Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (C) 2012 The Android Open Source Project |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| 16 | |
Jeff Sharkey | 7a96c39 | 2012-11-15 14:01:46 -0800 | [diff] [blame] | 17 | package com.android.server; |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 18 | |
Sudheer Shanka | dc589ac | 2016-11-10 15:30:17 -0800 | [diff] [blame] | 19 | import android.app.ActivityManager; |
Kenny Guy | b1b3026 | 2016-02-09 16:02:35 +0000 | [diff] [blame] | 20 | import android.app.KeyguardManager; |
Jim Miller | 4f93c58 | 2016-01-27 19:05:43 -0800 | [diff] [blame] | 21 | import android.app.Notification; |
| 22 | import android.app.NotificationManager; |
| 23 | import android.app.PendingIntent; |
Adrian Roos | 230635e | 2015-01-07 20:50:29 +0100 | [diff] [blame] | 24 | import android.app.admin.DevicePolicyManager; |
Amith Yamasani | 072543f | 2015-02-13 11:09:45 -0800 | [diff] [blame] | 25 | import android.app.backup.BackupManager; |
Adrian Roos | b5e4722 | 2015-08-14 15:53:06 -0700 | [diff] [blame] | 26 | import android.app.trust.IStrongAuthTracker; |
Clara Bayarri | 56878a9 | 2015-10-29 15:43:55 +0000 | [diff] [blame] | 27 | import android.app.trust.TrustManager; |
Robin Lee | f0246a8 | 2014-08-13 09:50:25 +0100 | [diff] [blame] | 28 | import android.content.BroadcastReceiver; |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 29 | import android.content.ContentResolver; |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 30 | import android.content.Context; |
Robin Lee | f0246a8 | 2014-08-13 09:50:25 +0100 | [diff] [blame] | 31 | import android.content.Intent; |
| 32 | import android.content.IntentFilter; |
Jim Miller | 158fe19 | 2013-04-17 15:23:55 -0700 | [diff] [blame] | 33 | import android.content.pm.PackageManager; |
Jim Miller | 187ec58 | 2013-04-15 18:27:54 -0700 | [diff] [blame] | 34 | import android.content.pm.UserInfo; |
Jim Miller | 4f93c58 | 2016-01-27 19:05:43 -0800 | [diff] [blame] | 35 | import android.content.res.Resources; |
| 36 | |
Adrian Roos | 261d5ab | 2014-10-29 14:42:38 +0100 | [diff] [blame] | 37 | import static android.Manifest.permission.ACCESS_KEYGUARD_SECURE_STORAGE; |
Kenny Guy | b1b3026 | 2016-02-09 16:02:35 +0000 | [diff] [blame] | 38 | import static android.content.Context.KEYGUARD_SERVICE; |
Jim Miller | 187ec58 | 2013-04-15 18:27:54 -0700 | [diff] [blame] | 39 | import static android.content.Context.USER_SERVICE; |
Svetoslav Ganov | 6d2c0e5 | 2015-06-23 16:33:36 +0000 | [diff] [blame] | 40 | import static android.Manifest.permission.READ_CONTACTS; |
Adrian Roos | 873010d | 2015-08-25 15:59:00 -0700 | [diff] [blame] | 41 | import static com.android.internal.widget.LockPatternUtils.StrongAuthTracker.STRONG_AUTH_REQUIRED_AFTER_LOCKOUT; |
| 42 | |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 43 | import android.database.sqlite.SQLiteDatabase; |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 44 | import android.os.Binder; |
Jeff Sharkey | bd91e2f | 2016-03-22 15:32:31 -0600 | [diff] [blame] | 45 | import android.os.Bundle; |
Ricky Wai | b0cdf38 | 2016-05-16 17:28:04 +0100 | [diff] [blame] | 46 | import android.os.Handler; |
Paul Lawrence | 945490c | 2014-03-27 16:37:28 +0000 | [diff] [blame] | 47 | import android.os.IBinder; |
Jeff Sharkey | bd91e2f | 2016-03-22 15:32:31 -0600 | [diff] [blame] | 48 | import android.os.IProgressListener; |
| 49 | import android.os.Parcel; |
Ricky Wai | 4613fe4 | 2016-05-24 11:11:42 +0100 | [diff] [blame] | 50 | import android.os.Process; |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 51 | import android.os.RemoteException; |
Jorim Jaggi | 2fef6f7 | 2016-11-01 19:06:25 -0700 | [diff] [blame] | 52 | import android.os.ResultReceiver; |
| 53 | import android.os.ShellCallback; |
Sudheer Shanka | 2250d56 | 2016-11-07 15:41:02 -0800 | [diff] [blame] | 54 | import android.os.storage.IStorageManager; |
Jeff Sharkey | 4a39936 | 2016-05-26 09:47:43 -0600 | [diff] [blame] | 55 | import android.os.storage.StorageManager; |
Paul Lawrence | 945490c | 2014-03-27 16:37:28 +0000 | [diff] [blame] | 56 | import android.os.ServiceManager; |
Jeff Sharkey | eddf518 | 2016-08-09 16:36:08 -0600 | [diff] [blame] | 57 | import android.os.StrictMode; |
Amith Yamasani | d1645f8 | 2012-06-12 11:53:26 -0700 | [diff] [blame] | 58 | import android.os.SystemProperties; |
Dianne Hackborn | f02b60a | 2012-08-16 10:48:27 -0700 | [diff] [blame] | 59 | import android.os.UserHandle; |
Jim Miller | 187ec58 | 2013-04-15 18:27:54 -0700 | [diff] [blame] | 60 | import android.os.UserManager; |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 61 | import android.provider.Settings; |
| 62 | import android.provider.Settings.Secure; |
Jim Miller | 187ec58 | 2013-04-15 18:27:54 -0700 | [diff] [blame] | 63 | import android.provider.Settings.SettingNotFoundException; |
Jim Miller | de1af08 | 2013-09-11 14:58:26 -0700 | [diff] [blame] | 64 | import android.security.KeyStore; |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 65 | import android.security.keystore.AndroidKeyStoreProvider; |
| 66 | import android.security.keystore.KeyProperties; |
| 67 | import android.security.keystore.KeyProtection; |
Andres Morales | 2397427 | 2015-05-14 22:42:26 -0700 | [diff] [blame] | 68 | import android.service.gatekeeper.GateKeeperResponse; |
Andres Morales | 8fa5665 | 2015-03-31 09:19:50 -0700 | [diff] [blame] | 69 | import android.service.gatekeeper.IGateKeeperService; |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 70 | import android.text.TextUtils; |
Jeff Sharkey | bd91e2f | 2016-03-22 15:32:31 -0600 | [diff] [blame] | 71 | import android.util.Log; |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 72 | import android.util.Slog; |
| 73 | |
Amith Yamasani | 072543f | 2015-02-13 11:09:45 -0800 | [diff] [blame] | 74 | import com.android.internal.util.ArrayUtils; |
Jorim Jaggi | e8fde5d | 2016-06-30 23:41:37 -0700 | [diff] [blame] | 75 | import com.android.internal.widget.ICheckCredentialProgressCallback; |
Jeff Sharkey | 7a96c39 | 2012-11-15 14:01:46 -0800 | [diff] [blame] | 76 | import com.android.internal.widget.ILockSettings; |
| 77 | import com.android.internal.widget.LockPatternUtils; |
Andres Morales | 2397427 | 2015-05-14 22:42:26 -0700 | [diff] [blame] | 78 | import com.android.internal.widget.VerifyCredentialResponse; |
Andres Morales | 8fa5665 | 2015-03-31 09:19:50 -0700 | [diff] [blame] | 79 | import com.android.server.LockSettingsStorage.CredentialHash; |
Jeff Sharkey | 7a96c39 | 2012-11-15 14:01:46 -0800 | [diff] [blame] | 80 | |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 81 | import libcore.util.HexEncoding; |
| 82 | |
| 83 | import java.io.ByteArrayOutputStream; |
Jorim Jaggi | 2fef6f7 | 2016-11-01 19:06:25 -0700 | [diff] [blame] | 84 | import java.io.FileDescriptor; |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 85 | import java.io.FileNotFoundException; |
| 86 | import java.io.IOException; |
Paul Crowley | faeb3eb | 2016-02-08 15:58:29 +0000 | [diff] [blame] | 87 | import java.nio.charset.StandardCharsets; |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 88 | import java.security.InvalidAlgorithmParameterException; |
| 89 | import java.security.InvalidKeyException; |
| 90 | import java.security.KeyStoreException; |
Paul Crowley | faeb3eb | 2016-02-08 15:58:29 +0000 | [diff] [blame] | 91 | import java.security.MessageDigest; |
| 92 | import java.security.NoSuchAlgorithmException; |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 93 | import java.security.SecureRandom; |
| 94 | import java.security.UnrecoverableKeyException; |
| 95 | import java.security.cert.CertificateException; |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 96 | import java.util.Arrays; |
Jim Miller | 187ec58 | 2013-04-15 18:27:54 -0700 | [diff] [blame] | 97 | import java.util.List; |
Jeff Sharkey | bd91e2f | 2016-03-22 15:32:31 -0600 | [diff] [blame] | 98 | import java.util.concurrent.CountDownLatch; |
| 99 | import java.util.concurrent.TimeUnit; |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 100 | |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 101 | import javax.crypto.BadPaddingException; |
| 102 | import javax.crypto.Cipher; |
| 103 | import javax.crypto.IllegalBlockSizeException; |
| 104 | import javax.crypto.KeyGenerator; |
| 105 | import javax.crypto.NoSuchPaddingException; |
| 106 | import javax.crypto.SecretKey; |
| 107 | import javax.crypto.spec.GCMParameterSpec; |
| 108 | |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 109 | /** |
| 110 | * Keeps the lock pattern/password data and related settings for each user. |
| 111 | * Used by LockPatternUtils. Needs to be a service because Settings app also needs |
| 112 | * to be able to save lockscreen information for secondary users. |
| 113 | * @hide |
| 114 | */ |
| 115 | public class LockSettingsService extends ILockSettings.Stub { |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 116 | private static final String TAG = "LockSettingsService"; |
Jim Miller | 4f93c58 | 2016-01-27 19:05:43 -0800 | [diff] [blame] | 117 | private static final String PERMISSION = ACCESS_KEYGUARD_SECURE_STORAGE; |
| 118 | private static final Intent ACTION_NULL; // hack to ensure notification shows the bouncer |
| 119 | private static final int FBE_ENCRYPTED_NOTIFICATION = 0; |
| 120 | private static final boolean DEBUG = false; |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 121 | |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 122 | private static final int PROFILE_KEY_IV_SIZE = 12; |
| 123 | private static final String SEPARATE_PROFILE_CHALLENGE_KEY = "lockscreen.profilechallenge"; |
| 124 | private final Object mSeparateChallengeLock = new Object(); |
| 125 | |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 126 | private final Context mContext; |
Ricky Wai | b0cdf38 | 2016-05-16 17:28:04 +0100 | [diff] [blame] | 127 | private final Handler mHandler; |
Adrian Roos | 261d5ab | 2014-10-29 14:42:38 +0100 | [diff] [blame] | 128 | private final LockSettingsStorage mStorage; |
Rakesh Iyer | a7aa4d6 | 2016-01-19 17:27:23 -0800 | [diff] [blame] | 129 | private final LockSettingsStrongAuth mStrongAuth; |
Victor Chang | a0940d3 | 2016-05-16 19:36:08 +0100 | [diff] [blame] | 130 | private final SynchronizedStrongAuthTracker mStrongAuthTracker; |
Adrian Roos | 261d5ab | 2014-10-29 14:42:38 +0100 | [diff] [blame] | 131 | |
Jim Miller | de1af08 | 2013-09-11 14:58:26 -0700 | [diff] [blame] | 132 | private LockPatternUtils mLockPatternUtils; |
Paul Lawrence | 945490c | 2014-03-27 16:37:28 +0000 | [diff] [blame] | 133 | private boolean mFirstCallToVold; |
Andres Morales | 8fa5665 | 2015-03-31 09:19:50 -0700 | [diff] [blame] | 134 | private IGateKeeperService mGateKeeperService; |
Jim Miller | 4f93c58 | 2016-01-27 19:05:43 -0800 | [diff] [blame] | 135 | private NotificationManager mNotificationManager; |
| 136 | private UserManager mUserManager; |
| 137 | |
Ricky Wai | 4613fe4 | 2016-05-24 11:11:42 +0100 | [diff] [blame] | 138 | private final KeyStore mKeyStore = KeyStore.getInstance(); |
| 139 | |
| 140 | /** |
| 141 | * The UIDs that are used for system credential storage in keystore. |
| 142 | */ |
| 143 | private static final int[] SYSTEM_CREDENTIAL_UIDS = {Process.WIFI_UID, Process.VPN_UID, |
| 144 | Process.ROOT_UID, Process.SYSTEM_UID}; |
| 145 | |
Jim Miller | 4f93c58 | 2016-01-27 19:05:43 -0800 | [diff] [blame] | 146 | static { |
| 147 | // Just launch the home screen, which happens anyway |
| 148 | ACTION_NULL = new Intent(Intent.ACTION_MAIN); |
| 149 | ACTION_NULL.addCategory(Intent.CATEGORY_HOME); |
| 150 | } |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 151 | |
Andres Morales | 2397427 | 2015-05-14 22:42:26 -0700 | [diff] [blame] | 152 | private interface CredentialUtil { |
| 153 | void setCredential(String credential, String savedCredential, int userId) |
| 154 | throws RemoteException; |
| 155 | byte[] toHash(String credential, int userId); |
Andres Morales | 59ef126 | 2015-06-26 13:56:39 -0700 | [diff] [blame] | 156 | String adjustForKeystore(String credential); |
Andres Morales | 2397427 | 2015-05-14 22:42:26 -0700 | [diff] [blame] | 157 | } |
| 158 | |
Jim Miller | 4f93c58 | 2016-01-27 19:05:43 -0800 | [diff] [blame] | 159 | // This class manages life cycle events for encrypted users on File Based Encryption (FBE) |
| 160 | // devices. The most basic of these is to show/hide notifications about missing features until |
| 161 | // the user unlocks the account and credential-encrypted storage is available. |
| 162 | public static final class Lifecycle extends SystemService { |
| 163 | private LockSettingsService mLockSettingsService; |
| 164 | |
| 165 | public Lifecycle(Context context) { |
| 166 | super(context); |
| 167 | } |
| 168 | |
| 169 | @Override |
| 170 | public void onStart() { |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 171 | AndroidKeyStoreProvider.install(); |
Jim Miller | 4f93c58 | 2016-01-27 19:05:43 -0800 | [diff] [blame] | 172 | mLockSettingsService = new LockSettingsService(getContext()); |
| 173 | publishBinderService("lock_settings", mLockSettingsService); |
| 174 | } |
| 175 | |
| 176 | @Override |
| 177 | public void onBootPhase(int phase) { |
| 178 | if (phase == SystemService.PHASE_ACTIVITY_MANAGER_READY) { |
Kenny Guy | b1b3026 | 2016-02-09 16:02:35 +0000 | [diff] [blame] | 179 | mLockSettingsService.maybeShowEncryptionNotifications(); |
Jim Miller | 4f93c58 | 2016-01-27 19:05:43 -0800 | [diff] [blame] | 180 | } else if (phase == SystemService.PHASE_BOOT_COMPLETED) { |
| 181 | // TODO |
| 182 | } |
| 183 | } |
| 184 | |
| 185 | @Override |
| 186 | public void onUnlockUser(int userHandle) { |
| 187 | mLockSettingsService.onUnlockUser(userHandle); |
| 188 | } |
| 189 | |
| 190 | @Override |
| 191 | public void onCleanupUser(int userHandle) { |
