Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit c0f4353b authored by Kevin Chyn's avatar Kevin Chyn Committed by Android (Google) Code Review
Browse files

Merge changes from topics "async-challenge", "lss-sp" 

* changes:
  Remove remainder of generateChallengeBlocking
  BiometricEnrollIntro should use non-blocking generateChallenge
  4/n: Remove challenge from choose/confirm, use new path
  3/n: verifyCredential no longer returns RequestThrottledException
  2/n: Add setRequestGatekeeperPassword to ChooseLockSettingsHelper
parents e2a18758 bee84e2d

src/com/android/settings/biometrics/BiometricEnrollActivity.java

+5 −0
Original line number Diff line number Diff line
@@ -104,9 +104,14 @@ public class BiometricEnrollActivity extends InstrumentedActivity { 
                        .getByteArrayExtra(ChooseLockSettingsHelper.EXTRA_KEY_CHALLENGE_TOKEN);

                final int userId = getIntent()

                        .getIntExtra(Intent.EXTRA_USER_ID, UserHandle.USER_NULL);

                final byte[] gkPw = getIntent().getByteArrayExtra(

                        ChooseLockSettingsHelper.EXTRA_KEY_GK_PW);



                intent.putExtra(ChooseLockSettingsHelper.EXTRA_KEY_CHALLENGE_TOKEN, token);

                intent.putExtra(Intent.EXTRA_USER_ID, userId);

                if (gkPw != null) {

                    intent.putExtra(ChooseLockSettingsHelper.EXTRA_KEY_GK_PW, gkPw);

                }

            }



            startActivity(intent);

src/com/android/settings/biometrics/BiometricEnrollBase.java

+9 −3
Original line number Diff line number Diff line
@@ -88,7 +88,13 @@ public abstract class BiometricEnrollBase extends InstrumentedActivity { 
    @Override

    protected void onCreate(Bundle savedInstanceState) {

        super.onCreate(savedInstanceState);

        mToken = getIntent().getByteArrayExtra(ChooseLockSettingsHelper.EXTRA_KEY_CHALLENGE_TOKEN);

        // Don't need to retrieve the HAT if it already exists. In some cases, the extras do not

        // contain EXTRA_KEY_CHALLENGE_TOKEN but contain EXTRA_KEY_GK_PW, in which case enrollment

        // classes may request a HAT to be created (as opposed to being passed in)

        if (mToken == null) {

            mToken = getIntent().getByteArrayExtra(

                    ChooseLockSettingsHelper.EXTRA_KEY_CHALLENGE_TOKEN);

        }

        mFromSettingsSummary = getIntent().getBooleanExtra(EXTRA_FROM_SETTINGS_SUMMARY, false);

        if (savedInstanceState != null && mToken == null) {

            mLaunchedConfirmLock = savedInstanceState.getBoolean(EXTRA_KEY_LAUNCHED_CONFIRM);
@@ -180,11 +186,11 @@ public abstract class BiometricEnrollBase extends InstrumentedActivity { 
        return intent;

    }



    protected void launchConfirmLock(int titleResId, long challenge) {

    protected void launchConfirmLock(int titleResId) {

        final ChooseLockSettingsHelper.Builder builder = new ChooseLockSettingsHelper.Builder(this);

        builder.setRequestCode(CONFIRM_REQUEST)

                .setTitle(getString(titleResId))

                .setChallenge(challenge)

                .setRequestGatekeeperPassword(true)

                .setForegroundOnly(true)

                .setReturnCredentials(true);

src/com/android/settings/biometrics/BiometricEnrollIntroduction.java

+19 −11
Original line number Diff line number Diff line
@@ -101,7 +101,7 @@ public abstract class BiometricEnrollIntroduction extends BiometricEnrollBase 
    /**

     * @return the challenge generated by the biometric hardware

     */

    protected abstract long getChallenge();

    protected abstract void getChallenge(GenerateChallengeCallback callback);



    /**

     * @return one of the ChooseLockSettingsHelper#EXTRA_KEY_FOR_* constants
@@ -125,6 +125,10 @@ public abstract class BiometricEnrollIntroduction extends BiometricEnrollBase 
     */

    public abstract void onClick(LinkSpan span);



    protected interface GenerateChallengeCallback {

        void onChallengeGenerated(long challenge);

