Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / frameworks / base / 1fc9c818458b99a85b442dc84f356fe05652a6a0 / . / services / core / java / com / android / server / locksettings / LockSettingsShellCommand.java
blob: 085d17d406dc345060810f478cc003504f675211 [file] [log] [blame]
Jorim Jaggi2fef6f72016-11-01 19:06:25 -0700[diff] [blame]1/*
2 * Copyright (C) 2016 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License
15 */
16
Andrew Scull507d11c2017-05-03 17:19:01 +0100[diff] [blame]17package com.android.server.locksettings;
Jorim Jaggi2fef6f72016-11-01 19:06:25 -0700[diff] [blame]18
19import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_ALPHABETIC;
20import static android.app.admin.DevicePolicyManager.PASSWORD_QUALITY_NUMERIC;
21import static com.android.internal.widget.LockPatternUtils.stringToPattern;
22
Sudheer Shankadc589ac2016-11-10 15:30:17 -0800[diff] [blame]23import android.app.ActivityManager;
Jorim Jaggi2fef6f72016-11-01 19:06:25 -0700[diff] [blame]24import android.os.ShellCommand;
25
Jorim Jaggi2fef6f72016-11-01 19:06:25 -0700[diff] [blame]26import com.android.internal.widget.LockPatternUtils;
27import com.android.internal.widget.LockPatternUtils.RequestThrottledException;
28
Felipe Leme1fc9c812018-07-11 10:02:23 -0700[diff] [blame^]29import java.io.PrintWriter;
30
Jorim Jaggi2fef6f72016-11-01 19:06:25 -0700[diff] [blame]31class LockSettingsShellCommand extends ShellCommand {
32
33 private static final String COMMAND_SET_PATTERN = "set-pattern";
34 private static final String COMMAND_SET_PIN = "set-pin";
35 private static final String COMMAND_SET_PASSWORD = "set-password";
36 private static final String COMMAND_CLEAR = "clear";
Rubin Xu3bf722a2016-12-15 16:07:38 +0000[diff] [blame]37 private static final String COMMAND_SP = "sp";
Jeff Sharkey65440992017-03-31 09:45:46 -0600[diff] [blame]38 private static final String COMMAND_SET_DISABLED = "set-disabled";
Pavel Grafov5f679b22017-06-26 18:39:10 +0100[diff] [blame]39 private static final String COMMAND_VERIFY = "verify";
chaviw5953e662017-08-21 10:46:11 -0700[diff] [blame]40 private static final String COMMAND_GET_DISABLED = "get-disabled";
Felipe Leme1fc9c812018-07-11 10:02:23 -0700[diff] [blame^]41 private static final String COMMAND_HELP = "help";
Jorim Jaggi2fef6f72016-11-01 19:06:25 -0700[diff] [blame]42
43 private int mCurrentUserId;
44 private final LockPatternUtils mLockPatternUtils;
Jorim Jaggi2fef6f72016-11-01 19:06:25 -0700[diff] [blame]45 private String mOld = "";
46 private String mNew = "";
47
Felipe Leme1fc9c812018-07-11 10:02:23 -0700[diff] [blame^]48 LockSettingsShellCommand(LockPatternUtils lockPatternUtils) {
Jorim Jaggi2fef6f72016-11-01 19:06:25 -0700[diff] [blame]49 mLockPatternUtils = lockPatternUtils;
50 }
51
52 @Override
53 public int onCommand(String cmd) {
Felipe Leme1fc9c812018-07-11 10:02:23 -0700[diff] [blame^]54 if (cmd == null) {
55 return handleDefaultCommands(cmd);
56 }
Jorim Jaggi2fef6f72016-11-01 19:06:25 -0700[diff] [blame]57 try {
Sudheer Shankadc589ac2016-11-10 15:30:17 -0800[diff] [blame]58 mCurrentUserId = ActivityManager.getService().getCurrentUser().id;
Jorim Jaggi2fef6f72016-11-01 19:06:25 -0700[diff] [blame]59
60 parseArgs();
61 if (!checkCredential()) {
62 return -1;
63 }
64 switch (cmd) {
65 case COMMAND_SET_PATTERN:
66 runSetPattern();
67 break;
68 case COMMAND_SET_PASSWORD:
69 runSetPassword();
70 break;
71 case COMMAND_SET_PIN:
72 runSetPin();
73 break;
74 case COMMAND_CLEAR:
75 runClear();
76 break;
Rubin Xu3bf722a2016-12-15 16:07:38 +0000[diff] [blame]77 case COMMAND_SP:
Paul Crowley7a0cc0a2017-05-31 22:12:57 +0000[diff] [blame]78 runChangeSp();
Rubin Xu3bf722a2016-12-15 16:07:38 +0000[diff] [blame]79 break;
Jeff Sharkey65440992017-03-31 09:45:46 -0600[diff] [blame]80 case COMMAND_SET_DISABLED:
81 runSetDisabled();
82 break;
Pavel Grafov5f679b22017-06-26 18:39:10 +0100[diff] [blame]83 case COMMAND_VERIFY:
84 runVerify();
85 break;
chaviw5953e662017-08-21 10:46:11 -0700[diff] [blame]86 case COMMAND_GET_DISABLED:
87 runGetDisabled();
88 break;
Felipe Leme1fc9c812018-07-11 10:02:23 -0700[diff] [blame^]89 case COMMAND_HELP:
90 onHelp();
91 break;
Jorim Jaggi2fef6f72016-11-01 19:06:25 -0700[diff] [blame]92 default:
93 getErrPrintWriter().println("Unknown command: " + cmd);
94 break;
95 }
96 return 0;
97 } catch (Exception e) {
Rubin Xu0cbc19e2016-12-09 14:00:21 +0000[diff] [blame]98 getErrPrintWriter().println("Error while executing command: " + cmd);
99 e.printStackTrace(getErrPrintWriter());
Jorim Jaggi2fef6f72016-11-01 19:06:25 -0700[diff] [blame]100 return -1;
101 }
102 }
103
Pavel Grafov5f679b22017-06-26 18:39:10 +0100[diff] [blame]104 private void runVerify() {
105 // The command is only run if the credential is correct.