| 192 | mLockSettingsService.onCleanupUser(userHandle); |
| 193 | } |
| 194 | } |
| 195 | |
Victor Chang | a0940d3 | 2016-05-16 19:36:08 +0100 | [diff] [blame] | 196 | private class SynchronizedStrongAuthTracker extends LockPatternUtils.StrongAuthTracker { |
| 197 | public SynchronizedStrongAuthTracker(Context context) { |
| 198 | super(context); |
| 199 | } |
| 200 | |
| 201 | @Override |
| 202 | protected void handleStrongAuthRequiredChanged(int strongAuthFlags, int userId) { |
| 203 | synchronized (this) { |
| 204 | super.handleStrongAuthRequiredChanged(strongAuthFlags, userId); |
| 205 | } |
| 206 | } |
| 207 | |
| 208 | @Override |
| 209 | public int getStrongAuthForUser(int userId) { |
| 210 | synchronized (this) { |
| 211 | return super.getStrongAuthForUser(userId); |
| 212 | } |
| 213 | } |
| 214 | |
| 215 | void register() { |
| 216 | mStrongAuth.registerStrongAuthTracker(this.mStub); |
| 217 | } |
| 218 | } |
| 219 | |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 220 | /** |
| 221 | * Tie managed profile to primary profile if it is in unified mode and not tied before. |
| 222 | * |
| 223 | * @param managedUserId Managed profile user Id |
| 224 | * @param managedUserPassword Managed profile original password (when it has separated lock). |
| 225 | * NULL when it does not have a separated lock before. |
| 226 | */ |
| 227 | public void tieManagedProfileLockIfNecessary(int managedUserId, String managedUserPassword) { |
| 228 | if (DEBUG) Slog.v(TAG, "Check child profile lock for user: " + managedUserId); |
| 229 | // Only for managed profile |
| 230 | if (!UserManager.get(mContext).getUserInfo(managedUserId).isManagedProfile()) { |
| 231 | return; |
| 232 | } |
| 233 | // Do not tie managed profile when work challenge is enabled |
| 234 | if (mLockPatternUtils.isSeparateProfileChallengeEnabled(managedUserId)) { |
| 235 | return; |
| 236 | } |
| 237 | // Do not tie managed profile to parent when it's done already |
| 238 | if (mStorage.hasChildProfileLock(managedUserId)) { |
| 239 | return; |
| 240 | } |
| 241 | // Do not tie it to parent when parent does not have a screen lock |
| 242 | final int parentId = mUserManager.getProfileParent(managedUserId).id; |
| 243 | if (!mStorage.hasPassword(parentId) && !mStorage.hasPattern(parentId)) { |
| 244 | if (DEBUG) Slog.v(TAG, "Parent does not have a screen lock"); |
| 245 | return; |
| 246 | } |
Rubin Xu | bfc7faaf | 2016-11-22 15:18:32 +0000 | [diff] [blame] | 247 | // Do not tie when the parent has no SID (but does have a screen lock). |
| 248 | // This can only happen during an upgrade path where SID is yet to be |
| 249 | // generated when the user unlocks for the first time. |
| 250 | try { |
| 251 | if (getGateKeeperService().getSecureUserId(parentId) == 0) { |
| 252 | return; |
| 253 | } |
| 254 | } catch (RemoteException e) { |
| 255 | Slog.e(TAG, "Failed to talk to GateKeeper service", e); |
| 256 | return; |
| 257 | } |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 258 | if (DEBUG) Slog.v(TAG, "Tie managed profile to parent now!"); |
| 259 | byte[] randomLockSeed = new byte[] {}; |
| 260 | try { |
| 261 | randomLockSeed = SecureRandom.getInstance("SHA1PRNG").generateSeed(40); |
| 262 | String newPassword = String.valueOf(HexEncoding.encode(randomLockSeed)); |
| 263 | setLockPasswordInternal(newPassword, managedUserPassword, managedUserId); |
Ricky Wai | 7b9eb41 | 2016-05-12 17:29:12 +0100 | [diff] [blame] | 264 | // We store a private credential for the managed user that's unlocked by the primary |
| 265 | // account holder's credential. As such, the user will never be prompted to enter this |
| 266 | // password directly, so we always store a password. |
| 267 | setLong(LockPatternUtils.PASSWORD_TYPE_KEY, |
| 268 | DevicePolicyManager.PASSWORD_QUALITY_ALPHANUMERIC, managedUserId); |
Zach Jang | e61672a | 2016-11-22 17:47:18 +0000 | [diff] [blame] | 269 | tieProfileLockToParent(managedUserId, newPassword); |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 270 | } catch (NoSuchAlgorithmException | RemoteException e) { |
| 271 | Slog.e(TAG, "Fail to tie managed profile", e); |
| 272 | // Nothing client can do to fix this issue, so we do not throw exception out |
| 273 | } |
| 274 | } |
| 275 | |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 276 | public LockSettingsService(Context context) { |
| 277 | mContext = context; |
Ricky Wai | b0cdf38 | 2016-05-16 17:28:04 +0100 | [diff] [blame] | 278 | mHandler = new Handler(); |
Rakesh Iyer | a7aa4d6 | 2016-01-19 17:27:23 -0800 | [diff] [blame] | 279 | mStrongAuth = new LockSettingsStrongAuth(context); |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 280 | // Open the database |
Jim Miller | de1af08 | 2013-09-11 14:58:26 -0700 | [diff] [blame] | 281 | |
| 282 | mLockPatternUtils = new LockPatternUtils(context); |
Paul Lawrence | 945490c | 2014-03-27 16:37:28 +0000 | [diff] [blame] | 283 | mFirstCallToVold = true; |
Robin Lee | f0246a8 | 2014-08-13 09:50:25 +0100 | [diff] [blame] | 284 | |
| 285 | IntentFilter filter = new IntentFilter(); |
| 286 | filter.addAction(Intent.ACTION_USER_ADDED); |
Adrian Roos | 3dcae68 | 2014-10-29 14:43:56 +0100 | [diff] [blame] | 287 | filter.addAction(Intent.ACTION_USER_STARTING); |
Adrian Roos | db0f76e | 2015-01-07 22:19:38 +0100 | [diff] [blame] | 288 | filter.addAction(Intent.ACTION_USER_REMOVED); |
Robin Lee | f0246a8 | 2014-08-13 09:50:25 +0100 | [diff] [blame] | 289 | mContext.registerReceiverAsUser(mBroadcastReceiver, UserHandle.ALL, filter, null, null); |
Adrian Roos | 261d5ab | 2014-10-29 14:42:38 +0100 | [diff] [blame] | 290 | |
| 291 | mStorage = new LockSettingsStorage(context, new LockSettingsStorage.Callback() { |
| 292 | @Override |
| 293 | public void initialize(SQLiteDatabase db) { |
| 294 | // Get the lockscreen default from a system property, if available |
| 295 | boolean lockScreenDisable = SystemProperties.getBoolean( |
| 296 | "ro.lockscreen.disable.default", false); |
| 297 | if (lockScreenDisable) { |
| 298 | mStorage.writeKeyValue(db, LockPatternUtils.DISABLE_LOCKSCREEN_KEY, "1", 0); |
| 299 | } |
| 300 | } |
| 301 | }); |
Jim Miller | 4f93c58 | 2016-01-27 19:05:43 -0800 | [diff] [blame] | 302 | mNotificationManager = (NotificationManager) |
| 303 | mContext.getSystemService(Context.NOTIFICATION_SERVICE); |
| 304 | mUserManager = (UserManager) mContext.getSystemService(Context.USER_SERVICE); |
Victor Chang | a0940d3 | 2016-05-16 19:36:08 +0100 | [diff] [blame] | 305 | mStrongAuthTracker = new SynchronizedStrongAuthTracker(mContext); |
| 306 | mStrongAuthTracker.register(); |
| 307 | |
Jim Miller | 4f93c58 | 2016-01-27 19:05:43 -0800 | [diff] [blame] | 308 | } |
| 309 | |
| 310 | /** |
| 311 | * If the account is credential-encrypted, show notification requesting the user to unlock |
| 312 | * the device. |
| 313 | */ |
Kenny Guy | b1b3026 | 2016-02-09 16:02:35 +0000 | [diff] [blame] | 314 | private void maybeShowEncryptionNotifications() { |
| 315 | final List<UserInfo> users = mUserManager.getUsers(); |
| 316 | for (int i = 0; i < users.size(); i++) { |
| 317 | UserInfo user = users.get(i); |
| 318 | UserHandle userHandle = user.getUserHandle(); |
Ricky Wai | a8e3f77 | 2016-06-27 15:51:52 +0100 | [diff] [blame] | 319 | final boolean isSecure = mStorage.hasPassword(user.id) || mStorage.hasPattern(user.id); |
| 320 | if (isSecure && !mUserManager.isUserUnlockingOrUnlocked(userHandle)) { |
Kenny Guy | b1b3026 | 2016-02-09 16:02:35 +0000 | [diff] [blame] | 321 | if (!user.isManagedProfile()) { |
Jeff Sharkey | b6edaa9 | 2016-07-27 15:51:31 -0600 | [diff] [blame] | 322 | // When the user is locked, we communicate it loud-and-clear |
| 323 | // on the lockscreen; we only show a notification below for |
| 324 | // locked managed profiles. |
Kenny Guy | b1b3026 | 2016-02-09 16:02:35 +0000 | [diff] [blame] | 325 | } else { |
| 326 | UserInfo parent = mUserManager.getProfileParent(user.id); |
Benjamin Franz | f52709c | 2016-04-01 15:49:13 +0100 | [diff] [blame] | 327 | if (parent != null && |
Jeff Sharkey | ce18c81 | 2016-04-27 16:00:41 -0600 | [diff] [blame] | 328 | mUserManager.isUserUnlockingOrUnlocked(parent.getUserHandle()) && |
Benjamin Franz | f52709c | 2016-04-01 15:49:13 +0100 | [diff] [blame] | 329 | !mUserManager.isQuietModeEnabled(userHandle)) { |
Kenny Guy | b1b3026 | 2016-02-09 16:02:35 +0000 | [diff] [blame] | 330 | // Only show notifications for managed profiles once their parent |
| 331 | // user is unlocked. |
| 332 | showEncryptionNotificationForProfile(userHandle); |
| 333 | } |
Jim Miller | 4f93c58 | 2016-01-27 19:05:43 -0800 | [diff] [blame] | 334 | } |
| 335 | } |
Jim Miller | 4f93c58 | 2016-01-27 19:05:43 -0800 | [diff] [blame] | 336 | } |
| 337 | } |
| 338 | |
Kenny Guy | b1b3026 | 2016-02-09 16:02:35 +0000 | [diff] [blame] | 339 | private void showEncryptionNotificationForProfile(UserHandle user) { |
| 340 | Resources r = mContext.getResources(); |
| 341 | CharSequence title = r.getText( |
| 342 | com.android.internal.R.string.user_encrypted_title); |
| 343 | CharSequence message = r.getText( |
| 344 | com.android.internal.R.string.profile_encrypted_message); |
| 345 | CharSequence detail = r.getText( |
| 346 | com.android.internal.R.string.profile_encrypted_detail); |
| 347 | |
| 348 | final KeyguardManager km = (KeyguardManager) mContext.getSystemService(KEYGUARD_SERVICE); |
| 349 | final Intent unlockIntent = km.createConfirmDeviceCredentialIntent(null, null, user.getIdentifier()); |
| 350 | if (unlockIntent == null) { |
| 351 | return; |
| 352 | } |
| 353 | unlockIntent.setFlags(Intent.FLAG_ACTIVITY_NEW_TASK | Intent.FLAG_ACTIVITY_EXCLUDE_FROM_RECENTS); |
| 354 | PendingIntent intent = PendingIntent.getActivity(mContext, 0, unlockIntent, |
| 355 | PendingIntent.FLAG_UPDATE_CURRENT); |
| 356 | |
| 357 | showEncryptionNotification(user, title, message, detail, intent); |
| 358 | } |
| 359 | |
Kenny Guy | b1b3026 | 2016-02-09 16:02:35 +0000 | [diff] [blame] | 360 | private void showEncryptionNotification(UserHandle user, CharSequence title, CharSequence message, |
| 361 | CharSequence detail, PendingIntent intent) { |
| 362 | if (DEBUG) Slog.v(TAG, "showing encryption notification, user: " + user.getIdentifier()); |
Jeff Sharkey | 4a39936 | 2016-05-26 09:47:43 -0600 | [diff] [blame] | 363 | |
| 364 | // Suppress all notifications on non-FBE devices for now |
| 365 | if (!StorageManager.isFileEncryptedNativeOrEmulated()) return; |
| 366 | |
Jim Miller | 4f93c58 | 2016-01-27 19:05:43 -0800 | [diff] [blame] | 367 | Notification notification = new Notification.Builder(mContext) |
Jim Miller | b1135b7 | 2016-02-02 17:08:56 -0800 | [diff] [blame] | 368 | .setSmallIcon(com.android.internal.R.drawable.ic_user_secure) |
Jim Miller | 4f93c58 | 2016-01-27 19:05:43 -0800 | [diff] [blame] | 369 | .setWhen(0) |
| 370 | .setOngoing(true) |
| 371 | .setTicker(title) |
| 372 | .setDefaults(0) // please be quiet |
| 373 | .setPriority(Notification.PRIORITY_MAX) |
| 374 | .setColor(mContext.getColor( |
| 375 | com.android.internal.R.color.system_notification_accent_color)) |
| 376 | .setContentTitle(title) |
| 377 | .setContentText(message) |
Selim Cinek | 0f9dd1e | 2016-04-05 17:03:40 -0700 | [diff] [blame] | 378 | .setSubText(detail) |
Jim Miller | 4f93c58 | 2016-01-27 19:05:43 -0800 | [diff] [blame] | 379 | .setVisibility(Notification.VISIBILITY_PUBLIC) |
| 380 | .setContentIntent(intent) |
| 381 | .build(); |
| 382 | mNotificationManager.notifyAsUser(null, FBE_ENCRYPTED_NOTIFICATION, notification, user); |
| 383 | } |
| 384 | |
| 385 | public void hideEncryptionNotification(UserHandle userHandle) { |
| 386 | if (DEBUG) Slog.v(TAG, "hide encryption notification, user: "+ userHandle.getIdentifier()); |
| 387 | mNotificationManager.cancelAsUser(null, FBE_ENCRYPTED_NOTIFICATION, userHandle); |
| 388 | } |
| 389 | |
| 390 | public void onCleanupUser(int userId) { |
| 391 | hideEncryptionNotification(new UserHandle(userId)); |
| 392 | } |
| 393 | |
Ricky Wai | b0cdf38 | 2016-05-16 17:28:04 +0100 | [diff] [blame] | 394 | public void onUnlockUser(final int userId) { |
Ricky Wai | 8481258 | 2016-05-10 20:11:59 +0100 | [diff] [blame] | 395 | // Hide notification first, as tie managed profile lock takes time |
Kenny Guy | b1b3026 | 2016-02-09 16:02:35 +0000 | [diff] [blame] | 396 | hideEncryptionNotification(new UserHandle(userId)); |
Ricky Wai | b0cdf38 | 2016-05-16 17:28:04 +0100 | [diff] [blame] | 397 | |
| 398 | if (mUserManager.getUserInfo(userId).isManagedProfile()) { |
| 399 | // As tieManagedProfileLockIfNecessary() may try to unlock user, we should not do it |
| 400 | // in onUnlockUser() synchronously, otherwise it may cause a deadlock |
| 401 | mHandler.post(new Runnable() { |
| 402 | @Override |
| 403 | public void run() { |
| 404 | tieManagedProfileLockIfNecessary(userId, null); |
| 405 | } |
| 406 | }); |
| 407 | } |
Kenny Guy | b1b3026 | 2016-02-09 16:02:35 +0000 | [diff] [blame] | 408 | |
| 409 | // Now we have unlocked the parent user we should show notifications |
| 410 | // about any profiles that exist. |
| 411 | List<UserInfo> profiles = mUserManager.getProfiles(userId); |
| 412 | for (int i = 0; i < profiles.size(); i++) { |
| 413 | UserInfo profile = profiles.get(i); |
Ricky Wai | a8e3f77 | 2016-06-27 15:51:52 +0100 | [diff] [blame] | 414 | final boolean isSecure = |
| 415 | mStorage.hasPassword(profile.id) || mStorage.hasPattern(profile.id); |
| 416 | if (isSecure && profile.isManagedProfile()) { |
Kenny Guy | b1b3026 | 2016-02-09 16:02:35 +0000 | [diff] [blame] | 417 | UserHandle userHandle = profile.getUserHandle(); |
Jeff Sharkey | ce18c81 | 2016-04-27 16:00:41 -0600 | [diff] [blame] | 418 | if (!mUserManager.isUserUnlockingOrUnlocked(userHandle) && |
Benjamin Franz | f52709c | 2016-04-01 15:49:13 +0100 | [diff] [blame] | 419 | !mUserManager.isQuietModeEnabled(userHandle)) { |