    }



    @Override

    protected void onCreate(Bundle savedInstanceState) {

        super.onCreate(savedInstanceState);
@@ -160,11 +164,11 @@ public abstract class BiometricEnrollIntroduction extends BiometricEnrollBase 
                // No password registered, launch into enrollment wizard.

                mConfirmingCredentials = true;

                launchChooseLock();

            } else if (mToken == null) {

            } else if (!BiometricUtils.containsGatekeeperPassword(getIntent()) && mToken == null) {

                // It's possible to have a token but mLaunchedConfirmLock == false, since

                // ChooseLockGeneric can pass us a token.

                mConfirmingCredentials = true;

                launchConfirmLock(getConfirmLockTitleResId(), getChallenge());

                launchConfirmLock(getConfirmLockTitleResId());

            }

        }

    }
@@ -217,12 +221,10 @@ public abstract class BiometricEnrollIntroduction extends BiometricEnrollBase 


    private void launchChooseLock() {

        Intent intent = getChooseLockIntent();

        long challenge = getChallenge();

        intent.putExtra(ChooseLockGeneric.ChooseLockGenericFragment.MINIMUM_QUALITY_KEY,

                DevicePolicyManager.PASSWORD_QUALITY_SOMETHING);

        intent.putExtra(ChooseLockGeneric.ChooseLockGenericFragment.HIDE_DISABLED_PREFS, true);

        intent.putExtra(ChooseLockSettingsHelper.EXTRA_KEY_HAS_CHALLENGE, true);

        intent.putExtra(ChooseLockSettingsHelper.EXTRA_KEY_CHALLENGE, challenge);

        intent.putExtra(ChooseLockSettingsHelper.EXTRA_KEY_REQUEST_GK_PW, true);

        intent.putExtra(getExtraKeyForBiometric(), true);

        if (mUserId != UserHandle.USER_NULL) {

            intent.putExtra(Intent.EXTRA_USER_ID, mUserId);
@@ -269,13 +271,15 @@ public abstract class BiometricEnrollIntroduction extends BiometricEnrollBase 
                return;

            }

        } else if (requestCode == CHOOSE_LOCK_GENERIC_REQUEST) {

            mConfirmingCredentials = false;

            if (resultCode == RESULT_FINISHED) {

                updatePasswordQuality();

                mToken = data.getByteArrayExtra(

                        ChooseLockSettingsHelper.EXTRA_KEY_CHALLENGE_TOKEN);

                overridePendingTransition(R.anim.sud_slide_next_in, R.anim.sud_slide_next_out);

                mConfirmingCredentials = false;

                return;

                getNextButton().setEnabled(false);

                getChallenge((challenge -> {

                    mToken = BiometricUtils.requestGatekeeperHat(this, data, mUserId, challenge);

                    getNextButton().setEnabled(true);

                }));

            } else {

                setResult(resultCode, data);

                finish();
@@ -283,8 +287,12 @@ public abstract class BiometricEnrollIntroduction extends BiometricEnrollBase 
        } else if (requestCode == CONFIRM_REQUEST) {

            mConfirmingCredentials = false;

            if (resultCode == RESULT_OK && data != null) {

                mToken = data.getByteArrayExtra(ChooseLockSettingsHelper.EXTRA_KEY_CHALLENGE_TOKEN);

                overridePendingTransition(R.anim.sud_slide_next_in, R.anim.sud_slide_next_out);

                getNextButton().setEnabled(false);

                getChallenge((challenge -> {

                    mToken = BiometricUtils.requestGatekeeperHat(this, data, mUserId, challenge);

                    getNextButton().setEnabled(true);

                }));

            } else {

                setResult(resultCode, data);

                finish();

src/com/android/settings/biometrics/BiometricUtils.java

0 → 100644
+58 −0
Original line number Diff line number Diff line 
/*

 * Copyright (C) 2020 The Android Open Source Project

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */



package com.android.settings.biometrics;



import android.app.Activity;

import android.content.Context;

import android.content.Intent;



import com.android.internal.widget.LockPatternUtils;

import com.android.settings.password.ChooseLockSettingsHelper;



/**

 * Common biometric utilities.

