Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 52448442 authored by Svetoslav's avatar Svetoslav Committed by Svetoslav Ganov
Browse files

Use default encryption password if an accessibility service is enabled. 

If accessibility is on and the user selectes a secure lock we use weaker
encryption to enable running accessibility layer at the time the user
authenticates. This change adds a warning message to the enable accessibility
service dialog if there is a secure lock and also adds a warning as a
summary for the secure lock in the lock chooser activity. Both warning
mention the weaker encryption to be used.

bug:17671790

Change-Id: Ib5cc9d3a78f751e18362bb9238fd2804c3b600f8
parent fc14e272

res/layout/enable_accessibility_service_dialog_content.xml

+6 −0
Original line number Diff line number Diff line
@@ -28,6 +28,12 @@ 
        android:paddingStart="16dip"

        android:paddingEnd="16dip" >



        <TextView android:id="@+id/encryption_warning"

            android:layout_width="fill_parent"

            android:layout_height="wrap_content"

            android:padding="10dip"

            android:textAppearance="?android:attr/textAppearanceMedium"/>



        <TextView android:id="@+id/capabilities_header"

            android:layout_width="fill_parent"

            android:layout_height="wrap_content"

res/values/strings.xml

+8 −0
Original line number Diff line number Diff line
@@ -3665,6 +3665,14 @@ 
    <!-- Title for the list of capabilities of an accessibility service. -->

    <string name="capabilities_list_title"><xliff:g id="service" example="TalkBack">%1$s</xliff:g>

        needs to:</string>

    <!-- Warning that the device data will not be encrypted with password or PIN if

        enabling an accessibility service and there is a secure lock setup. [CHAR LIMIT=NONE] -->

    <string name="enable_service_encryption_warning">If you turn on <xliff:g id="service"

        example="TalkBack">%1$s</xliff:g>, your data\'s encryption won\'t be as strong.</string>

    <!-- Warning that the device data will not be encrypted with password or PIN if

         choosing a secure lock and there is an enabled accessibility service. [CHAR LIMIT=NONE] -->

    <string name="secure_lock_encryption_warning">Because you\'ve turned on an accessibility service,

        encryption based on this type of lock won\'t be as strong.</string>



    <!-- Title for the capability of an accessibility service to receive events and keys. -->

    <string name="capability_title_receiveAccessibilityEvents">Observe your actions</string>

src/com/android/settings/ChooseLockGeneric.java

+25 −0
Original line number Diff line number Diff line
@@ -16,6 +16,7 @@ 


package com.android.settings;



import android.accessibilityservice.AccessibilityServiceInfo;

import android.app.Activity;

import android.app.PendingIntent;

import android.app.admin.DevicePolicyManager;
@@ -32,6 +33,7 @@ import android.util.MutableBoolean; 
import android.view.LayoutInflater;

import android.view.View;

import android.view.ViewGroup;

import android.view.accessibility.AccessibilityManager;

import android.widget.ListView;



import com.android.internal.widget.LockPatternUtils;
@@ -213,6 +215,7 @@ public class ChooseLockGeneric extends SettingsActivity { 
                }

                addPreferencesFromResource(R.xml.security_settings_picker);

                disableUnusablePreferences(quality, allowBiometric);

                updatePreferenceSummaryIfNeeded();

            } else {

                updateUnlockMethodAndFinish(quality, false);

            }
@@ -292,6 +295,28 @@ public class ChooseLockGeneric extends SettingsActivity { 
            }

        }



        private void updatePreferenceSummaryIfNeeded() {

            if (AccessibilityManager.getInstance(getActivity()).getEnabledAccessibilityServiceList(

                    AccessibilityServiceInfo.FEEDBACK_ALL_MASK).isEmpty()) {

                return;

            }



            CharSequence summary = getString(R.string.secure_lock_encryption_warning);



            PreferenceScreen screen = getPreferenceScreen();

            final int preferenceCount = screen.getPreferenceCount();

            for (int i = 0; i < preferenceCount; i++) {

                Preference preference = screen.getPreference(i);

                switch (preference.getKey()) {

                    case KEY_UNLOCK_SET_PATTERN:

                    case KEY_UNLOCK_SET_PIN:

                    case KEY_UNLOCK_SET_PASSWORD: {

                        preference.setSummary(summary);

                    } break;

                }

            }

        }



        /**

         * Check whether the key is allowed for fallback (e.g. bio sensor). Returns true if it's

         * supported as a backup.

src/com/android/settings/accessibility/ToggleAccessibilityServicePreferenceFragment.java

+12 −0
Original line number Diff line number Diff line
@@ -36,6 +36,7 @@ import android.widget.ImageView; 
import android.widget.LinearLayout;

import android.widget.TextView;



import com.android.internal.widget.LockPatternUtils;

import com.android.settings.R;

import com.android.settings.widget.ToggleSwitch;

import com.android.settings.widget.ToggleSwitch.OnBeforeCheckedChangeListener;
@@ -201,6 +202,17 @@ public class ToggleAccessibilityServicePreferenceFragment 
        View content = inflater.inflate(R.layout.enable_accessibility_service_dialog_content,

                null);



        TextView encryptionWarningView = (TextView) content.findViewById(

                R.id.encryption_warning);

        if (LockPatternUtils.isDeviceEncrypted()) {

            String text = getString(R.string.enable_service_encryption_warning,

                    info.getResolveInfo().loadLabel(getPackageManager()));

            encryptionWarningView.setText(text);

            encryptionWarningView.setVisibility(View.VISIBLE);

        } else {

            encryptionWarningView.setVisibility(View.GONE);

        }



        TextView capabilitiesHeaderView = (TextView) content.findViewById(

                R.id.capabilities_header);

        capabilitiesHeaderView.setText(getString(R.string.capabilities_list_title,