Kenny Guy | b1b3026 | 2016-02-09 16:02:35 +0000 | [diff] [blame] | 420 | showEncryptionNotificationForProfile(userHandle); |
| 421 | } |
| 422 | } |
| 423 | } |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 424 | } |
| 425 | |
Robin Lee | f0246a8 | 2014-08-13 09:50:25 +0100 | [diff] [blame] | 426 | private final BroadcastReceiver mBroadcastReceiver = new BroadcastReceiver() { |
| 427 | @Override |
| 428 | public void onReceive(Context context, Intent intent) { |
Robin Lee | 1096cf8 | 2014-09-01 16:52:47 +0100 | [diff] [blame] | 429 | if (Intent.ACTION_USER_ADDED.equals(intent.getAction())) { |
Chad Brubaker | 83ce095 | 2015-05-12 13:00:02 -0700 | [diff] [blame] | 430 | // Notify keystore that a new user was added. |
Robin Lee | f0246a8 | 2014-08-13 09:50:25 +0100 | [diff] [blame] | 431 | final int userHandle = intent.getIntExtra(Intent.EXTRA_USER_HANDLE, 0); |
Amith Yamasani | f11a574 | 2016-06-16 08:20:07 -0700 | [diff] [blame] | 432 | if (userHandle > UserHandle.USER_SYSTEM) { |
| 433 | removeUser(userHandle, /* unknownUser= */ true); |
| 434 | } |
Robin Lee | 49d810c | 2014-09-23 13:50:22 +0100 | [diff] [blame] | 435 | final KeyStore ks = KeyStore.getInstance(); |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 436 | final UserInfo parentInfo = mUserManager.getProfileParent(userHandle); |
Chad Brubaker | 83ce095 | 2015-05-12 13:00:02 -0700 | [diff] [blame] | 437 | final int parentHandle = parentInfo != null ? parentInfo.id : -1; |
| 438 | ks.onUserAdded(userHandle, parentHandle); |
Adrian Roos | 3dcae68 | 2014-10-29 14:43:56 +0100 | [diff] [blame] | 439 | } else if (Intent.ACTION_USER_STARTING.equals(intent.getAction())) { |
| 440 | final int userHandle = intent.getIntExtra(Intent.EXTRA_USER_HANDLE, 0); |
| 441 | mStorage.prefetchUser(userHandle); |
Adrian Roos | db0f76e | 2015-01-07 22:19:38 +0100 | [diff] [blame] | 442 | } else if (Intent.ACTION_USER_REMOVED.equals(intent.getAction())) { |
| 443 | final int userHandle = intent.getIntExtra(Intent.EXTRA_USER_HANDLE, 0); |
| 444 | if (userHandle > 0) { |
Amith Yamasani | f11a574 | 2016-06-16 08:20:07 -0700 | [diff] [blame] | 445 | removeUser(userHandle, /* unknownUser= */ false); |
Adrian Roos | db0f76e | 2015-01-07 22:19:38 +0100 | [diff] [blame] | 446 | } |
Robin Lee | f0246a8 | 2014-08-13 09:50:25 +0100 | [diff] [blame] | 447 | } |
| 448 | } |
| 449 | }; |
| 450 | |
Jim Miller | 4f93c58 | 2016-01-27 19:05:43 -0800 | [diff] [blame] | 451 | @Override // binder interface |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 452 | public void systemReady() { |
| 453 | migrateOldData(); |
Andres Morales | 301ea44 | 2015-04-17 09:15:47 -0700 | [diff] [blame] | 454 | try { |
| 455 | getGateKeeperService(); |
| 456 | } catch (RemoteException e) { |
| 457 | Slog.e(TAG, "Failure retrieving IGateKeeperService", e); |
| 458 | } |
Xiaohui Chen | 7c69636 | 2015-09-16 09:56:14 -0700 | [diff] [blame] | 459 | // TODO: maybe skip this for split system user mode. |
| 460 | mStorage.prefetchUser(UserHandle.USER_SYSTEM); |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 461 | } |
| 462 | |
| 463 | private void migrateOldData() { |
| 464 | try { |
Jim Miller | 187ec58 | 2013-04-15 18:27:54 -0700 | [diff] [blame] | 465 | // These Settings moved before multi-user was enabled, so we only have to do it for the |
| 466 | // root user. |
| 467 | if (getString("migrated", null, 0) == null) { |
| 468 | final ContentResolver cr = mContext.getContentResolver(); |
| 469 | for (String validSetting : VALID_SETTINGS) { |
| 470 | String value = Settings.Secure.getString(cr, validSetting); |
| 471 | if (value != null) { |
| 472 | setString(validSetting, value, 0); |
| 473 | } |
| 474 | } |
| 475 | // No need to move the password / pattern files. They're already in the right place. |
| 476 | setString("migrated", "true", 0); |
| 477 | Slog.i(TAG, "Migrated lock settings to new location"); |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 478 | } |
| 479 | |
Jim Miller | 187ec58 | 2013-04-15 18:27:54 -0700 | [diff] [blame] | 480 | // These Settings changed after multi-user was enabled, hence need to be moved per user. |
| 481 | if (getString("migrated_user_specific", null, 0) == null) { |
Jim Miller | 187ec58 | 2013-04-15 18:27:54 -0700 | [diff] [blame] | 482 | final ContentResolver cr = mContext.getContentResolver(); |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 483 | List<UserInfo> users = mUserManager.getUsers(); |
Jim Miller | 187ec58 | 2013-04-15 18:27:54 -0700 | [diff] [blame] | 484 | for (int user = 0; user < users.size(); user++) { |
Jim Miller | 2d8ecf9d | 2013-04-22 17:17:03 -0700 | [diff] [blame] | 485 | // Migrate owner info |
| 486 | final int userId = users.get(user).id; |
| 487 | final String OWNER_INFO = Secure.LOCK_SCREEN_OWNER_INFO; |
| 488 | String ownerInfo = Settings.Secure.getStringForUser(cr, OWNER_INFO, userId); |
Jim Miller | 325c567 | 2016-03-01 19:21:47 -0800 | [diff] [blame] | 489 | if (!TextUtils.isEmpty(ownerInfo)) { |
Jim Miller | 2d8ecf9d | 2013-04-22 17:17:03 -0700 | [diff] [blame] | 490 | setString(OWNER_INFO, ownerInfo, userId); |
Jim Miller | 325c567 | 2016-03-01 19:21:47 -0800 | [diff] [blame] | 491 | Settings.Secure.putStringForUser(cr, OWNER_INFO, "", userId); |
Jim Miller | 2d8ecf9d | 2013-04-22 17:17:03 -0700 | [diff] [blame] | 492 | } |
Jim Miller | 187ec58 | 2013-04-15 18:27:54 -0700 | [diff] [blame] | 493 | |
Jim Miller | 2d8ecf9d | 2013-04-22 17:17:03 -0700 | [diff] [blame] | 494 | // Migrate owner info enabled. Note there was a bug where older platforms only |
| 495 | // stored this value if the checkbox was toggled at least once. The code detects |
| 496 | // this case by handling the exception. |
| 497 | final String OWNER_INFO_ENABLED = Secure.LOCK_SCREEN_OWNER_INFO_ENABLED; |
| 498 | boolean enabled; |
| 499 | try { |
| 500 | int ivalue = Settings.Secure.getIntForUser(cr, OWNER_INFO_ENABLED, userId); |
| 501 | enabled = ivalue != 0; |
| 502 | setLong(OWNER_INFO_ENABLED, enabled ? 1 : 0, userId); |
| 503 | } catch (SettingNotFoundException e) { |
| 504 | // Setting was never stored. Store it if the string is not empty. |
| 505 | if (!TextUtils.isEmpty(ownerInfo)) { |
| 506 | setLong(OWNER_INFO_ENABLED, 1, userId); |
Jim Miller | 187ec58 | 2013-04-15 18:27:54 -0700 | [diff] [blame] | 507 | } |
| 508 | } |
Jim Miller | 2d8ecf9d | 2013-04-22 17:17:03 -0700 | [diff] [blame] | 509 | Settings.Secure.putIntForUser(cr, OWNER_INFO_ENABLED, 0, userId); |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 510 | } |
Jim Miller | 187ec58 | 2013-04-15 18:27:54 -0700 | [diff] [blame] | 511 | // No need to move the password / pattern files. They're already in the right place. |
| 512 | setString("migrated_user_specific", "true", 0); |
| 513 | Slog.i(TAG, "Migrated per-user lock settings to new location"); |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 514 | } |
Adrian Roos | 230635e | 2015-01-07 20:50:29 +0100 | [diff] [blame] | 515 | |
| 516 | // Migrates biometric weak such that the fallback mechanism becomes the primary. |
| 517 | if (getString("migrated_biometric_weak", null, 0) == null) { |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 518 | List<UserInfo> users = mUserManager.getUsers(); |
Adrian Roos | 230635e | 2015-01-07 20:50:29 +0100 | [diff] [blame] | 519 | for (int i = 0; i < users.size(); i++) { |
| 520 | int userId = users.get(i).id; |
| 521 | long type = getLong(LockPatternUtils.PASSWORD_TYPE_KEY, |
| 522 | DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED, |
| 523 | userId); |
| 524 | long alternateType = getLong(LockPatternUtils.PASSWORD_TYPE_ALTERNATE_KEY, |
| 525 | DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED, |
| 526 | userId); |
| 527 | if (type == DevicePolicyManager.PASSWORD_QUALITY_BIOMETRIC_WEAK) { |
| 528 | setLong(LockPatternUtils.PASSWORD_TYPE_KEY, |
| 529 | alternateType, |
| 530 | userId); |
| 531 | } |
| 532 | setLong(LockPatternUtils.PASSWORD_TYPE_ALTERNATE_KEY, |
| 533 | DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED, |
| 534 | userId); |
| 535 | } |
| 536 | setString("migrated_biometric_weak", "true", 0); |
| 537 | Slog.i(TAG, "Migrated biometric weak to use the fallback instead"); |
| 538 | } |
Adrian Roos | 4383058 | 2015-04-21 16:04:43 -0700 | [diff] [blame] | 539 | |
| 540 | // Migrates lockscreen.disabled. Prior to M, the flag was ignored when more than one |
| 541 | // user was present on the system, so if we're upgrading to M and there is more than one |
| 542 | // user we disable the flag to remain consistent. |
| 543 | if (getString("migrated_lockscreen_disabled", null, 0) == null) { |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 544 | final List<UserInfo> users = mUserManager.getUsers(); |
Adrian Roos | 4383058 | 2015-04-21 16:04:43 -0700 | [diff] [blame] | 545 | final int userCount = users.size(); |
| 546 | int switchableUsers = 0; |
| 547 | for (int i = 0; i < userCount; i++) { |
| 548 | if (users.get(i).supportsSwitchTo()) { |
| 549 | switchableUsers++; |
| 550 | } |
| 551 | } |
| 552 | |
| 553 | if (switchableUsers > 1) { |
| 554 | for (int i = 0; i < userCount; i++) { |
| 555 | int id = users.get(i).id; |
| 556 | |
| 557 | if (getBoolean(LockPatternUtils.DISABLE_LOCKSCREEN_KEY, false, id)) { |
| 558 | setBoolean(LockPatternUtils.DISABLE_LOCKSCREEN_KEY, false, id); |
| 559 | } |
| 560 | } |
| 561 | } |
| 562 | |
| 563 | setString("migrated_lockscreen_disabled", "true", 0); |
| 564 | Slog.i(TAG, "Migrated lockscreen disabled flag"); |
| 565 | } |
Ricky Wai | 7b9eb41 | 2016-05-12 17:29:12 +0100 | [diff] [blame] | 566 | |
| 567 | final List<UserInfo> users = mUserManager.getUsers(); |
| 568 | for (int i = 0; i < users.size(); i++) { |
| 569 | final UserInfo userInfo = users.get(i); |
| 570 | if (userInfo.isManagedProfile() && mStorage.hasChildProfileLock(userInfo.id)) { |
| 571 | // When managed profile has a unified lock, the password quality stored has 2 |
| 572 | // possibilities only. |
| 573 | // 1). PASSWORD_QUALITY_UNSPECIFIED, which is upgraded from dp2, and we are |
| 574 | // going to set it back to PASSWORD_QUALITY_ALPHANUMERIC. |
| 575 | // 2). PASSWORD_QUALITY_ALPHANUMERIC, which is the actual password quality for |
| 576 | // unified lock. |
| 577 | final long quality = getLong(LockPatternUtils.PASSWORD_TYPE_KEY, |
| 578 | DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED, userInfo.id); |
| 579 | if (quality == DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED) { |
| 580 | // Only possible when it's upgraded from nyc dp3 |
| 581 | Slog.i(TAG, "Migrated tied profile lock type"); |
| 582 | setLong(LockPatternUtils.PASSWORD_TYPE_KEY, |
| 583 | DevicePolicyManager.PASSWORD_QUALITY_ALPHANUMERIC, userInfo.id); |
| 584 | } else if (quality != DevicePolicyManager.PASSWORD_QUALITY_ALPHANUMERIC) { |
| 585 | // It should not happen |
| 586 | Slog.e(TAG, "Invalid tied profile lock type: " + quality); |
| 587 | } |
| 588 | } |
Ricky Wai | 97c8f8d | 2016-07-13 17:57:45 +0100 | [diff] [blame] | 589 | try { |
| 590 | final String alias = LockPatternUtils.PROFILE_KEY_NAME_ENCRYPT + userInfo.id; |
| 591 | java.security.KeyStore keyStore = |
| 592 | java.security.KeyStore.getInstance("AndroidKeyStore"); |
| 593 | keyStore.load(null); |
| 594 | if (keyStore.containsAlias(alias)) { |
| 595 | keyStore.deleteEntry(alias); |
| 596 | } |
| 597 | } catch (KeyStoreException | NoSuchAlgorithmException | |
| 598 | CertificateException | IOException e) { |
| 599 | Slog.e(TAG, "Unable to remove tied profile key", e); |
| 600 | } |
Ricky Wai | 7b9eb41 | 2016-05-12 17:29:12 +0100 | [diff] [blame] | 601 | } |
Greg Plesur | eb2e453 | 2016-11-02 17:10:27 -0400 | [diff] [blame] | 602 | |
| 603 | boolean isWatch = mContext.getPackageManager().hasSystemFeature( |
| 604 | PackageManager.FEATURE_WATCH); |
| 605 | // Wear used to set DISABLE_LOCKSCREEN to 'true', but because Wear now allows accounts |
| 606 | // and device management the lockscreen must be re-enabled now for users that upgrade. |
| 607 | if (isWatch && getString("migrated_wear_lockscreen_disabled", null, 0) == null) { |
| 608 | final int userCount = users.size(); |
| 609 | for (int i = 0; i < userCount; i++) { |
| 610 | int id = users.get(i).id; |
| 611 | setBoolean(LockPatternUtils.DISABLE_LOCKSCREEN_KEY, false, id); |
| 612 | } |
| 613 | setString("migrated_wear_lockscreen_disabled", "true", 0); |
| 614 | Slog.i(TAG, "Migrated lockscreen_disabled for Wear devices"); |
| 615 | } |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 616 | } catch (RemoteException re) { |
Jim Miller | 187ec58 | 2013-04-15 18:27:54 -0700 | [diff] [blame] | 617 | Slog.e(TAG, "Unable to migrate old data", re); |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 618 | } |
| 619 | } |
| 620 | |
Jim Miller | 5ecd811 | 2013-01-09 18:50:26 -0800 | [diff] [blame] | 621 | private final void checkWritePermission(int userId) { |
Jim Miller | 505329b | 2013-11-08 13:25:36 -0800 | [diff] [blame] | 622 | mContext.enforceCallingOrSelfPermission(PERMISSION, "LockSettingsWrite"); |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 623 | } |
| 624 | |
Jim Miller | 5ecd811 | 2013-01-09 18:50:26 -0800 | [diff] [blame] | 625 | private final void checkPasswordReadPermission(int userId) { |
Jim Miller | 505329b | 2013-11-08 13:25:36 -0800 | [diff] [blame] | 626 | mContext.enforceCallingOrSelfPermission(PERMISSION, "LockSettingsRead"); |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 627 | } |
| 628 | |
Jim Miller | 158fe19 | 2013-04-17 15:23:55 -0700 | [diff] [blame] | 629 | private final void checkReadPermission(String requestedKey, int userId) { |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 630 | final int callingUid = Binder.getCallingUid(); |
Adrian Roos | 001b00d | 2015-02-24 17:08:48 +0100 | [diff] [blame] | 631 | |
Svetoslav Ganov | 6d2c0e5 | 2015-06-23 16:33:36 +0000 | [diff] [blame] | 632 | for (int i = 0; i < READ_CONTACTS_PROTECTED_SETTINGS.length; i++) { |