106 getOutPrintWriter().println("Lock credential verified successfully");
107 }
108
Jorim Jaggi2fef6f72016-11-01 19:06:25 -0700[diff] [blame]109 @Override
110 public void onHelp() {
Felipe Leme1fc9c812018-07-11 10:02:23 -0700[diff] [blame^]111 try (final PrintWriter pw = getOutPrintWriter();) {
112 pw.println("lockSettings service commands:");
113 pw.println("");
114 pw.println("NOTE: when lock screen is set, all commands require the --old <CREDENTIAL>"
115 + " argument.");
116 pw.println("");
117 pw.println(" help");
118 pw.println(" Prints this help text.");
119 pw.println("");
120 pw.println(" get-disabled [--old <CREDENTIAL>] [--user USER_ID]");
121 pw.println(" Checks whether lock screen is disabled.");
122 pw.println("");
123 pw.println(" set-disabled [--old <CREDENTIAL>] [--user USER_ID] <true|false>");
124 pw.println(" When true, disables lock screen.");
125 pw.println("");
126 pw.println(" set-pattern [--old <CREDENTIAL>] [--user USER_ID] <PATTERN>");
127 pw.println(" Sets the lock screen as pattern, using the given PATTERN to unlock.");
128 pw.println("");
129 pw.println(" set-pin [--old <CREDENTIAL>] [--user USER_ID] <PIN>");
130 pw.println(" Sets the lock screen as PIN, using the given PIN to unlock.");
131 pw.println("");
132 pw.println(" set-pin [--old <CREDENTIAL>] [--user USER_ID] <PASSWORD>");
133 pw.println(" Sets the lock screen as password, using the given PASSOWRD to unlock.");
134 pw.println("");
135 pw.println(" sp [--old <CREDENTIAL>] [--user USER_ID]");
136 pw.println(" Gets whether synthetic password is enabled.");
137 pw.println("");
138 pw.println(" sp [--old <CREDENTIAL>] [--user USER_ID] <1|0>");
139 pw.println(" Enables / disables synthetic password.");
140 pw.println("");
141 pw.println(" clear [--old <CREDENTIAL>] [--user USER_ID]");
142 pw.println(" Clears the lock credentials.");
143 pw.println("");
144 pw.println(" verify [--old <CREDENTIAL>] [--user USER_ID]");
145 pw.println(" Verifies the lock credentials.");
146 pw.println("");
147 }
Jorim Jaggi2fef6f72016-11-01 19:06:25 -0700[diff] [blame]148 }
149
150 private void parseArgs() {
151 String opt;
152 while ((opt = getNextOption()) != null) {
153 if ("--old".equals(opt)) {
154 mOld = getNextArgRequired();
Rubin Xu3bf722a2016-12-15 16:07:38 +0000[diff] [blame]155 } else if ("--user".equals(opt)) {
156 mCurrentUserId = Integer.parseInt(getNextArgRequired());
Jorim Jaggi2fef6f72016-11-01 19:06:25 -0700[diff] [blame]157 } else {
158 getErrPrintWriter().println("Unknown option: " + opt);
159 throw new IllegalArgumentException();
160 }
161 }
162 mNew = getNextArg();
163 }
164
Paul Crowley7a0cc0a2017-05-31 22:12:57 +0000[diff] [blame]165 private void runChangeSp() {
166 if (mNew != null ) {
167 if ("1".equals(mNew)) {
168 mLockPatternUtils.enableSyntheticPassword();
169 getOutPrintWriter().println("Synthetic password enabled");
170 } else if ("0".equals(mNew)) {
171 mLockPatternUtils.disableSyntheticPassword();
172 getOutPrintWriter().println("Synthetic password disabled");
173 }
Rubin Xu3bf722a2016-12-15 16:07:38 +0000[diff] [blame]174 }
175 getOutPrintWriter().println(String.format("SP Enabled = %b",
176 mLockPatternUtils.isSyntheticPasswordEnabled()));
177 }
178
Felipe Leme1fc9c812018-07-11 10:02:23 -0700[diff] [blame^]179 private void runSetPattern() {
