hash, @CredentialType int type) { this(hash, type, false /* isBaseZeroPattern */); } private CredentialHash( byte[] hash, @CredentialType int type, boolean isBaseZeroPattern) { if (type != LockPatternUtils.CREDENTIAL_TYPE_NONE) { if (hash == null) { throw new RuntimeException("Empty hash for CredentialHash"); throw new IllegalArgumentException("Empty hash for CredentialHash"); } } else /* type == LockPatternUtils.CREDENTIAL_TYPE_NONE */ { if (hash != null) { throw new RuntimeException("None type CredentialHash should not have hash"); throw new IllegalArgumentException( "None type CredentialHash should not have hash"); } } this.hash = hash; this.type = type; this.isBaseZeroPattern = isBaseZeroPattern; } private static CredentialHash createBaseZeroPattern(byte[] hash) { return new CredentialHash(hash, LockPatternUtils.CREDENTIAL_TYPE_PATTERN, true /* isBaseZeroPattern */); } static CredentialHash create(byte[] hash, int type) { if (type == LockPatternUtils.CREDENTIAL_TYPE_NONE) { throw new RuntimeException("Bad type for CredentialHash"); throw new IllegalArgumentException("Bad type for CredentialHash"); } return new CredentialHash(hash, type); } Loading @@ -135,11 +124,8 @@ class LockSettingsStorage { byte[] hash; @CredentialType int type; boolean isBaseZeroPattern; public byte[] toBytes() { Preconditions.checkState(!isBaseZeroPattern, "base zero patterns are not serializable"); try { ByteArrayOutputStream os = new ByteArrayOutputStream(); DataOutputStream dos = new DataOutputStream(os); Loading Loading @@ -274,12 +260,6 @@ class LockSettingsStorage { if (!ArrayUtils.isEmpty(stored)) { return new CredentialHash(stored, LockPatternUtils.CREDENTIAL_TYPE_PATTERN); } stored = readFile(getBaseZeroLockPatternFilename(userId)); if (!ArrayUtils.isEmpty(stored)) { return CredentialHash.createBaseZeroPattern(stored); } return null; } Loading Loading @@ -323,8 +303,7 @@ class LockSettingsStorage { } public boolean hasPattern(int userId) { return hasFile(getLockPatternFilename(userId)) || hasFile(getBaseZeroLockPatternFilename(userId)); return hasFile(getLockPatternFilename(userId)); } public boolean hasCredential(int userId) { Loading Loading @@ -444,10 +423,6 @@ class LockSettingsStorage { return getLockCredentialFilePathForUser(userId, LOCK_PASSWORD_FILE); } private String getBaseZeroLockPatternFilename(int userId) { return getLockCredentialFilePathForUser(userId, BASE_ZERO_LOCK_PATTERN_FILE); } @VisibleForTesting String getChildProfileLockFile(int userId) { return getLockCredentialFilePathForUser(userId, CHILD_PROFILE_LOCK_FILE); Loading
services/tests/servicestests/src/com/android/server/locksettings/LockSettingsStorageTests.java +0 −2 Original line number Diff line number Diff line Loading @@ -436,7 +436,6 @@ public class LockSettingsStorageTests extends AndroidTestCase { assertEquals(LockPatternUtils.CREDENTIAL_TYPE_PASSWORD, deserialized.type); assertArrayEquals(PAYLOAD, deserialized.hash); assertFalse(deserialized.isBaseZeroPattern); } public void testCredentialHash_unserialize_versionGatekeeper() { Loading @@ -452,7 +451,6 @@ public class LockSettingsStorageTests extends AndroidTestCase { assertEquals(LockPatternUtils.CREDENTIAL_TYPE_PASSWORD, deserialized.type); assertArrayEquals(PAYLOAD, deserialized.hash); assertFalse(deserialized.isBaseZeroPattern); // Make sure the constants we use on the wire do not change. assertEquals(-1, LockPatternUtils.CREDENTIAL_TYPE_NONE); Loading