| 633 | String key = READ_CONTACTS_PROTECTED_SETTINGS[i]; |
| 634 | if (key.equals(requestedKey) && mContext.checkCallingOrSelfPermission(READ_CONTACTS) |
Jim Miller | 158fe19 | 2013-04-17 15:23:55 -0700 | [diff] [blame] | 635 | != PackageManager.PERMISSION_GRANTED) { |
| 636 | throw new SecurityException("uid=" + callingUid |
Svetoslav Ganov | 6d2c0e5 | 2015-06-23 16:33:36 +0000 | [diff] [blame] | 637 | + " needs permission " + READ_CONTACTS + " to read " |
Jim Miller | 158fe19 | 2013-04-17 15:23:55 -0700 | [diff] [blame] | 638 | + requestedKey + " for user " + userId); |
| 639 | } |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 640 | } |
Adrian Roos | 001b00d | 2015-02-24 17:08:48 +0100 | [diff] [blame] | 641 | |
| 642 | for (int i = 0; i < READ_PASSWORD_PROTECTED_SETTINGS.length; i++) { |
| 643 | String key = READ_PASSWORD_PROTECTED_SETTINGS[i]; |
| 644 | if (key.equals(requestedKey) && mContext.checkCallingOrSelfPermission(PERMISSION) |
| 645 | != PackageManager.PERMISSION_GRANTED) { |
| 646 | throw new SecurityException("uid=" + callingUid |
| 647 | + " needs permission " + PERMISSION + " to read " |
| 648 | + requestedKey + " for user " + userId); |
| 649 | } |
| 650 | } |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 651 | } |
| 652 | |
| 653 | @Override |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 654 | public boolean getSeparateProfileChallengeEnabled(int userId) throws RemoteException { |
Ricky Wai | 7f405f1 | 2016-05-31 12:05:05 +0100 | [diff] [blame] | 655 | checkReadPermission(SEPARATE_PROFILE_CHALLENGE_KEY, userId); |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 656 | synchronized (mSeparateChallengeLock) { |
| 657 | return getBoolean(SEPARATE_PROFILE_CHALLENGE_KEY, false, userId); |
| 658 | } |
| 659 | } |
| 660 | |
| 661 | @Override |
| 662 | public void setSeparateProfileChallengeEnabled(int userId, boolean enabled, |
| 663 | String managedUserPassword) throws RemoteException { |
Ricky Wai | 7f405f1 | 2016-05-31 12:05:05 +0100 | [diff] [blame] | 664 | checkWritePermission(userId); |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 665 | synchronized (mSeparateChallengeLock) { |
| 666 | setBoolean(SEPARATE_PROFILE_CHALLENGE_KEY, enabled, userId); |
| 667 | if (enabled) { |
| 668 | mStorage.removeChildProfileLock(userId); |
| 669 | removeKeystoreProfileKey(userId); |
| 670 | } else { |
| 671 | tieManagedProfileLockIfNecessary(userId, managedUserPassword); |
| 672 | } |
| 673 | } |
| 674 | } |
| 675 | |
| 676 | @Override |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 677 | public void setBoolean(String key, boolean value, int userId) throws RemoteException { |
| 678 | checkWritePermission(userId); |
Adrian Roos | 261d5ab | 2014-10-29 14:42:38 +0100 | [diff] [blame] | 679 | setStringUnchecked(key, userId, value ? "1" : "0"); |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 680 | } |
| 681 | |
| 682 | @Override |
| 683 | public void setLong(String key, long value, int userId) throws RemoteException { |
| 684 | checkWritePermission(userId); |
Adrian Roos | 261d5ab | 2014-10-29 14:42:38 +0100 | [diff] [blame] | 685 | setStringUnchecked(key, userId, Long.toString(value)); |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 686 | } |
| 687 | |
| 688 | @Override |
| 689 | public void setString(String key, String value, int userId) throws RemoteException { |
| 690 | checkWritePermission(userId); |
Adrian Roos | 261d5ab | 2014-10-29 14:42:38 +0100 | [diff] [blame] | 691 | setStringUnchecked(key, userId, value); |
| 692 | } |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 693 | |
Adrian Roos | 261d5ab | 2014-10-29 14:42:38 +0100 | [diff] [blame] | 694 | private void setStringUnchecked(String key, int userId, String value) { |
| 695 | mStorage.writeKeyValue(key, value, userId); |
Amith Yamasani | 072543f | 2015-02-13 11:09:45 -0800 | [diff] [blame] | 696 | if (ArrayUtils.contains(SETTINGS_TO_BACKUP, key)) { |
| 697 | BackupManager.dataChanged("com.android.providers.settings"); |
| 698 | } |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 699 | } |
| 700 | |
| 701 | @Override |
| 702 | public boolean getBoolean(String key, boolean defaultValue, int userId) throws RemoteException { |
Jim Miller | 158fe19 | 2013-04-17 15:23:55 -0700 | [diff] [blame] | 703 | checkReadPermission(key, userId); |
Adrian Roos | 9dd16eb | 2015-01-08 16:20:49 +0100 | [diff] [blame] | 704 | String value = getStringUnchecked(key, null, userId); |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 705 | return TextUtils.isEmpty(value) ? |
| 706 | defaultValue : (value.equals("1") || value.equals("true")); |
| 707 | } |
| 708 | |
| 709 | @Override |
| 710 | public long getLong(String key, long defaultValue, int userId) throws RemoteException { |
Jim Miller | 158fe19 | 2013-04-17 15:23:55 -0700 | [diff] [blame] | 711 | checkReadPermission(key, userId); |
Adrian Roos | 9dd16eb | 2015-01-08 16:20:49 +0100 | [diff] [blame] | 712 | String value = getStringUnchecked(key, null, userId); |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 713 | return TextUtils.isEmpty(value) ? defaultValue : Long.parseLong(value); |
| 714 | } |
| 715 | |
| 716 | @Override |
| 717 | public String getString(String key, String defaultValue, int userId) throws RemoteException { |
Jim Miller | 158fe19 | 2013-04-17 15:23:55 -0700 | [diff] [blame] | 718 | checkReadPermission(key, userId); |
Adrian Roos | 9dd16eb | 2015-01-08 16:20:49 +0100 | [diff] [blame] | 719 | return getStringUnchecked(key, defaultValue, userId); |
| 720 | } |
| 721 | |
| 722 | public String getStringUnchecked(String key, String defaultValue, int userId) { |
| 723 | if (Settings.Secure.LOCK_PATTERN_ENABLED.equals(key)) { |
Adrian Roos | 7811d9f | 2015-07-27 15:10:13 -0700 | [diff] [blame] | 724 | long ident = Binder.clearCallingIdentity(); |
| 725 | try { |
| 726 | return mLockPatternUtils.isLockPatternEnabled(userId) ? "1" : "0"; |
| 727 | } finally { |
| 728 | Binder.restoreCallingIdentity(ident); |
| 729 | } |
Adrian Roos | 9dd16eb | 2015-01-08 16:20:49 +0100 | [diff] [blame] | 730 | } |
| 731 | |
Bryce Lee | 4614596 | 2015-12-14 14:39:10 -0800 | [diff] [blame] | 732 | if (LockPatternUtils.LEGACY_LOCK_PATTERN_ENABLED.equals(key)) { |
| 733 | key = Settings.Secure.LOCK_PATTERN_ENABLED; |
| 734 | } |
| 735 | |
Adrian Roos | 261d5ab | 2014-10-29 14:42:38 +0100 | [diff] [blame] | 736 | return mStorage.readKeyValue(key, defaultValue, userId); |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 737 | } |
| 738 | |
Adrian Roos | 4f78845 | 2014-05-22 20:45:59 +0200 | [diff] [blame] | 739 | @Override |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 740 | public boolean havePassword(int userId) throws RemoteException { |
| 741 | // Do we need a permissions check here? |
Adrian Roos | 261d5ab | 2014-10-29 14:42:38 +0100 | [diff] [blame] | 742 | return mStorage.hasPassword(userId); |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 743 | } |
| 744 | |
| 745 | @Override |
| 746 | public boolean havePattern(int userId) throws RemoteException { |
| 747 | // Do we need a permissions check here? |
Adrian Roos | 261d5ab | 2014-10-29 14:42:38 +0100 | [diff] [blame] | 748 | return mStorage.hasPattern(userId); |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 749 | } |
| 750 | |
Chad Brubaker | a91a850 | 2015-05-07 10:02:22 -0700 | [diff] [blame] | 751 | private void setKeystorePassword(String password, int userHandle) { |
Robin Lee | f0246a8 | 2014-08-13 09:50:25 +0100 | [diff] [blame] | 752 | final KeyStore ks = KeyStore.getInstance(); |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 753 | ks.onUserPasswordChanged(userHandle, password); |
Chad Brubaker | a91a850 | 2015-05-07 10:02:22 -0700 | [diff] [blame] | 754 | } |
| 755 | |
| 756 | private void unlockKeystore(String password, int userHandle) { |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 757 | if (DEBUG) Slog.v(TAG, "Unlock keystore for user: " + userHandle); |
Chad Brubaker | a91a850 | 2015-05-07 10:02:22 -0700 | [diff] [blame] | 758 | final KeyStore ks = KeyStore.getInstance(); |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 759 | ks.unlock(userHandle, password); |
| 760 | } |
Chad Brubaker | a91a850 | 2015-05-07 10:02:22 -0700 | [diff] [blame] | 761 | |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 762 | private String getDecryptedPasswordForTiedProfile(int userId) |
| 763 | throws KeyStoreException, UnrecoverableKeyException, |
| 764 | NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, |
| 765 | InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException, |
| 766 | CertificateException, IOException { |
Ricky Wai | 4613fe4 | 2016-05-24 11:11:42 +0100 | [diff] [blame] | 767 | if (DEBUG) Slog.v(TAG, "Get child profile decrytped key"); |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 768 | byte[] storedData = mStorage.readChildProfileLock(userId); |
| 769 | if (storedData == null) { |
| 770 | throw new FileNotFoundException("Child profile lock file not found"); |
| 771 | } |
| 772 | byte[] iv = Arrays.copyOfRange(storedData, 0, PROFILE_KEY_IV_SIZE); |
| 773 | byte[] encryptedPassword = Arrays.copyOfRange(storedData, PROFILE_KEY_IV_SIZE, |
| 774 | storedData.length); |
| 775 | byte[] decryptionResult; |
| 776 | java.security.KeyStore keyStore = java.security.KeyStore.getInstance("AndroidKeyStore"); |
| 777 | keyStore.load(null); |
| 778 | SecretKey decryptionKey = (SecretKey) keyStore.getKey( |
Ricky Wai | d398244 | 2016-05-24 19:27:08 +0100 | [diff] [blame] | 779 | LockPatternUtils.PROFILE_KEY_NAME_DECRYPT + userId, null); |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 780 | |
| 781 | Cipher cipher = Cipher.getInstance(KeyProperties.KEY_ALGORITHM_AES + "/" |
| 782 | + KeyProperties.BLOCK_MODE_GCM + "/" + KeyProperties.ENCRYPTION_PADDING_NONE); |
| 783 | |
| 784 | cipher.init(Cipher.DECRYPT_MODE, decryptionKey, new GCMParameterSpec(128, iv)); |
| 785 | decryptionResult = cipher.doFinal(encryptedPassword); |
| 786 | return new String(decryptionResult, StandardCharsets.UTF_8); |
| 787 | } |
| 788 | |
| 789 | private void unlockChildProfile(int profileHandle) throws RemoteException { |
| 790 | try { |
| 791 | doVerifyPassword(getDecryptedPasswordForTiedProfile(profileHandle), false, |
Jorim Jaggi | e8fde5d | 2016-06-30 23:41:37 -0700 | [diff] [blame] | 792 | 0 /* no challenge */, profileHandle, null /* progressCallback */); |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 793 | } catch (UnrecoverableKeyException | InvalidKeyException | KeyStoreException |
| 794 | | NoSuchAlgorithmException | NoSuchPaddingException |
| 795 | | InvalidAlgorithmParameterException | IllegalBlockSizeException |
| 796 | | BadPaddingException | CertificateException | IOException e) { |
| 797 | if (e instanceof FileNotFoundException) { |
| 798 | Slog.i(TAG, "Child profile key not found"); |
Clara Bayarri | 0a587d2 | 2016-02-23 14:49:41 -0800 | [diff] [blame] | 799 | } else { |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 800 | Slog.e(TAG, "Failed to decrypt child profile key", e); |
Clara Bayarri | 0a587d2 | 2016-02-23 14:49:41 -0800 | [diff] [blame] | 801 | } |
Jim Miller | de1af08 | 2013-09-11 14:58:26 -0700 | [diff] [blame] | 802 | } |
| 803 | } |
| 804 | |
Paul Crowley | faeb3eb | 2016-02-08 15:58:29 +0000 | [diff] [blame] | 805 | private void unlockUser(int userId, byte[] token, byte[] secret) { |
Jeff Sharkey | bd91e2f | 2016-03-22 15:32:31 -0600 | [diff] [blame] | 806 | // TODO: make this method fully async so we can update UI with progress strings |
| 807 | final CountDownLatch latch = new CountDownLatch(1); |
| 808 | final IProgressListener listener = new IProgressListener.Stub() { |
| 809 | @Override |
| 810 | public void onStarted(int id, Bundle extras) throws RemoteException { |
Jeff Sharkey | fd24108 | 2016-04-19 15:58:24 -0600 | [diff] [blame] | 811 | Log.d(TAG, "unlockUser started"); |
Jeff Sharkey | bd91e2f | 2016-03-22 15:32:31 -0600 | [diff] [blame] | 812 | } |
| 813 | |
| 814 | @Override |
| 815 | public void onProgress(int id, int progress, Bundle extras) throws RemoteException { |
Jeff Sharkey | fd24108 | 2016-04-19 15:58:24 -0600 | [diff] [blame] | 816 | Log.d(TAG, "unlockUser progress " + progress); |
Jeff Sharkey | bd91e2f | 2016-03-22 15:32:31 -0600 | [diff] [blame] | 817 | } |
| 818 | |
| 819 | @Override |
| 820 | public void onFinished(int id, Bundle extras) throws RemoteException { |
Jeff Sharkey | fd24108 | 2016-04-19 15:58:24 -0600 | [diff] [blame] | 821 | Log.d(TAG, "unlockUser finished"); |
Jeff Sharkey | bd91e2f | 2016-03-22 15:32:31 -0600 | [diff] [blame] | 822 | latch.countDown(); |
| 823 | } |
| 824 | }; |
| 825 | |
Jeff Sharkey | 8924e87 | 2015-11-30 12:52:10 -0700 | [diff] [blame] | 826 | try { |
Sudheer Shanka | dc589ac | 2016-11-10 15:30:17 -0800 | [diff] [blame] | 827 | ActivityManager.getService().unlockUser(userId, token, secret, listener); |
Jeff Sharkey | 8924e87 | 2015-11-30 12:52:10 -0700 | [diff] [blame] | 828 | } catch (RemoteException e) { |
| 829 | throw e.rethrowAsRuntimeException(); |
| 830 | } |
Jeff Sharkey | bd91e2f | 2016-03-22 15:32:31 -0600 | [diff] [blame] | 831 | |
| 832 | try { |
| 833 | latch.await(15, TimeUnit.SECONDS); |
| 834 | } catch (InterruptedException e) { |
| 835 | Thread.currentThread().interrupt(); |
| 836 | } |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 837 | try { |
| 838 | if (!mUserManager.getUserInfo(userId).isManagedProfile()) { |
| 839 | final List<UserInfo> profiles = mUserManager.getProfiles(userId); |
| 840 | for (UserInfo pi : profiles) { |
| 841 | // Unlock managed profile with unified lock |
| 842 | if (pi.isManagedProfile() |
| 843 | && !mLockPatternUtils.isSeparateProfileChallengeEnabled(pi.id) |
| 844 | && mStorage.hasChildProfileLock(pi.id)) { |
| 845 | unlockChildProfile(pi.id); |
