Jim Miller | dcb3d84 | 2012-08-23 19:18:12 -0700 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (C) 2012 The Android Open Source Project |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
Jim Miller | 5ecd811 | 2013-01-09 18:50:26 -0800 | [diff] [blame] | 16 | package com.android.keyguard; |
Jim Miller | dcb3d84 | 2012-08-23 19:18:12 -0700 | [diff] [blame] | 17 | |
| 18 | import android.app.admin.DevicePolicyManager; |
| 19 | import android.content.Context; |
Danielle Millett | d95c659 | 2012-10-12 14:55:44 -0400 | [diff] [blame] | 20 | import android.telephony.TelephonyManager; |
Jim Miller | dcb3d84 | 2012-08-23 19:18:12 -0700 | [diff] [blame] | 21 | |
| 22 | import com.android.internal.telephony.IccCardConstants; |
| 23 | import com.android.internal.widget.LockPatternUtils; |
| 24 | |
| 25 | public class KeyguardSecurityModel { |
Adrian Roos | 46842d9 | 2014-03-27 14:58:03 +0100 | [diff] [blame] | 26 | |
Jim Miller | dcb3d84 | 2012-08-23 19:18:12 -0700 | [diff] [blame] | 27 | /** |
| 28 | * The different types of security available for {@link Mode#UnlockScreen}. |
| 29 | * @see com.android.internal.policy.impl.LockPatternKeyguardView#getUnlockMode() |
| 30 | */ |
Jorim Jaggi | a005f1b | 2014-04-16 19:06:10 +0200 | [diff] [blame] | 31 | public enum SecurityMode { |
Jim Miller | 63f9b817 | 2012-10-15 15:58:01 -0700 | [diff] [blame] | 32 | Invalid, // NULL state |
Jim Miller | dcb3d84 | 2012-08-23 19:18:12 -0700 | [diff] [blame] | 33 | None, // No security enabled |
| 34 | Pattern, // Unlock by drawing a pattern. |
Daniel Sandler | 69bdee7 | 2012-10-23 16:45:50 -0400 | [diff] [blame] | 35 | Password, // Unlock by entering an alphanumeric password |
| 36 | PIN, // Strictly numeric password |
Jim Miller | dcb3d84 | 2012-08-23 19:18:12 -0700 | [diff] [blame] | 37 | Biometric, // Unlock with a biometric key (e.g. finger print or face unlock) |
| 38 | Account, // Unlock by entering an account's login and password. |
| 39 | SimPin, // Unlock by entering a sim pin. |
| 40 | SimPuk // Unlock by entering a sim puk |
| 41 | } |
| 42 | |
| 43 | private Context mContext; |
| 44 | private LockPatternUtils mLockPatternUtils; |
| 45 | |
| 46 | KeyguardSecurityModel(Context context) { |
| 47 | mContext = context; |
| 48 | mLockPatternUtils = new LockPatternUtils(context); |
| 49 | } |
| 50 | |
| 51 | void setLockPatternUtils(LockPatternUtils utils) { |
| 52 | mLockPatternUtils = utils; |
| 53 | } |
| 54 | |
Jim Miller | 258341c | 2012-08-30 16:50:10 -0700 | [diff] [blame] | 55 | /** |
Brian Colonna | 9ded0e1 | 2012-10-08 13:02:41 -0400 | [diff] [blame] | 56 | * Returns true if biometric unlock is installed and selected. If this returns false there is |
| 57 | * no need to even construct the biometric unlock. |
Jim Miller | 258341c | 2012-08-30 16:50:10 -0700 | [diff] [blame] | 58 | */ |
Jim Miller | 63f9b817 | 2012-10-15 15:58:01 -0700 | [diff] [blame] | 59 | boolean isBiometricUnlockEnabled() { |
Jim Miller | 258341c | 2012-08-30 16:50:10 -0700 | [diff] [blame] | 60 | return mLockPatternUtils.usingBiometricWeak() |
Brian Colonna | 9ded0e1 | 2012-10-08 13:02:41 -0400 | [diff] [blame] | 61 | && mLockPatternUtils.isBiometricWeakInstalled(); |
| 62 | } |
| 63 | |
| 64 | /** |