 */

public class BiometricUtils {

    /**

     * Given the result from confirming or choosing a credential, request Gatekeeper to generate

     * a HardwareAuthToken with the Gatekeeper Password together with a biometric challenge.

     *

     * @param context Caller's context

     * @param result The onActivityResult intent from ChooseLock* or ConfirmLock*

     * @param userId User ID that the credential/biometric operation applies to

     * @param challenge Unique biometric challenge from FingerprintManager/FaceManager

     * @return

     */

    public static byte[] requestGatekeeperHat(Context context, Intent result, int userId,

            long challenge) {

        final byte[] gkPassword = result.getByteArrayExtra(

                ChooseLockSettingsHelper.EXTRA_KEY_GK_PW);

        if (gkPassword == null) {

            throw new IllegalStateException("Gatekeeper Password is null!!");

        }



        final LockPatternUtils utils = new LockPatternUtils(context);

        return utils.verifyGatekeeperPassword(gkPassword, challenge, userId).getGatekeeperHAT();

    }



    public static boolean containsGatekeeperPassword(Intent data) {

        if (data == null) {

            return false;

        }

        return data.getByteArrayExtra(ChooseLockSettingsHelper.EXTRA_KEY_GK_PW) != null;

    }

}

src/com/android/settings/biometrics/face/FaceEnrollIntroduction.java

+19 −7
Original line number Diff line number Diff line
@@ -26,6 +26,7 @@ import android.widget.TextView; 
import com.android.settings.R;

import com.android.settings.Utils;

import com.android.settings.biometrics.BiometricEnrollIntroduction;

import com.android.settings.biometrics.BiometricUtils;

import com.android.settings.overlay.FeatureFactory;

import com.android.settings.password.ChooseLockSettingsHelper;

import com.android.settingslib.RestrictedLockUtilsInternal;
@@ -38,7 +39,7 @@ import com.google.android.setupdesign.template.RequireScrollMixin; 


public class FaceEnrollIntroduction extends BiometricEnrollIntroduction {



    private static final String TAG = "FaceIntro";

    private static final String TAG = "FaceEnrollIntroduction";



    private FaceManager mFaceManager;

    private FaceFeatureProvider mFaceFeatureProvider;
@@ -86,9 +87,7 @@ public class FaceEnrollIntroduction extends BiometricEnrollIntroduction { 
                    RequireScrollMixin.class);

            requireScrollMixin.requireScrollWithButton(this, agreeButton,

                    R.string.security_settings_face_enroll_introduction_more,

                    button -> {

                        onNextButtonClick(button);

                    });

                    this::onNextButtonClick);

        }



        final TextView footer2 = findViewById(R.id.face_enroll_introduction_footer_part_2);
@@ -97,6 +96,18 @@ public class FaceEnrollIntroduction extends BiometricEnrollIntroduction { 
                        ? R.string.security_settings_face_enroll_introduction_footer_part_2

                        : R.string.security_settings_face_settings_footer_attention_not_supported;

        footer2.setText(footer2TextResource);



        // This path is an entry point for SetNewPasswordController, e.g.

        // adb shell am start -a android.app.action.SET_NEW_PASSWORD

        if (mToken == null && BiometricUtils.containsGatekeeperPassword(getIntent())) {

            mFooterBarMixin.getPrimaryButton().setEnabled(false);

            // We either block on generateChallenge, or need to gray out the "next" button until

            // the challenge is ready. Let's just do this for now.

            mFaceManager.generateChallenge(challenge -> {

                mToken = BiometricUtils.requestGatekeeperHat(this, getIntent(), mUserId, challenge);

                mFooterBarMixin.getPrimaryButton().setEnabled(true);

            });

        }

    }



    @Override
@@ -171,12 +182,13 @@ public class FaceEnrollIntroduction extends BiometricEnrollIntroduction { 
    }



    @Override

    protected long getChallenge() {

    protected void getChallenge(GenerateChallengeCallback callback) {

        mFaceManager = Utils.getFaceManagerOrNull(this);

        if (mFaceManager == null) {

            return 0;

            callback.onChallengeGenerated(0L);

            return;

        }

        return mFaceManager.generateChallengeBlocking();

        mFaceManager.generateChallenge(callback::onChallengeGenerated);

    }



    @Override