| 846 | } |
| 847 | } |
| 848 | } |
| 849 | } catch (RemoteException e) { |
| 850 | Log.d(TAG, "Failed to unlock child profile", e); |
| 851 | } |
Jeff Sharkey | 8924e87 | 2015-11-30 12:52:10 -0700 | [diff] [blame] | 852 | } |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 853 | |
Andres Morales | 8fa5665 | 2015-03-31 09:19:50 -0700 | [diff] [blame] | 854 | private byte[] getCurrentHandle(int userId) { |
| 855 | CredentialHash credential; |
| 856 | byte[] currentHandle; |
Jim Miller | de1af08 | 2013-09-11 14:58:26 -0700 | [diff] [blame] | 857 | |
Andres Morales | 8fa5665 | 2015-03-31 09:19:50 -0700 | [diff] [blame] | 858 | int currentHandleType = mStorage.getStoredCredentialType(userId); |
| 859 | switch (currentHandleType) { |
| 860 | case CredentialHash.TYPE_PATTERN: |
| 861 | credential = mStorage.readPatternHash(userId); |
| 862 | currentHandle = credential != null |
| 863 | ? credential.hash |
| 864 | : null; |
| 865 | break; |
| 866 | case CredentialHash.TYPE_PASSWORD: |
| 867 | credential = mStorage.readPasswordHash(userId); |
| 868 | currentHandle = credential != null |
| 869 | ? credential.hash |
| 870 | : null; |
| 871 | break; |
| 872 | case CredentialHash.TYPE_NONE: |
| 873 | default: |
| 874 | currentHandle = null; |
| 875 | break; |
| 876 | } |
| 877 | |
| 878 | // sanity check |
| 879 | if (currentHandleType != CredentialHash.TYPE_NONE && currentHandle == null) { |
| 880 | Slog.e(TAG, "Stored handle type [" + currentHandleType + "] but no handle available"); |
| 881 | } |
| 882 | |
| 883 | return currentHandle; |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 884 | } |
| 885 | |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 886 | private void onUserLockChanged(int userId) throws RemoteException { |
| 887 | if (mUserManager.getUserInfo(userId).isManagedProfile()) { |
| 888 | return; |
| 889 | } |
| 890 | final boolean isSecure = mStorage.hasPassword(userId) || mStorage.hasPattern(userId); |
| 891 | final List<UserInfo> profiles = mUserManager.getProfiles(userId); |
| 892 | final int size = profiles.size(); |
| 893 | for (int i = 0; i < size; i++) { |
| 894 | final UserInfo profile = profiles.get(i); |
| 895 | if (profile.isManagedProfile()) { |
| 896 | final int managedUserId = profile.id; |
| 897 | if (mLockPatternUtils.isSeparateProfileChallengeEnabled(managedUserId)) { |
| 898 | continue; |
| 899 | } |
| 900 | if (isSecure) { |
| 901 | tieManagedProfileLockIfNecessary(managedUserId, null); |
| 902 | } else { |
Paul Crowley | cc70155 | 2016-05-17 14:18:49 -0700 | [diff] [blame] | 903 | clearUserKeyProtection(managedUserId); |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 904 | getGateKeeperService().clearSecureUserId(managedUserId); |
| 905 | mStorage.writePatternHash(null, managedUserId); |
| 906 | setKeystorePassword(null, managedUserId); |
Paul Crowley | cc70155 | 2016-05-17 14:18:49 -0700 | [diff] [blame] | 907 | fixateNewestUserKeyAuth(managedUserId); |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 908 | mStorage.removeChildProfileLock(managedUserId); |
| 909 | removeKeystoreProfileKey(managedUserId); |
| 910 | } |
| 911 | } |
| 912 | } |
| 913 | } |
Andres Morales | 8fa5665 | 2015-03-31 09:19:50 -0700 | [diff] [blame] | 914 | |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 915 | private boolean isManagedProfileWithUnifiedLock(int userId) { |
| 916 | return mUserManager.getUserInfo(userId).isManagedProfile() |
| 917 | && !mLockPatternUtils.isSeparateProfileChallengeEnabled(userId); |
| 918 | } |
| 919 | |
| 920 | private boolean isManagedProfileWithSeparatedLock(int userId) { |
| 921 | return mUserManager.getUserInfo(userId).isManagedProfile() |
| 922 | && mLockPatternUtils.isSeparateProfileChallengeEnabled(userId); |
| 923 | } |
| 924 | |
| 925 | // This method should be called by LockPatternUtil only, all internal methods in this class |
| 926 | // should call setLockPatternInternal. |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 927 | @Override |
Andres Morales | 8fa5665 | 2015-03-31 09:19:50 -0700 | [diff] [blame] | 928 | public void setLockPattern(String pattern, String savedCredential, int userId) |
| 929 | throws RemoteException { |
Jim Miller | e484eaf | 2016-04-13 16:35:36 -0700 | [diff] [blame] | 930 | checkWritePermission(userId); |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 931 | synchronized (mSeparateChallengeLock) { |
| 932 | setLockPatternInternal(pattern, savedCredential, userId); |
| 933 | setSeparateProfileChallengeEnabled(userId, true, null); |
| 934 | } |
| 935 | } |
| 936 | |
Ricky Wai | 7f405f1 | 2016-05-31 12:05:05 +0100 | [diff] [blame] | 937 | private void setLockPatternInternal(String pattern, String savedCredential, int userId) |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 938 | throws RemoteException { |
Andres Morales | 8fa5665 | 2015-03-31 09:19:50 -0700 | [diff] [blame] | 939 | byte[] currentHandle = getCurrentHandle(userId); |
| 940 | |
Andres Morales | d9fc85a | 2015-04-09 19:14:42 -0700 | [diff] [blame] | 941 | if (pattern == null) { |
Paul Crowley | cc70155 | 2016-05-17 14:18:49 -0700 | [diff] [blame] | 942 | clearUserKeyProtection(userId); |
Andres Morales | cfb6160 | 2015-04-16 16:31:15 -0700 | [diff] [blame] | 943 | getGateKeeperService().clearSecureUserId(userId); |
Andres Morales | d9fc85a | 2015-04-09 19:14:42 -0700 | [diff] [blame] | 944 | mStorage.writePatternHash(null, userId); |
Chad Brubaker | a91a850 | 2015-05-07 10:02:22 -0700 | [diff] [blame] | 945 | setKeystorePassword(null, userId); |
Paul Crowley | cc70155 | 2016-05-17 14:18:49 -0700 | [diff] [blame] | 946 | fixateNewestUserKeyAuth(userId); |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 947 | onUserLockChanged(userId); |
Andres Morales | d9fc85a | 2015-04-09 19:14:42 -0700 | [diff] [blame] | 948 | return; |
| 949 | } |
| 950 | |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 951 | if (isManagedProfileWithUnifiedLock(userId)) { |
| 952 | // get credential from keystore when managed profile has unified lock |
| 953 | try { |
| 954 | savedCredential = getDecryptedPasswordForTiedProfile(userId); |
| 955 | } catch (UnrecoverableKeyException | InvalidKeyException | KeyStoreException |
| 956 | | NoSuchAlgorithmException | NoSuchPaddingException |
| 957 | | InvalidAlgorithmParameterException | IllegalBlockSizeException |
| 958 | | BadPaddingException | CertificateException | IOException e) { |
| 959 | if (e instanceof FileNotFoundException) { |
| 960 | Slog.i(TAG, "Child profile key not found"); |
| 961 | } else { |
| 962 | Slog.e(TAG, "Failed to decrypt child profile key", e); |
| 963 | } |
Andres Morales | 8fa5665 | 2015-03-31 09:19:50 -0700 | [diff] [blame] | 964 | } |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 965 | } else { |
| 966 | if (currentHandle == null) { |
| 967 | if (savedCredential != null) { |
| 968 | Slog.w(TAG, "Saved credential provided, but none stored"); |
| 969 | } |
| 970 | savedCredential = null; |
| 971 | } |
Andres Morales | 8fa5665 | 2015-03-31 09:19:50 -0700 | [diff] [blame] | 972 | } |
| 973 | |
| 974 | byte[] enrolledHandle = enrollCredential(currentHandle, savedCredential, pattern, userId); |
| 975 | if (enrolledHandle != null) { |
Paul Crowley | cc70155 | 2016-05-17 14:18:49 -0700 | [diff] [blame] | 976 | CredentialHash willStore |
| 977 | = new CredentialHash(enrolledHandle, CredentialHash.VERSION_GATEKEEPER); |
| 978 | setUserKeyProtection(userId, pattern, |
Jorim Jaggi | e8fde5d | 2016-06-30 23:41:37 -0700 | [diff] [blame] | 979 | doVerifyPattern(pattern, willStore, true, 0, userId, null /* progressCallback */)); |
Andres Morales | 8fa5665 | 2015-03-31 09:19:50 -0700 | [diff] [blame] | 980 | mStorage.writePatternHash(enrolledHandle, userId); |
Paul Crowley | cc70155 | 2016-05-17 14:18:49 -0700 | [diff] [blame] | 981 | fixateNewestUserKeyAuth(userId); |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 982 | onUserLockChanged(userId); |
Andres Morales | 8fa5665 | 2015-03-31 09:19:50 -0700 | [diff] [blame] | 983 | } else { |
Andres Morales | 2c4a573 | 2015-07-09 16:11:00 -0700 | [diff] [blame] | 984 | throw new RemoteException("Failed to enroll pattern"); |
Andres Morales | 8fa5665 | 2015-03-31 09:19:50 -0700 | [diff] [blame] | 985 | } |
| 986 | } |
| 987 | |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 988 | // This method should be called by LockPatternUtil only, all internal methods in this class |
| 989 | // should call setLockPasswordInternal. |
Andres Morales | 8fa5665 | 2015-03-31 09:19:50 -0700 | [diff] [blame] | 990 | @Override |
| 991 | public void setLockPassword(String password, String savedCredential, int userId) |
| 992 | throws RemoteException { |
Jim Miller | e484eaf | 2016-04-13 16:35:36 -0700 | [diff] [blame] | 993 | checkWritePermission(userId); |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 994 | synchronized (mSeparateChallengeLock) { |
| 995 | setLockPasswordInternal(password, savedCredential, userId); |
| 996 | setSeparateProfileChallengeEnabled(userId, true, null); |
| 997 | } |
| 998 | } |
Andres Morales | 8fa5665 | 2015-03-31 09:19:50 -0700 | [diff] [blame] | 999 | |
Ricky Wai | 7f405f1 | 2016-05-31 12:05:05 +0100 | [diff] [blame] | 1000 | private void setLockPasswordInternal(String password, String savedCredential, int userId) |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 1001 | throws RemoteException { |
| 1002 | byte[] currentHandle = getCurrentHandle(userId); |
Andres Morales | d9fc85a | 2015-04-09 19:14:42 -0700 | [diff] [blame] | 1003 | if (password == null) { |
Paul Crowley | cc70155 | 2016-05-17 14:18:49 -0700 | [diff] [blame] | 1004 | clearUserKeyProtection(userId); |
Andres Morales | cfb6160 | 2015-04-16 16:31:15 -0700 | [diff] [blame] | 1005 | getGateKeeperService().clearSecureUserId(userId); |
Andres Morales | d9fc85a | 2015-04-09 19:14:42 -0700 | [diff] [blame] | 1006 | mStorage.writePasswordHash(null, userId); |
Chad Brubaker | a91a850 | 2015-05-07 10:02:22 -0700 | [diff] [blame] | 1007 | setKeystorePassword(null, userId); |
Paul Crowley | cc70155 | 2016-05-17 14:18:49 -0700 | [diff] [blame] | 1008 | fixateNewestUserKeyAuth(userId); |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 1009 | onUserLockChanged(userId); |
Andres Morales | d9fc85a | 2015-04-09 19:14:42 -0700 | [diff] [blame] | 1010 | return; |
| 1011 | } |
| 1012 | |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 1013 | if (isManagedProfileWithUnifiedLock(userId)) { |
| 1014 | // get credential from keystore when managed profile has unified lock |
| 1015 | try { |
| 1016 | savedCredential = getDecryptedPasswordForTiedProfile(userId); |
Ricky Wai | de3a068 | 2016-05-03 14:50:03 +0100 | [diff] [blame] | 1017 | } catch (FileNotFoundException e) { |
| 1018 | Slog.i(TAG, "Child profile key not found"); |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 1019 | } catch (UnrecoverableKeyException | InvalidKeyException | KeyStoreException |
| 1020 | | NoSuchAlgorithmException | NoSuchPaddingException |
| 1021 | | InvalidAlgorithmParameterException | IllegalBlockSizeException |
| 1022 | | BadPaddingException | CertificateException | IOException e) { |
Ricky Wai | de3a068 | 2016-05-03 14:50:03 +0100 | [diff] [blame] | 1023 | Slog.e(TAG, "Failed to decrypt child profile key", e); |
Andres Morales | 8fa5665 | 2015-03-31 09:19:50 -0700 | [diff] [blame] | 1024 | } |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 1025 | } else { |
| 1026 | if (currentHandle == null) { |
| 1027 | if (savedCredential != null) { |
| 1028 | Slog.w(TAG, "Saved credential provided, but none stored"); |
| 1029 | } |
| 1030 | savedCredential = null; |
| 1031 | } |
Andres Morales | 8fa5665 | 2015-03-31 09:19:50 -0700 | [diff] [blame] | 1032 | } |
| 1033 | |
| 1034 | byte[] enrolledHandle = enrollCredential(currentHandle, savedCredential, password, userId); |
| 1035 | if (enrolledHandle != null) { |
Paul Crowley | cc70155 | 2016-05-17 14:18:49 -0700 | [diff] [blame] | 1036 | CredentialHash willStore |
| 1037 | = new CredentialHash(enrolledHandle, CredentialHash.VERSION_GATEKEEPER); |
| 1038 | setUserKeyProtection(userId, password, |
Jorim Jaggi | e8fde5d | 2016-06-30 23:41:37 -0700 | [diff] [blame] | 1039 | doVerifyPassword(password, willStore, true, 0, userId, |
| 1040 | null /* progressCallback */)); |
Andres Morales | 8fa5665 | 2015-03-31 09:19:50 -0700 | [diff] [blame] | 1041 | mStorage.writePasswordHash(enrolledHandle, userId); |
Paul Crowley | cc70155 | 2016-05-17 14:18:49 -0700 | [diff] [blame] | 1042 | fixateNewestUserKeyAuth(userId); |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 1043 | onUserLockChanged(userId); |
Andres Morales | 8fa5665 | 2015-03-31 09:19:50 -0700 | [diff] [blame] | 1044 | } else { |
Andres Morales | 2c4a573 | 2015-07-09 16:11:00 -0700 | [diff] [blame] | 1045 | throw new RemoteException("Failed to enroll password"); |
Andres Morales | 8fa5665 | 2015-03-31 09:19:50 -0700 | [diff] [blame] | 1046 | } |
| 1047 | } |
| 1048 | |
Zach Jang | e61672a | 2016-11-22 17:47:18 +0000 | [diff] [blame] | 1049 | private void tieProfileLockToParent(int userId, String password) { |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 1050 | if (DEBUG) Slog.v(TAG, "tieProfileLockToParent for user: " + userId); |
| 1051 | byte[] randomLockSeed = password.getBytes(StandardCharsets.UTF_8); |
| 1052 | byte[] encryptionResult; |
| 1053 | byte[] iv; |
| 1054 | try { |
| 1055 | KeyGenerator keyGenerator = KeyGenerator.getInstance(KeyProperties.KEY_ALGORITHM_AES); |
| 1056 | keyGenerator.init(new SecureRandom()); |
| 1057 | SecretKey secretKey = keyGenerator.generateKey(); |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 1058 | java.security.KeyStore keyStore = java.security.KeyStore.getInstance("AndroidKeyStore"); |
| 1059 | keyStore.load(null); |
Ricky Wai | 97c8f8d | 2016-07-13 17:57:45 +0100 | [diff] [blame] | 1060 | try { |