| 65 | * Returns true if a condition is currently suppressing the biometric unlock. If this returns |
| 66 | * true there is no need to even construct the biometric unlock. |
| 67 | */ |
| 68 | private boolean isBiometricUnlockSuppressed() { |
| 69 | KeyguardUpdateMonitor monitor = KeyguardUpdateMonitor.getInstance(mContext); |
| 70 | final boolean backupIsTimedOut = monitor.getFailedUnlockAttempts() >= |
| 71 | LockPatternUtils.FAILED_ATTEMPTS_BEFORE_TIMEOUT; |
Brian Colonna | cc4104f | 2012-10-09 17:50:46 -0400 | [diff] [blame] | 72 | return monitor.getMaxBiometricUnlockAttemptsReached() || backupIsTimedOut |
Danielle Millett | d95c659 | 2012-10-12 14:55:44 -0400 | [diff] [blame] | 73 | || !monitor.isAlternateUnlockEnabled() |
| 74 | || monitor.getPhoneState() != TelephonyManager.CALL_STATE_IDLE; |
Jim Miller | 258341c | 2012-08-30 16:50:10 -0700 | [diff] [blame] | 75 | } |
| 76 | |
Jim Miller | dcb3d84 | 2012-08-23 19:18:12 -0700 | [diff] [blame] | 77 | SecurityMode getSecurityMode() { |
Jim Miller | 109f1fd | 2012-09-19 20:44:16 -0700 | [diff] [blame] | 78 | KeyguardUpdateMonitor updateMonitor = KeyguardUpdateMonitor.getInstance(mContext); |
| 79 | final IccCardConstants.State simState = updateMonitor.getSimState(); |
Jim Miller | 258341c | 2012-08-30 16:50:10 -0700 | [diff] [blame] | 80 | SecurityMode mode = SecurityMode.None; |
Jim Miller | dcb3d84 | 2012-08-23 19:18:12 -0700 | [diff] [blame] | 81 | if (simState == IccCardConstants.State.PIN_REQUIRED) { |
Jim Miller | 258341c | 2012-08-30 16:50:10 -0700 | [diff] [blame] | 82 | mode = SecurityMode.SimPin; |
Jim Miller | 47df44a | 2012-09-06 17:51:12 -0700 | [diff] [blame] | 83 | } else if (simState == IccCardConstants.State.PUK_REQUIRED |
| 84 | && mLockPatternUtils.isPukUnlockScreenEnable()) { |
Jim Miller | 258341c | 2012-08-30 16:50:10 -0700 | [diff] [blame] | 85 | mode = SecurityMode.SimPuk; |
Adrian Roos | 46842d9 | 2014-03-27 14:58:03 +0100 | [diff] [blame] | 86 | } else if (updateMonitor.getUserHasTrust(mLockPatternUtils.getCurrentUser())) { |
| 87 | mode = SecurityMode.None; |
Jim Miller | dcb3d84 | 2012-08-23 19:18:12 -0700 | [diff] [blame] | 88 | } else { |
Jim Miller | 258341c | 2012-08-30 16:50:10 -0700 | [diff] [blame] | 89 | final int security = mLockPatternUtils.getKeyguardStoredPasswordQuality(); |
| 90 | switch (security) { |
Jim Miller | dcb3d84 | 2012-08-23 19:18:12 -0700 | [diff] [blame] | 91 | case DevicePolicyManager.PASSWORD_QUALITY_NUMERIC: |
Daniel Sandler | 69bdee7 | 2012-10-23 16:45:50 -0400 | [diff] [blame] | 92 | mode = mLockPatternUtils.isLockPasswordEnabled() ? |
| 93 | SecurityMode.PIN : SecurityMode.None; |
| 94 | break; |
Jim Miller | dcb3d84 | 2012-08-23 19:18:12 -0700 | [diff] [blame] | 95 | case DevicePolicyManager.PASSWORD_QUALITY_ALPHABETIC: |
| 96 | case DevicePolicyManager.PASSWORD_QUALITY_ALPHANUMERIC: |
| 97 | case DevicePolicyManager.PASSWORD_QUALITY_COMPLEX: |
Jim Miller | 258341c | 2012-08-30 16:50:10 -0700 | [diff] [blame] | 98 | mode = mLockPatternUtils.isLockPasswordEnabled() ? |
Jim Miller | dcb3d84 | 2012-08-23 19:18:12 -0700 | [diff] [blame] | 99 | SecurityMode.Password : SecurityMode.None; |
Jim Miller | 258341c | 2012-08-30 16:50:10 -0700 | [diff] [blame] | 100 | break; |