Jorim Jaggi2fef6f72016-11-01 19:06:25 -0700[diff] [blame]180 mLockPatternUtils.saveLockPattern(stringToPattern(mNew), mOld, mCurrentUserId);
181 getOutPrintWriter().println("Pattern set to '" + mNew + "'");
182 }
183
Felipe Leme1fc9c812018-07-11 10:02:23 -0700[diff] [blame^]184 private void runSetPassword() {
Jorim Jaggi2fef6f72016-11-01 19:06:25 -0700[diff] [blame]185 mLockPatternUtils.saveLockPassword(mNew, mOld, PASSWORD_QUALITY_ALPHABETIC, mCurrentUserId);
186 getOutPrintWriter().println("Password set to '" + mNew + "'");
187 }
188
Felipe Leme1fc9c812018-07-11 10:02:23 -0700[diff] [blame^]189 private void runSetPin() {
Jorim Jaggi2fef6f72016-11-01 19:06:25 -0700[diff] [blame]190 mLockPatternUtils.saveLockPassword(mNew, mOld, PASSWORD_QUALITY_NUMERIC, mCurrentUserId);
191 getOutPrintWriter().println("Pin set to '" + mNew + "'");
192 }
193
Felipe Leme1fc9c812018-07-11 10:02:23 -0700[diff] [blame^]194 private void runClear() {
Rubin Xua55b1682017-01-31 10:06:56 +0000[diff] [blame]195 mLockPatternUtils.clearLock(mOld, mCurrentUserId);
Jorim Jaggi2fef6f72016-11-01 19:06:25 -0700[diff] [blame]196 getOutPrintWriter().println("Lock credential cleared");
197 }
198
Felipe Leme1fc9c812018-07-11 10:02:23 -0700[diff] [blame^]199 private void runSetDisabled() {
Jeff Sharkey65440992017-03-31 09:45:46 -0600[diff] [blame]200 final boolean disabled = Boolean.parseBoolean(mNew);
201 mLockPatternUtils.setLockScreenDisabled(disabled, mCurrentUserId);
202 getOutPrintWriter().println("Lock screen disabled set to " + disabled);
203 }
204
chaviw5953e662017-08-21 10:46:11 -0700[diff] [blame]205 private void runGetDisabled() {
206 boolean isLockScreenDisabled = mLockPatternUtils.isLockScreenDisabled(mCurrentUserId);
207 getOutPrintWriter().println(isLockScreenDisabled);
208 }
209
Felipe Leme1fc9c812018-07-11 10:02:23 -0700[diff] [blame^]210 private boolean checkCredential() {
Jorim Jaggi2fef6f72016-11-01 19:06:25 -0700[diff] [blame]211 final boolean havePassword = mLockPatternUtils.isLockPasswordEnabled(mCurrentUserId);
212 final boolean havePattern = mLockPatternUtils.isLockPatternEnabled(mCurrentUserId);
213 if (havePassword || havePattern) {
Pavel Grafovfc135c72017-07-25 16:38:04 +0100[diff] [blame]214 if (mLockPatternUtils.isManagedProfileWithUnifiedChallenge(mCurrentUserId)) {
215 getOutPrintWriter().println("Profile uses unified challenge");
216 return false;
217 }
218
Pavel Grafovc07067d2017-07-05 16:30:04 +0100[diff] [blame]219 try {
220 final boolean result;
221 if (havePassword) {
222 result = mLockPatternUtils.checkPassword(mOld, mCurrentUserId);
223 } else {
224 result = mLockPatternUtils.checkPattern(stringToPattern(mOld), mCurrentUserId);
225 }
226 if (!result) {
Pavel Grafovb3191252017-07-14 12:30:31 +0100[diff] [blame]227 if (!mLockPatternUtils.isManagedProfileWithUnifiedChallenge(mCurrentUserId)) {
228 mLockPatternUtils.reportFailedPasswordAttempt(mCurrentUserId);
229 }
Pavel Grafovc07067d2017-07-05 16:30:04 +0100[diff] [blame]230 getOutPrintWriter().println("Old password '" + mOld + "' didn't match");
231 }
232 return result;
233 } catch (RequestThrottledException e) {
234 getOutPrintWriter().println("Request throttled");
Jorim Jaggi2fef6f72016-11-01 19:06:25 -0700[diff] [blame]235 return false;
236 }
237 } else {
238 return true;
239 }
240 }
241}