| 1061 | keyStore.setEntry( |
| 1062 | LockPatternUtils.PROFILE_KEY_NAME_ENCRYPT + userId, |
| 1063 | new java.security.KeyStore.SecretKeyEntry(secretKey), |
| 1064 | new KeyProtection.Builder(KeyProperties.PURPOSE_ENCRYPT) |
| 1065 | .setBlockModes(KeyProperties.BLOCK_MODE_GCM) |
| 1066 | .setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_NONE) |
| 1067 | .build()); |
| 1068 | keyStore.setEntry( |
| 1069 | LockPatternUtils.PROFILE_KEY_NAME_DECRYPT + userId, |
| 1070 | new java.security.KeyStore.SecretKeyEntry(secretKey), |
| 1071 | new KeyProtection.Builder(KeyProperties.PURPOSE_DECRYPT) |
| 1072 | .setBlockModes(KeyProperties.BLOCK_MODE_GCM) |
| 1073 | .setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_NONE) |
| 1074 | .setUserAuthenticationRequired(true) |
| 1075 | .setUserAuthenticationValidityDurationSeconds(30) |
| 1076 | .build()); |
| 1077 | // Key imported, obtain a reference to it. |
| 1078 | SecretKey keyStoreEncryptionKey = (SecretKey) keyStore.getKey( |
| 1079 | LockPatternUtils.PROFILE_KEY_NAME_ENCRYPT + userId, null); |
| 1080 | Cipher cipher = Cipher.getInstance( |
| 1081 | KeyProperties.KEY_ALGORITHM_AES + "/" + KeyProperties.BLOCK_MODE_GCM + "/" |
| 1082 | + KeyProperties.ENCRYPTION_PADDING_NONE); |
| 1083 | cipher.init(Cipher.ENCRYPT_MODE, keyStoreEncryptionKey); |
| 1084 | encryptionResult = cipher.doFinal(randomLockSeed); |
| 1085 | iv = cipher.getIV(); |
| 1086 | } finally { |
| 1087 | // The original key can now be discarded. |
| 1088 | keyStore.deleteEntry(LockPatternUtils.PROFILE_KEY_NAME_ENCRYPT + userId); |
| 1089 | } |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 1090 | } catch (CertificateException | UnrecoverableKeyException |
Zach Jang | e61672a | 2016-11-22 17:47:18 +0000 | [diff] [blame] | 1091 | | IOException | BadPaddingException | IllegalBlockSizeException | KeyStoreException |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 1092 | | NoSuchPaddingException | NoSuchAlgorithmException | InvalidKeyException e) { |
| 1093 | throw new RuntimeException("Failed to encrypt key", e); |
| 1094 | } |
| 1095 | ByteArrayOutputStream outputStream = new ByteArrayOutputStream(); |
| 1096 | try { |
| 1097 | if (iv.length != PROFILE_KEY_IV_SIZE) { |
| 1098 | throw new RuntimeException("Invalid iv length: " + iv.length); |
| 1099 | } |
| 1100 | outputStream.write(iv); |
| 1101 | outputStream.write(encryptionResult); |
| 1102 | } catch (IOException e) { |
| 1103 | throw new RuntimeException("Failed to concatenate byte arrays", e); |
| 1104 | } |
| 1105 | mStorage.writeChildProfileLock(userId, outputStream.toByteArray()); |
| 1106 | } |
| 1107 | |
Andres Morales | 8fa5665 | 2015-03-31 09:19:50 -0700 | [diff] [blame] | 1108 | private byte[] enrollCredential(byte[] enrolledHandle, |
| 1109 | String enrolledCredential, String toEnroll, int userId) |
| 1110 | throws RemoteException { |
Jim Miller | de1af08 | 2013-09-11 14:58:26 -0700 | [diff] [blame] | 1111 | checkWritePermission(userId); |
Andres Morales | 8fa5665 | 2015-03-31 09:19:50 -0700 | [diff] [blame] | 1112 | byte[] enrolledCredentialBytes = enrolledCredential == null |
| 1113 | ? null |
| 1114 | : enrolledCredential.getBytes(); |
| 1115 | byte[] toEnrollBytes = toEnroll == null |
| 1116 | ? null |
| 1117 | : toEnroll.getBytes(); |
Andres Morales | 2397427 | 2015-05-14 22:42:26 -0700 | [diff] [blame] | 1118 | GateKeeperResponse response = getGateKeeperService().enroll(userId, enrolledHandle, |
| 1119 | enrolledCredentialBytes, toEnrollBytes); |
Jim Miller | de1af08 | 2013-09-11 14:58:26 -0700 | [diff] [blame] | 1120 | |
Andres Morales | 2397427 | 2015-05-14 22:42:26 -0700 | [diff] [blame] | 1121 | if (response == null) { |
| 1122 | return null; |
Andres Morales | 8fa5665 | 2015-03-31 09:19:50 -0700 | [diff] [blame] | 1123 | } |
Jim Miller | de1af08 | 2013-09-11 14:58:26 -0700 | [diff] [blame] | 1124 | |
Andres Morales | 2397427 | 2015-05-14 22:42:26 -0700 | [diff] [blame] | 1125 | byte[] hash = response.getPayload(); |
| 1126 | if (hash != null) { |
| 1127 | setKeystorePassword(toEnroll, userId); |
| 1128 | } else { |
| 1129 | // Should not happen |
| 1130 | Slog.e(TAG, "Throttled while enrolling a password"); |
| 1131 | } |
Andres Morales | 8fa5665 | 2015-03-31 09:19:50 -0700 | [diff] [blame] | 1132 | return hash; |
Jim Miller | de1af08 | 2013-09-11 14:58:26 -0700 | [diff] [blame] | 1133 | } |
| 1134 | |
Paul Crowley | faeb3eb | 2016-02-08 15:58:29 +0000 | [diff] [blame] | 1135 | private void setUserKeyProtection(int userId, String credential, VerifyCredentialResponse vcr) |
| 1136 | throws RemoteException { |
| 1137 | if (vcr == null) { |
| 1138 | throw new RemoteException("Null response verifying a credential we just set"); |
| 1139 | } |
| 1140 | if (vcr.getResponseCode() != VerifyCredentialResponse.RESPONSE_OK) { |
| 1141 | throw new RemoteException("Non-OK response verifying a credential we just set: " |
| 1142 | + vcr.getResponseCode()); |
| 1143 | } |
| 1144 | byte[] token = vcr.getPayload(); |
| 1145 | if (token == null) { |
| 1146 | throw new RemoteException("Empty payload verifying a credential we just set"); |
| 1147 | } |
Paul Crowley | cc70155 | 2016-05-17 14:18:49 -0700 | [diff] [blame] | 1148 | addUserKeyAuth(userId, token, secretFromCredential(credential)); |
Paul Crowley | faeb3eb | 2016-02-08 15:58:29 +0000 | [diff] [blame] | 1149 | } |
| 1150 | |
| 1151 | private void clearUserKeyProtection(int userId) throws RemoteException { |
Paul Crowley | cc70155 | 2016-05-17 14:18:49 -0700 | [diff] [blame] | 1152 | addUserKeyAuth(userId, null, null); |
Paul Crowley | faeb3eb | 2016-02-08 15:58:29 +0000 | [diff] [blame] | 1153 | } |
| 1154 | |
| 1155 | private static byte[] secretFromCredential(String credential) throws RemoteException { |
| 1156 | try { |
| 1157 | MessageDigest digest = MessageDigest.getInstance("SHA-512"); |
| 1158 | // Personalize the hash |
| 1159 | byte[] personalization = "Android FBE credential hash" |
| 1160 | .getBytes(StandardCharsets.UTF_8); |
| 1161 | // Pad it to the block size of the hash function |
| 1162 | personalization = Arrays.copyOf(personalization, 128); |
| 1163 | digest.update(personalization); |
| 1164 | digest.update(credential.getBytes(StandardCharsets.UTF_8)); |
| 1165 | return digest.digest(); |
| 1166 | } catch (NoSuchAlgorithmException e) { |
| 1167 | throw new RuntimeException("NoSuchAlgorithmException for SHA-512"); |
| 1168 | } |
| 1169 | } |
| 1170 | |
Paul Crowley | cc70155 | 2016-05-17 14:18:49 -0700 | [diff] [blame] | 1171 | private void addUserKeyAuth(int userId, byte[] token, byte[] secret) |
Paul Crowley | faeb3eb | 2016-02-08 15:58:29 +0000 | [diff] [blame] | 1172 | throws RemoteException { |
| 1173 | final UserInfo userInfo = UserManager.get(mContext).getUserInfo(userId); |
Sudheer Shanka | 2250d56 | 2016-11-07 15:41:02 -0800 | [diff] [blame] | 1174 | final IStorageManager storageManager = getStorageManager(); |
Paul Crowley | 815036f | 2016-03-29 14:14:48 -0700 | [diff] [blame] | 1175 | final long callingId = Binder.clearCallingIdentity(); |
| 1176 | try { |
Sudheer Shanka | 2250d56 | 2016-11-07 15:41:02 -0800 | [diff] [blame] | 1177 | storageManager.addUserKeyAuth(userId, userInfo.serialNumber, token, secret); |
Paul Crowley | 815036f | 2016-03-29 14:14:48 -0700 | [diff] [blame] | 1178 | } finally { |
| 1179 | Binder.restoreCallingIdentity(callingId); |
| 1180 | } |
Paul Crowley | faeb3eb | 2016-02-08 15:58:29 +0000 | [diff] [blame] | 1181 | } |
| 1182 | |
Paul Crowley | cc70155 | 2016-05-17 14:18:49 -0700 | [diff] [blame] | 1183 | private void fixateNewestUserKeyAuth(int userId) |
| 1184 | throws RemoteException { |
Sudheer Shanka | 2250d56 | 2016-11-07 15:41:02 -0800 | [diff] [blame] | 1185 | final IStorageManager storageManager = getStorageManager(); |
Toni Barzic | 6c81872 | 2016-05-27 09:18:39 -0700 | [diff] [blame] | 1186 | final long callingId = Binder.clearCallingIdentity(); |
| 1187 | try { |
Sudheer Shanka | 2250d56 | 2016-11-07 15:41:02 -0800 | [diff] [blame] | 1188 | storageManager.fixateNewestUserKeyAuth(userId); |
Toni Barzic | 6c81872 | 2016-05-27 09:18:39 -0700 | [diff] [blame] | 1189 | } finally { |
| 1190 | Binder.restoreCallingIdentity(callingId); |
| 1191 | } |
Paul Crowley | cc70155 | 2016-05-17 14:18:49 -0700 | [diff] [blame] | 1192 | } |
| 1193 | |
Jim Miller | de1af08 | 2013-09-11 14:58:26 -0700 | [diff] [blame] | 1194 | @Override |
Ricky Wai | 4613fe4 | 2016-05-24 11:11:42 +0100 | [diff] [blame] | 1195 | public void resetKeyStore(int userId) throws RemoteException { |
Ricky Wai | 7f405f1 | 2016-05-31 12:05:05 +0100 | [diff] [blame] | 1196 | checkWritePermission(userId); |
Ricky Wai | 4613fe4 | 2016-05-24 11:11:42 +0100 | [diff] [blame] | 1197 | if (DEBUG) Slog.v(TAG, "Reset keystore for user: " + userId); |
| 1198 | int managedUserId = -1; |
| 1199 | String managedUserDecryptedPassword = null; |
| 1200 | final List<UserInfo> profiles = mUserManager.getProfiles(userId); |
| 1201 | for (UserInfo pi : profiles) { |
| 1202 | // Unlock managed profile with unified lock |
| 1203 | if (pi.isManagedProfile() |
| 1204 | && !mLockPatternUtils.isSeparateProfileChallengeEnabled(pi.id) |
| 1205 | && mStorage.hasChildProfileLock(pi.id)) { |
| 1206 | try { |
| 1207 | if (managedUserId == -1) { |
| 1208 | managedUserDecryptedPassword = getDecryptedPasswordForTiedProfile(pi.id); |
| 1209 | managedUserId = pi.id; |
| 1210 | } else { |
| 1211 | // Should not happen |
| 1212 | Slog.e(TAG, "More than one managed profile, uid1:" + managedUserId |
| 1213 | + ", uid2:" + pi.id); |
| 1214 | } |
| 1215 | } catch (UnrecoverableKeyException | InvalidKeyException | KeyStoreException |
| 1216 | | NoSuchAlgorithmException | NoSuchPaddingException |
| 1217 | | InvalidAlgorithmParameterException | IllegalBlockSizeException |
| 1218 | | BadPaddingException | CertificateException | IOException e) { |
| 1219 | Slog.e(TAG, "Failed to decrypt child profile key", e); |
| 1220 | } |
| 1221 | } |
| 1222 | } |
| 1223 | try { |
| 1224 | // Clear all the users credentials could have been installed in for this user. |
| 1225 | for (int profileId : mUserManager.getProfileIdsWithDisabled(userId)) { |
| 1226 | for (int uid : SYSTEM_CREDENTIAL_UIDS) { |
| 1227 | mKeyStore.clearUid(UserHandle.getUid(profileId, uid)); |
| 1228 | } |
| 1229 | } |
| 1230 | } finally { |
| 1231 | if (managedUserId != -1 && managedUserDecryptedPassword != null) { |
| 1232 | if (DEBUG) Slog.v(TAG, "Restore tied profile lock"); |
Zach Jang | e61672a | 2016-11-22 17:47:18 +0000 | [diff] [blame] | 1233 | tieProfileLockToParent(managedUserId, managedUserDecryptedPassword); |
Ricky Wai | 4613fe4 | 2016-05-24 11:11:42 +0100 | [diff] [blame] | 1234 | } |
| 1235 | } |
| 1236 | } |
| 1237 | |
| 1238 | @Override |
Jorim Jaggi | e8fde5d | 2016-06-30 23:41:37 -0700 | [diff] [blame] | 1239 | public VerifyCredentialResponse checkPattern(String pattern, int userId, |
| 1240 | ICheckCredentialProgressCallback progressCallback) throws RemoteException { |
| 1241 | return doVerifyPattern(pattern, false, 0, userId, progressCallback); |
Andres Morales | d9fc85a | 2015-04-09 19:14:42 -0700 | [diff] [blame] | 1242 | } |
Adrian Roos | 261d5ab | 2014-10-29 14:42:38 +0100 | [diff] [blame] | 1243 | |
Andres Morales | d9fc85a | 2015-04-09 19:14:42 -0700 | [diff] [blame] | 1244 | @Override |
Andres Morales | 2397427 | 2015-05-14 22:42:26 -0700 | [diff] [blame] | 1245 | public VerifyCredentialResponse verifyPattern(String pattern, long challenge, int userId) |
Andres Morales | d9fc85a | 2015-04-09 19:14:42 -0700 | [diff] [blame] | 1246 | throws RemoteException { |
Jorim Jaggi | e8fde5d | 2016-06-30 23:41:37 -0700 | [diff] [blame] | 1247 | return doVerifyPattern(pattern, true, challenge, userId, null /* progressCallback */); |
Andres Morales | d9fc85a | 2015-04-09 19:14:42 -0700 | [diff] [blame] | 1248 | } |
| 1249 | |
Andres Morales | e40bad8 | 2015-05-28 14:21:36 -0700 | [diff] [blame] | 1250 | private VerifyCredentialResponse doVerifyPattern(String pattern, boolean hasChallenge, |
Jorim Jaggi | e8fde5d | 2016-06-30 23:41:37 -0700 | [diff] [blame] | 1251 | long challenge, int userId, ICheckCredentialProgressCallback progressCallback) |
| 1252 | throws RemoteException { |
Andres Morales | d9fc85a | 2015-04-09 19:14:42 -0700 | [diff] [blame] | 1253 | checkPasswordReadPermission(userId); |
Jim Miller | 2d71384a | 2016-08-10 15:43:17 -0700 | [diff] [blame] | 1254 | if (TextUtils.isEmpty(pattern)) { |
| 1255 | throw new IllegalArgumentException("Pattern can't be null or empty"); |
| 1256 | } |
Andres Morales | d9fc85a | 2015-04-09 19:14:42 -0700 | [diff] [blame] | 1257 | CredentialHash storedHash = mStorage.readPatternHash(userId); |
Jorim Jaggi | e8fde5d | 2016-06-30 23:41:37 -0700 | [diff] [blame] | 1258 | return doVerifyPattern(pattern, storedHash, hasChallenge, challenge, userId, |
| 1259 | progressCallback); |
Paul Crowley | cc70155 | 2016-05-17 14:18:49 -0700 | [diff] [blame] | 1260 | } |
| 1261 | |
| 1262 | private VerifyCredentialResponse doVerifyPattern(String pattern, CredentialHash storedHash, |
Jorim Jaggi | e8fde5d | 2016-06-30 23:41:37 -0700 | [diff] [blame] | 1263 | boolean hasChallenge, long challenge, int userId, |
| 1264 | ICheckCredentialProgressCallback progressCallback) throws RemoteException { |
Jim Miller | 29d157b | 2016-07-15 17:24:08 -0700 | [diff] [blame] | 1265 | |
| 1266 | if (TextUtils.isEmpty(pattern)) { |
| 1267 | throw new IllegalArgumentException("Pattern can't be null or empty"); |
| 1268 | } |
Andres Morales | e40bad8 | 2015-05-28 14:21:36 -0700 | [diff] [blame] | 1269 | boolean shouldReEnrollBaseZero = storedHash != null && storedHash.isBaseZeroPattern; |
| 1270 | |
| 1271 | String patternToVerify; |
| 1272 | if (shouldReEnrollBaseZero) { |
| 1273 | patternToVerify = LockPatternUtils.patternStringToBaseZero(pattern); |
| 1274 | } else { |
| 1275 | patternToVerify = pattern; |