Jim Miller | dcb3d84 | 2012-08-23 19:18:12 -0700 | [diff] [blame] | 101 | |
| 102 | case DevicePolicyManager.PASSWORD_QUALITY_SOMETHING: |
| 103 | case DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED: |
| 104 | if (mLockPatternUtils.isLockPatternEnabled()) { |
Jim Miller | 258341c | 2012-08-30 16:50:10 -0700 | [diff] [blame] | 105 | mode = mLockPatternUtils.isPermanentlyLocked() ? |
Jim Miller | dcb3d84 | 2012-08-23 19:18:12 -0700 | [diff] [blame] | 106 | SecurityMode.Account : SecurityMode.Pattern; |
Jim Miller | dcb3d84 | 2012-08-23 19:18:12 -0700 | [diff] [blame] | 107 | } |
Jim Miller | 258341c | 2012-08-30 16:50:10 -0700 | [diff] [blame] | 108 | break; |
| 109 | |
Jim Miller | dcb3d84 | 2012-08-23 19:18:12 -0700 | [diff] [blame] | 110 | default: |
Jim Miller | 5e612cf | 2014-02-03 17:57:23 -0800 | [diff] [blame] | 111 | throw new IllegalStateException("Unknown security quality:" + security); |
Jim Miller | dcb3d84 | 2012-08-23 19:18:12 -0700 | [diff] [blame] | 112 | } |
| 113 | } |
Jim Miller | 258341c | 2012-08-30 16:50:10 -0700 | [diff] [blame] | 114 | return mode; |
Jim Miller | dcb3d84 | 2012-08-23 19:18:12 -0700 | [diff] [blame] | 115 | } |
| 116 | |
Jim Miller | 258341c | 2012-08-30 16:50:10 -0700 | [diff] [blame] | 117 | /** |
| 118 | * Some unlock methods can have an alternate, such as biometric unlocks (e.g. face unlock). |
| 119 | * This function decides if an alternate unlock is available and returns it. Otherwise, |
| 120 | * returns @param mode. |
| 121 | * |
| 122 | * @param mode the mode we want the alternate for |
| 123 | * @return alternate or the given mode |
| 124 | */ |
| 125 | SecurityMode getAlternateFor(SecurityMode mode) { |
Brian Colonna | 9ded0e1 | 2012-10-08 13:02:41 -0400 | [diff] [blame] | 126 | if (isBiometricUnlockEnabled() && !isBiometricUnlockSuppressed() |
Daniel Sandler | 69bdee7 | 2012-10-23 16:45:50 -0400 | [diff] [blame] | 127 | && (mode == SecurityMode.Password |
| 128 | || mode == SecurityMode.PIN |
| 129 | || mode == SecurityMode.Pattern)) { |
Jim Miller | 258341c | 2012-08-30 16:50:10 -0700 | [diff] [blame] | 130 | return SecurityMode.Biometric; |
| 131 | } |
| 132 | return mode; // no alternate, return what was given |
| 133 | } |
| 134 | |
| 135 | /** |
| 136 | * Some unlock methods can have a backup which gives the user another way to get into |
| 137 | * the device. This is currently only supported for Biometric and Pattern unlock. |
| 138 | * |
Brian Colonna | 9ded0e1 | 2012-10-08 13:02:41 -0400 | [diff] [blame] | 139 | * @return backup method or current security mode |
Jim Miller | 258341c | 2012-08-30 16:50:10 -0700 | [diff] [blame] | 140 | */ |
Jim Miller | 63f9b817 | 2012-10-15 15:58:01 -0700 | [diff] [blame] | 141 | SecurityMode getBackupSecurityMode(SecurityMode mode) { |
Jim Miller | 258341c | 2012-08-30 16:50:10 -0700 | [diff] [blame] | 142 | switch(mode) { |
| 143 | case Biometric: |
| 144 | return getSecurityMode(); |
| 145 | case Pattern: |
| 146 | return SecurityMode.Account; |
| 147 | } |
Brian Colonna | 9ded0e1 | 2012-10-08 13:02:41 -0400 | [diff] [blame] | 148 | return mode; // no backup, return current security mode |
Jim Miller | dcb3d84 | 2012-08-23 19:18:12 -0700 | [diff] [blame] | 149 | } |
| 150 | } |