| 1276 | } |
| 1277 | |
| 1278 | VerifyCredentialResponse response = verifyCredential(userId, storedHash, patternToVerify, |
| 1279 | hasChallenge, challenge, |
Andres Morales | 2397427 | 2015-05-14 22:42:26 -0700 | [diff] [blame] | 1280 | new CredentialUtil() { |
| 1281 | @Override |
| 1282 | public void setCredential(String pattern, String oldPattern, int userId) |
| 1283 | throws RemoteException { |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 1284 | setLockPatternInternal(pattern, oldPattern, userId); |
Andres Morales | 2397427 | 2015-05-14 22:42:26 -0700 | [diff] [blame] | 1285 | } |
Andres Morales | d9fc85a | 2015-04-09 19:14:42 -0700 | [diff] [blame] | 1286 | |
Andres Morales | 2397427 | 2015-05-14 22:42:26 -0700 | [diff] [blame] | 1287 | @Override |
| 1288 | public byte[] toHash(String pattern, int userId) { |
Andres Morales | e40bad8 | 2015-05-28 14:21:36 -0700 | [diff] [blame] | 1289 | return LockPatternUtils.patternToHash( |
| 1290 | LockPatternUtils.stringToPattern(pattern)); |
Andres Morales | 2397427 | 2015-05-14 22:42:26 -0700 | [diff] [blame] | 1291 | } |
Andres Morales | 59ef126 | 2015-06-26 13:56:39 -0700 | [diff] [blame] | 1292 | |
| 1293 | @Override |
| 1294 | public String adjustForKeystore(String pattern) { |
| 1295 | return LockPatternUtils.patternStringToBaseZero(pattern); |
| 1296 | } |
Jorim Jaggi | e8fde5d | 2016-06-30 23:41:37 -0700 | [diff] [blame] | 1297 | }, |
| 1298 | progressCallback |
Andres Morales | 2397427 | 2015-05-14 22:42:26 -0700 | [diff] [blame] | 1299 | ); |
Andres Morales | e40bad8 | 2015-05-28 14:21:36 -0700 | [diff] [blame] | 1300 | |
| 1301 | if (response.getResponseCode() == VerifyCredentialResponse.RESPONSE_OK |
| 1302 | && shouldReEnrollBaseZero) { |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 1303 | setLockPatternInternal(pattern, patternToVerify, userId); |
Andres Morales | e40bad8 | 2015-05-28 14:21:36 -0700 | [diff] [blame] | 1304 | } |
| 1305 | |
| 1306 | return response; |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 1307 | } |
| 1308 | |
| 1309 | @Override |
Jorim Jaggi | e8fde5d | 2016-06-30 23:41:37 -0700 | [diff] [blame] | 1310 | public VerifyCredentialResponse checkPassword(String password, int userId, |
| 1311 | ICheckCredentialProgressCallback progressCallback) throws RemoteException { |
| 1312 | return doVerifyPassword(password, false, 0, userId, progressCallback); |
Andres Morales | d9fc85a | 2015-04-09 19:14:42 -0700 | [diff] [blame] | 1313 | } |
| 1314 | |
Andres Morales | 2397427 | 2015-05-14 22:42:26 -0700 | [diff] [blame] | 1315 | @Override |
| 1316 | public VerifyCredentialResponse verifyPassword(String password, long challenge, int userId) |
| 1317 | throws RemoteException { |
Jorim Jaggi | e8fde5d | 2016-06-30 23:41:37 -0700 | [diff] [blame] | 1318 | return doVerifyPassword(password, true, challenge, userId, null /* progressCallback */); |
Andres Morales | 2397427 | 2015-05-14 22:42:26 -0700 | [diff] [blame] | 1319 | } |
| 1320 | |
Ricky Wai | 53940d4 | 2016-04-05 15:29:24 +0100 | [diff] [blame] | 1321 | @Override |
| 1322 | public VerifyCredentialResponse verifyTiedProfileChallenge(String password, boolean isPattern, |
| 1323 | long challenge, int userId) throws RemoteException { |
| 1324 | checkPasswordReadPermission(userId); |
| 1325 | if (!isManagedProfileWithUnifiedLock(userId)) { |
| 1326 | throw new RemoteException("User id must be managed profile with unified lock"); |
| 1327 | } |
| 1328 | final int parentProfileId = mUserManager.getProfileParent(userId).id; |
| 1329 | // Unlock parent by using parent's challenge |
| 1330 | final VerifyCredentialResponse parentResponse = isPattern |
Jorim Jaggi | e8fde5d | 2016-06-30 23:41:37 -0700 | [diff] [blame] | 1331 | ? doVerifyPattern(password, true, challenge, parentProfileId, |
| 1332 | null /* progressCallback */) |
| 1333 | : doVerifyPassword(password, true, challenge, parentProfileId, |
| 1334 | null /* progressCallback */); |
Ricky Wai | 53940d4 | 2016-04-05 15:29:24 +0100 | [diff] [blame] | 1335 | if (parentResponse.getResponseCode() != VerifyCredentialResponse.RESPONSE_OK) { |
| 1336 | // Failed, just return parent's response |
| 1337 | return parentResponse; |
| 1338 | } |
| 1339 | |
| 1340 | try { |
| 1341 | // Unlock work profile, and work profile with unified lock must use password only |
| 1342 | return doVerifyPassword(getDecryptedPasswordForTiedProfile(userId), true, |
| 1343 | challenge, |
Jorim Jaggi | e8fde5d | 2016-06-30 23:41:37 -0700 | [diff] [blame] | 1344 | userId, null /* progressCallback */); |
Ricky Wai | 53940d4 | 2016-04-05 15:29:24 +0100 | [diff] [blame] | 1345 | } catch (UnrecoverableKeyException | InvalidKeyException | KeyStoreException |
| 1346 | | NoSuchAlgorithmException | NoSuchPaddingException |
| 1347 | | InvalidAlgorithmParameterException | IllegalBlockSizeException |
| 1348 | | BadPaddingException | CertificateException | IOException e) { |
| 1349 | Slog.e(TAG, "Failed to decrypt child profile key", e); |
| 1350 | throw new RemoteException("Unable to get tied profile token"); |
| 1351 | } |
| 1352 | } |
| 1353 | |
Andres Morales | 2397427 | 2015-05-14 22:42:26 -0700 | [diff] [blame] | 1354 | private VerifyCredentialResponse doVerifyPassword(String password, boolean hasChallenge, |
Jorim Jaggi | e8fde5d | 2016-06-30 23:41:37 -0700 | [diff] [blame] | 1355 | long challenge, int userId, ICheckCredentialProgressCallback progressCallback) |
| 1356 | throws RemoteException { |
Andres Morales | d9fc85a | 2015-04-09 19:14:42 -0700 | [diff] [blame] | 1357 | checkPasswordReadPermission(userId); |
Jim Miller | 2d71384a | 2016-08-10 15:43:17 -0700 | [diff] [blame] | 1358 | if (TextUtils.isEmpty(password)) { |
| 1359 | throw new IllegalArgumentException("Password can't be null or empty"); |
| 1360 | } |
Andres Morales | 8fa5665 | 2015-03-31 09:19:50 -0700 | [diff] [blame] | 1361 | CredentialHash storedHash = mStorage.readPasswordHash(userId); |
Jorim Jaggi | e8fde5d | 2016-06-30 23:41:37 -0700 | [diff] [blame] | 1362 | return doVerifyPassword(password, storedHash, hasChallenge, challenge, userId, |
| 1363 | progressCallback); |
Paul Crowley | cc70155 | 2016-05-17 14:18:49 -0700 | [diff] [blame] | 1364 | } |
| 1365 | |
| 1366 | private VerifyCredentialResponse doVerifyPassword(String password, CredentialHash storedHash, |
Jorim Jaggi | e8fde5d | 2016-06-30 23:41:37 -0700 | [diff] [blame] | 1367 | boolean hasChallenge, long challenge, int userId, |
| 1368 | ICheckCredentialProgressCallback progressCallback) throws RemoteException { |
Jim Miller | 29d157b | 2016-07-15 17:24:08 -0700 | [diff] [blame] | 1369 | if (TextUtils.isEmpty(password)) { |
| 1370 | throw new IllegalArgumentException("Password can't be null or empty"); |
| 1371 | } |
Andres Morales | 2397427 | 2015-05-14 22:42:26 -0700 | [diff] [blame] | 1372 | return verifyCredential(userId, storedHash, password, hasChallenge, challenge, |
| 1373 | new CredentialUtil() { |
| 1374 | @Override |
| 1375 | public void setCredential(String password, String oldPassword, int userId) |
| 1376 | throws RemoteException { |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 1377 | setLockPasswordInternal(password, oldPassword, userId); |
Andres Morales | 2397427 | 2015-05-14 22:42:26 -0700 | [diff] [blame] | 1378 | } |
Adrian Roos | 261d5ab | 2014-10-29 14:42:38 +0100 | [diff] [blame] | 1379 | |
Andres Morales | 2397427 | 2015-05-14 22:42:26 -0700 | [diff] [blame] | 1380 | @Override |
| 1381 | public byte[] toHash(String password, int userId) { |
| 1382 | return mLockPatternUtils.passwordToHash(password, userId); |
| 1383 | } |
Andres Morales | 59ef126 | 2015-06-26 13:56:39 -0700 | [diff] [blame] | 1384 | |
| 1385 | @Override |
| 1386 | public String adjustForKeystore(String password) { |
| 1387 | return password; |
| 1388 | } |
Jorim Jaggi | e8fde5d | 2016-06-30 23:41:37 -0700 | [diff] [blame] | 1389 | }, progressCallback); |
Andres Morales | 2397427 | 2015-05-14 22:42:26 -0700 | [diff] [blame] | 1390 | } |
| 1391 | |
| 1392 | private VerifyCredentialResponse verifyCredential(int userId, CredentialHash storedHash, |
Jorim Jaggi | e8fde5d | 2016-06-30 23:41:37 -0700 | [diff] [blame] | 1393 | String credential, boolean hasChallenge, long challenge, CredentialUtil credentialUtil, |
| 1394 | ICheckCredentialProgressCallback progressCallback) |
Andres Morales | 2397427 | 2015-05-14 22:42:26 -0700 | [diff] [blame] | 1395 | throws RemoteException { |
| 1396 | if ((storedHash == null || storedHash.hash.length == 0) && TextUtils.isEmpty(credential)) { |
| 1397 | // don't need to pass empty credentials to GateKeeper |
| 1398 | return VerifyCredentialResponse.OK; |
Andres Morales | d9fc85a | 2015-04-09 19:14:42 -0700 | [diff] [blame] | 1399 | } |
| 1400 | |
Andres Morales | 2397427 | 2015-05-14 22:42:26 -0700 | [diff] [blame] | 1401 | if (TextUtils.isEmpty(credential)) { |
| 1402 | return VerifyCredentialResponse.ERROR; |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 1403 | } |
Adrian Roos | 261d5ab | 2014-10-29 14:42:38 +0100 | [diff] [blame] | 1404 | |
Jeff Sharkey | eddf518 | 2016-08-09 16:36:08 -0600 | [diff] [blame] | 1405 | // We're potentially going to be doing a bunch of disk I/O below as part |
| 1406 | // of unlocking the user, so yell if calling from the main thread. |
| 1407 | StrictMode.noteDiskRead(); |
| 1408 | |
Andres Morales | 8fa5665 | 2015-03-31 09:19:50 -0700 | [diff] [blame] | 1409 | if (storedHash.version == CredentialHash.VERSION_LEGACY) { |
Andres Morales | 2397427 | 2015-05-14 22:42:26 -0700 | [diff] [blame] | 1410 | byte[] hash = credentialUtil.toHash(credential, userId); |
Andres Morales | d9fc85a | 2015-04-09 19:14:42 -0700 | [diff] [blame] | 1411 | if (Arrays.equals(hash, storedHash.hash)) { |
Andres Morales | 59ef126 | 2015-06-26 13:56:39 -0700 | [diff] [blame] | 1412 | unlockKeystore(credentialUtil.adjustForKeystore(credential), userId); |
Jeff Sharkey | b9fe537 | 2015-12-03 15:23:08 -0700 | [diff] [blame] | 1413 | |
Paul Crowley | faeb3eb | 2016-02-08 15:58:29 +0000 | [diff] [blame] | 1414 | // Users with legacy credentials don't have credential-backed |
| 1415 | // FBE keys, so just pass through a fake token/secret |
| 1416 | Slog.i(TAG, "Unlocking user with fake token: " + userId); |
| 1417 | final byte[] fakeToken = String.valueOf(userId).getBytes(); |
| 1418 | unlockUser(userId, fakeToken, fakeToken); |
Jeff Sharkey | b9fe537 | 2015-12-03 15:23:08 -0700 | [diff] [blame] | 1419 | |
Andres Morales | 2397427 | 2015-05-14 22:42:26 -0700 | [diff] [blame] | 1420 | // migrate credential to GateKeeper |
| 1421 | credentialUtil.setCredential(credential, null, userId); |
Andres Morales | d9fc85a | 2015-04-09 19:14:42 -0700 | [diff] [blame] | 1422 | if (!hasChallenge) { |
Andres Morales | 2397427 | 2015-05-14 22:42:26 -0700 | [diff] [blame] | 1423 | return VerifyCredentialResponse.OK; |
Andres Morales | d9fc85a | 2015-04-09 19:14:42 -0700 | [diff] [blame] | 1424 | } |
| 1425 | // Fall through to get the auth token. Technically this should never happen, |
Andres Morales | 2397427 | 2015-05-14 22:42:26 -0700 | [diff] [blame] | 1426 | // as a user that had a legacy credential would have to unlock their device |
Andres Morales | d9fc85a | 2015-04-09 19:14:42 -0700 | [diff] [blame] | 1427 | // before getting to a flow with a challenge, but supporting for consistency. |
| 1428 | } else { |
Andres Morales | 2397427 | 2015-05-14 22:42:26 -0700 | [diff] [blame] | 1429 | return VerifyCredentialResponse.ERROR; |
Andres Morales | 8fa5665 | 2015-03-31 09:19:50 -0700 | [diff] [blame] | 1430 | } |
Andres Morales | 8fa5665 | 2015-03-31 09:19:50 -0700 | [diff] [blame] | 1431 | } |
| 1432 | |
Andres Morales | 2397427 | 2015-05-14 22:42:26 -0700 | [diff] [blame] | 1433 | VerifyCredentialResponse response; |
Paul Crowley | 98e0a26 | 2016-02-04 09:41:53 +0000 | [diff] [blame] | 1434 | boolean shouldReEnroll = false; |
| 1435 | GateKeeperResponse gateKeeperResponse = getGateKeeperService() |
| 1436 | .verifyChallenge(userId, challenge, storedHash.hash, credential.getBytes()); |
| 1437 | int responseCode = gateKeeperResponse.getResponseCode(); |
| 1438 | if (responseCode == GateKeeperResponse.RESPONSE_RETRY) { |
| 1439 | response = new VerifyCredentialResponse(gateKeeperResponse.getTimeout()); |
| 1440 | } else if (responseCode == GateKeeperResponse.RESPONSE_OK) { |
| 1441 | byte[] token = gateKeeperResponse.getPayload(); |
| 1442 | if (token == null) { |
| 1443 | // something's wrong if there's no payload with a challenge |
| 1444 | Slog.e(TAG, "verifyChallenge response had no associated payload"); |
Andres Morales | 2397427 | 2015-05-14 22:42:26 -0700 | [diff] [blame] | 1445 | response = VerifyCredentialResponse.ERROR; |
Paul Crowley | 98e0a26 | 2016-02-04 09:41:53 +0000 | [diff] [blame] | 1446 | } else { |
| 1447 | shouldReEnroll = gateKeeperResponse.getShouldReEnroll(); |
| 1448 | response = new VerifyCredentialResponse(token); |
Andres Morales | d9fc85a | 2015-04-09 19:14:42 -0700 | [diff] [blame] | 1449 | } |
Andres Morales | 2397427 | 2015-05-14 22:42:26 -0700 | [diff] [blame] | 1450 | } else { |
Paul Crowley | 98e0a26 | 2016-02-04 09:41:53 +0000 | [diff] [blame] | 1451 | response = VerifyCredentialResponse.ERROR; |
Adrian Roos | 261d5ab | 2014-10-29 14:42:38 +0100 | [diff] [blame] | 1452 | } |
Andres Morales | 8fa5665 | 2015-03-31 09:19:50 -0700 | [diff] [blame] | 1453 | |
Andres Morales | 2397427 | 2015-05-14 22:42:26 -0700 | [diff] [blame] | 1454 | if (response.getResponseCode() == VerifyCredentialResponse.RESPONSE_OK) { |
Jorim Jaggi | e31f6b8 | 2016-07-01 16:15:09 -0700 | [diff] [blame] | 1455 | |
| 1456 | |
Andres Morales | 2397427 | 2015-05-14 22:42:26 -0700 | [diff] [blame] | 1457 | // credential has matched |
Jorim Jaggi | e8fde5d | 2016-06-30 23:41:37 -0700 | [diff] [blame] | 1458 | |
| 1459 | if (progressCallback != null) { |
| 1460 | progressCallback.onCredentialVerified(); |
| 1461 | } |
Andres Morales | 2397427 | 2015-05-14 22:42:26 -0700 | [diff] [blame] | 1462 | unlockKeystore(credential, userId); |
Jeff Sharkey | b9fe537 | 2015-12-03 15:23:08 -0700 | [diff] [blame] | 1463 | |
Paul Crowley | faeb3eb | 2016-02-08 15:58:29 +0000 | [diff] [blame] | 1464 | Slog.i(TAG, "Unlocking user " + userId + |
| 1465 | " with token length " + response.getPayload().length); |
| 1466 | unlockUser(userId, response.getPayload(), secretFromCredential(credential)); |
Jeff Sharkey | b9fe537 | 2015-12-03 15:23:08 -0700 | [diff] [blame] | 1467 | |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 1468 | if (isManagedProfileWithSeparatedLock(userId)) { |
Clara Bayarri | 56878a9 | 2015-10-29 15:43:55 +0000 | [diff] [blame] | 1469 | TrustManager trustManager = |
| 1470 | (TrustManager) mContext.getSystemService(Context.TRUST_SERVICE); |
| 1471 | trustManager.setDeviceLockedForUser(userId, false); |
| 1472 | } |
Andres Morales | 2397427 | 2015-05-14 22:42:26 -0700 | [diff] [blame] | 1473 | if (shouldReEnroll) { |
| 1474 | credentialUtil.setCredential(credential, credential, userId); |
| 1475 | } |
Adrian Roos | 873010d | 2015-08-25 15:59:00 -0700 | [diff] [blame] | 1476 | } else if (response.getResponseCode() == VerifyCredentialResponse.RESPONSE_RETRY) { |
| 1477 | if (response.getTimeout() > 0) { |
| 1478 | requireStrongAuth(STRONG_AUTH_REQUIRED_AFTER_LOCKOUT, userId); |
| 1479 | } |
Andres Morales | 2397427 | 2015-05-14 22:42:26 -0700 | [diff] [blame] | 1480 | } |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 1481 | |
Andres Morales | 2397427 | 2015-05-14 22:42:26 -0700 | [diff] [blame] | 1482 | return response; |
| 1483 | } |
Andres Morales | d9fc85a | 2015-04-09 19:14:42 -0700 | [diff] [blame] | 1484 | |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 1485 | @Override |
Adrian Roos | 261d5ab | 2014-10-29 14:42:38 +0100 | [diff] [blame] | 1486 | public boolean checkVoldPassword(int userId) throws RemoteException { |
Paul Lawrence | 945490c | 2014-03-27 16:37:28 +0000 | [diff] [blame] | 1487 | if (!mFirstCallToVold) { |
| 1488 | return false; |
| 1489 | } |
| 1490 | mFirstCallToVold = false; |
| 1491 | |
| 1492 | checkPasswordReadPermission(userId); |
| 1493 | |
| 1494 | // There's no guarantee that this will safely connect, but if it fails |
| 1495 | // we will simply show the lock screen when we shouldn't, so relatively |
| 1496 | // benign. There is an outside chance something nasty would happen if |
| 1497 | // this service restarted before vold stales out the password in this |
| 1498 | // case. The nastiness is limited to not showing the lock screen when |
| 1499 | // we should, within the first minute of decrypting the phone if this |
| 1500 | // service can't connect to vold, it restarts, and then the new instance |
| 1501 | // does successfully connect. |
Sudheer Shanka | 2250d56 | 2016-11-07 15:41:02 -0800 | [diff] [blame] | 1502 | final IStorageManager service = getStorageManager(); |
Paul Lawrence | 0bbd108 | 2016-04-26 15:21:02 -0700 | [diff] [blame] | 1503 | String password; |
| 1504 | long identity = Binder.clearCallingIdentity(); |
| 1505 | try { |
| 1506 | password = service.getPassword(); |
| 1507 | service.clearPassword(); |
| 1508 | } finally { |
| 1509 | Binder.restoreCallingIdentity(identity); |
| 1510 | } |
Paul Lawrence | 945490c | 2014-03-27 16:37:28 +0000 | [diff] [blame] | 1511 | if (password == null) { |
| 1512 | return false; |
| 1513 | } |
| 1514 | |
| 1515 | try { |
Adrian Roos | 9dd16eb | 2015-01-08 16:20:49 +0100 | [diff] [blame] | 1516 | if (mLockPatternUtils.isLockPatternEnabled(userId)) { |
Jorim Jaggi | e8fde5d | 2016-06-30 23:41:37 -0700 | [diff] [blame] | 1517 | if (checkPattern(password, userId, null /* progressCallback */).getResponseCode() |
Andres Morales | 2397427 | 2015-05-14 22:42:26 -0700 | [diff] [blame] | 1518 | == GateKeeperResponse.RESPONSE_OK) { |
Paul Lawrence | 945490c | 2014-03-27 16:37:28 +0000 | [diff] [blame] | 1519 | return true; |
| 1520 | } |
| 1521 | } |
| 1522 | } catch (Exception e) { |
| 1523 | } |
| 1524 | |
| 1525 | try { |
Adrian Roos | 9dd16eb | 2015-01-08 16:20:49 +0100 | [diff] [blame] | 1526 | if (mLockPatternUtils.isLockPasswordEnabled(userId)) { |
Jorim Jaggi | e8fde5d | 2016-06-30 23:41:37 -0700 | [diff] [blame] | 1527 | if (checkPassword(password, userId, null /* progressCallback */).getResponseCode() |
Andres Morales | 2397427 | 2015-05-14 22:42:26 -0700 | [diff] [blame] | 1528 | == GateKeeperResponse.RESPONSE_OK) { |
Paul Lawrence | 945490c | 2014-03-27 16:37:28 +0000 | [diff] [blame] | 1529 | return true; |
| 1530 | } |
| 1531 | } |
| 1532 | } catch (Exception e) { |
| 1533 | } |
| 1534 | |
| 1535 | return false; |
| 1536 | } |
| 1537 | |
Amith Yamasani | f11a574 | 2016-06-16 08:20:07 -0700 | [diff] [blame] | 1538 | private void removeUser(int userId, boolean unknownUser) { |
Adrian Roos | 261d5ab | 2014-10-29 14:42:38 +0100 | [diff] [blame] | 1539 | mStorage.removeUser(userId); |
Adrian Roos | b5e4722 | 2015-08-14 15:53:06 -0700 | [diff] [blame] | 1540 | mStrongAuth.removeUser(userId); |
Robin Lee | 49d810c | 2014-09-23 13:50:22 +0100 | [diff] [blame] | 1541 | |
| 1542 | final KeyStore ks = KeyStore.getInstance(); |
Chad Brubaker | 83ce095 | 2015-05-12 13:00:02 -0700 | [diff] [blame] | 1543 | ks.onUserRemoved(userId); |
Andres Morales | 070fe63 | 2015-06-24 10:37:10 -0700 | [diff] [blame] | 1544 | |
| 1545 | try { |
| 1546 | final IGateKeeperService gk = getGateKeeperService(); |
| 1547 | if (gk != null) { |
| 1548 | gk.clearSecureUserId(userId); |
| 1549 | } |
| 1550 | } catch (RemoteException ex) { |
| 1551 | Slog.w(TAG, "unable to clear GK secure user id"); |
| 1552 | } |
Amith Yamasani | f11a574 | 2016-06-16 08:20:07 -0700 | [diff] [blame] | 1553 | if (unknownUser || mUserManager.getUserInfo(userId).isManagedProfile()) { |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 1554 | removeKeystoreProfileKey(userId); |
| 1555 | } |
| 1556 | } |
| 1557 | |
| 1558 | private void removeKeystoreProfileKey(int targetUserId) { |
| 1559 | if (DEBUG) Slog.v(TAG, "Remove keystore profile key for user: " + targetUserId); |
| 1560 | try { |
| 1561 | java.security.KeyStore keyStore = java.security.KeyStore.getInstance("AndroidKeyStore"); |
| 1562 | keyStore.load(null); |
Ricky Wai | d398244 | 2016-05-24 19:27:08 +0100 | [diff] [blame] | 1563 | keyStore.deleteEntry(LockPatternUtils.PROFILE_KEY_NAME_ENCRYPT + targetUserId); |
| 1564 | keyStore.deleteEntry(LockPatternUtils.PROFILE_KEY_NAME_DECRYPT + targetUserId); |
Ricky Wai | dc283a8 | 2016-03-24 19:55:08 +0000 | [diff] [blame] | 1565 | } catch (KeyStoreException | NoSuchAlgorithmException | CertificateException |
| 1566 | | IOException e) { |
| 1567 | // We have tried our best to remove all keys |
| 1568 | Slog.e(TAG, "Unable to remove keystore profile key for user:" + targetUserId, e); |
| 1569 | } |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 1570 | } |
| 1571 | |
Adrian Roos | b5e4722 | 2015-08-14 15:53:06 -0700 | [diff] [blame] | 1572 | @Override |
| 1573 | public void registerStrongAuthTracker(IStrongAuthTracker tracker) { |
| 1574 | checkPasswordReadPermission(UserHandle.USER_ALL); |
| 1575 | mStrongAuth.registerStrongAuthTracker(tracker); |
| 1576 | } |
| 1577 | |
| 1578 | @Override |
| 1579 | public void unregisterStrongAuthTracker(IStrongAuthTracker tracker) { |
| 1580 | checkPasswordReadPermission(UserHandle.USER_ALL); |
| 1581 | mStrongAuth.unregisterStrongAuthTracker(tracker); |
| 1582 | } |
| 1583 | |
| 1584 | @Override |
| 1585 | public void requireStrongAuth(int strongAuthReason, int userId) { |
| 1586 | checkWritePermission(userId); |
| 1587 | mStrongAuth.requireStrongAuth(strongAuthReason, userId); |
| 1588 | } |
| 1589 | |
Adrian Roos | 4ab7e59 | 2016-04-13 15:38:13 -0700 | [diff] [blame] | 1590 | @Override |
| 1591 | public void userPresent(int userId) { |
| 1592 | checkWritePermission(userId); |
| 1593 | mStrongAuth.reportUnlock(userId); |
| 1594 | } |
| 1595 | |
Victor Chang | a0940d3 | 2016-05-16 19:36:08 +0100 | [diff] [blame] | 1596 | @Override |
| 1597 | public int getStrongAuthForUser(int userId) { |
| 1598 | checkPasswordReadPermission(userId); |
| 1599 | return mStrongAuthTracker.getStrongAuthForUser(userId); |
| 1600 | } |
| 1601 | |
Jorim Jaggi | 2fef6f7 | 2016-11-01 19:06:25 -0700 | [diff] [blame] | 1602 | private boolean isCallerShell() { |
| 1603 | final int callingUid = Binder.getCallingUid(); |
| 1604 | return callingUid == Process.SHELL_UID || callingUid == Process.ROOT_UID; |
| 1605 | } |
| 1606 | |
| 1607 | private void enforceShell() { |
| 1608 | if (!isCallerShell()) { |
| 1609 | throw new SecurityException("Caller must be shell"); |
| 1610 | } |
| 1611 | } |
| 1612 | |
| 1613 | @Override |
| 1614 | public void onShellCommand(FileDescriptor in, FileDescriptor out, FileDescriptor err, |
| 1615 | String[] args, ShellCallback callback, ResultReceiver resultReceiver) |
| 1616 | throws RemoteException { |
| 1617 | enforceShell(); |
| 1618 | final long origId = Binder.clearCallingIdentity(); |
| 1619 | try { |
| 1620 | (new LockSettingsShellCommand(mContext, new LockPatternUtils(mContext))).exec( |
| 1621 | this, in, out, err, args, callback, resultReceiver); |
| 1622 | } finally { |
| 1623 | Binder.restoreCallingIdentity(origId); |
| 1624 | } |
| 1625 | } |
| 1626 | |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 1627 | private static final String[] VALID_SETTINGS = new String[] { |
| 1628 | LockPatternUtils.LOCKOUT_PERMANENT_KEY, |
| 1629 | LockPatternUtils.LOCKOUT_ATTEMPT_DEADLINE, |
| 1630 | LockPatternUtils.PATTERN_EVER_CHOSEN_KEY, |
| 1631 | LockPatternUtils.PASSWORD_TYPE_KEY, |
| 1632 | LockPatternUtils.PASSWORD_TYPE_ALTERNATE_KEY, |
| 1633 | LockPatternUtils.LOCK_PASSWORD_SALT_KEY, |
| 1634 | LockPatternUtils.DISABLE_LOCKSCREEN_KEY, |
| 1635 | LockPatternUtils.LOCKSCREEN_OPTIONS, |
| 1636 | LockPatternUtils.LOCKSCREEN_BIOMETRIC_WEAK_FALLBACK, |
| 1637 | LockPatternUtils.BIOMETRIC_WEAK_EVER_CHOSEN_KEY, |
| 1638 | LockPatternUtils.LOCKSCREEN_POWER_BUTTON_INSTANTLY_LOCKS, |
| 1639 | LockPatternUtils.PASSWORD_HISTORY_KEY, |
| 1640 | Secure.LOCK_PATTERN_ENABLED, |
| 1641 | Secure.LOCK_BIOMETRIC_WEAK_FLAGS, |
| 1642 | Secure.LOCK_PATTERN_VISIBLE, |
| 1643 | Secure.LOCK_PATTERN_TACTILE_FEEDBACK_ENABLED |
Jim Miller | 187ec58 | 2013-04-15 18:27:54 -0700 | [diff] [blame] | 1644 | }; |
| 1645 | |
Svetoslav Ganov | 6d2c0e5 | 2015-06-23 16:33:36 +0000 | [diff] [blame] | 1646 | // Reading these settings needs the contacts permission |
| 1647 | private static final String[] READ_CONTACTS_PROTECTED_SETTINGS = new String[] { |
Jim Miller | 187ec58 | 2013-04-15 18:27:54 -0700 | [diff] [blame] | 1648 | Secure.LOCK_SCREEN_OWNER_INFO_ENABLED, |
| 1649 | Secure.LOCK_SCREEN_OWNER_INFO |
| 1650 | }; |
Paul Lawrence | 945490c | 2014-03-27 16:37:28 +0000 | [diff] [blame] | 1651 | |
Adrian Roos | 001b00d | 2015-02-24 17:08:48 +0100 | [diff] [blame] | 1652 | // Reading these settings needs the same permission as checking the password |
| 1653 | private static final String[] READ_PASSWORD_PROTECTED_SETTINGS = new String[] { |
| 1654 | LockPatternUtils.LOCK_PASSWORD_SALT_KEY, |
| 1655 | LockPatternUtils.PASSWORD_HISTORY_KEY, |
Adrian Roos | 855fa30 | 2015-04-02 16:01:12 +0200 | [diff] [blame] | 1656 | LockPatternUtils.PASSWORD_TYPE_KEY, |
Ricky Wai | 7f405f1 | 2016-05-31 12:05:05 +0100 | [diff] [blame] | 1657 | SEPARATE_PROFILE_CHALLENGE_KEY |
Adrian Roos | 001b00d | 2015-02-24 17:08:48 +0100 | [diff] [blame] | 1658 | }; |
| 1659 | |
Amith Yamasani | 072543f | 2015-02-13 11:09:45 -0800 | [diff] [blame] | 1660 | private static final String[] SETTINGS_TO_BACKUP = new String[] { |
| 1661 | Secure.LOCK_SCREEN_OWNER_INFO_ENABLED, |
| 1662 | Secure.LOCK_SCREEN_OWNER_INFO |
| 1663 | }; |
| 1664 | |
Sudheer Shanka | 2250d56 | 2016-11-07 15:41:02 -0800 | [diff] [blame] | 1665 | private IStorageManager getStorageManager() { |
Paul Lawrence | 945490c | 2014-03-27 16:37:28 +0000 | [diff] [blame] | 1666 | final IBinder service = ServiceManager.getService("mount"); |
| 1667 | if (service != null) { |
Sudheer Shanka | 2250d56 | 2016-11-07 15:41:02 -0800 | [diff] [blame] | 1668 | return IStorageManager.Stub.asInterface(service); |
Paul Lawrence | 945490c | 2014-03-27 16:37:28 +0000 | [diff] [blame] | 1669 | } |
| 1670 | return null; |
| 1671 | } |
Andres Morales | 8fa5665 | 2015-03-31 09:19:50 -0700 | [diff] [blame] | 1672 | |
Andres Morales | 301ea44 | 2015-04-17 09:15:47 -0700 | [diff] [blame] | 1673 | private class GateKeeperDiedRecipient implements IBinder.DeathRecipient { |
| 1674 | @Override |
| 1675 | public void binderDied() { |
| 1676 | mGateKeeperService.asBinder().unlinkToDeath(this, 0); |
| 1677 | mGateKeeperService = null; |
| 1678 | } |
| 1679 | } |
| 1680 | |
| 1681 | private synchronized IGateKeeperService getGateKeeperService() |
| 1682 | throws RemoteException { |
Andres Morales | 8fa5665 | 2015-03-31 09:19:50 -0700 | [diff] [blame] | 1683 | if (mGateKeeperService != null) { |
| 1684 | return mGateKeeperService; |
| 1685 | } |
| 1686 | |
| 1687 | final IBinder service = |
Amith Yamasani | d04aaa3 | 2016-06-13 12:09:36 -0700 | [diff] [blame] | 1688 | ServiceManager.getService(Context.GATEKEEPER_SERVICE); |
Andres Morales | 8fa5665 | 2015-03-31 09:19:50 -0700 | [diff] [blame] | 1689 | if (service != null) { |
Andres Morales | 301ea44 | 2015-04-17 09:15:47 -0700 | [diff] [blame] | 1690 | service.linkToDeath(new GateKeeperDiedRecipient(), 0); |
Andres Morales | 8fa5665 | 2015-03-31 09:19:50 -0700 | [diff] [blame] | 1691 | mGateKeeperService = IGateKeeperService.Stub.asInterface(service); |
| 1692 | return mGateKeeperService; |
| 1693 | } |
| 1694 | |
| 1695 | Slog.e(TAG, "Unable to acquire GateKeeperService"); |
| 1696 | return null; |
| 1697 | } |
Amith Yamasani | 52c489c | 2012-03-28 11:42:42 -0700 | [diff] [blame] | 1698 | } |