The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 1 | /* |
| 2 | * Copyright (C) 2007 The Android Open Source Project |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| 16 | |
| 17 | package com.android.internal.widget; |
| 18 | |
Jason parks | f7b3cd4 | 2011-01-27 09:28:25 -0600 | [diff] [blame] | 19 | import com.android.internal.R; |
| 20 | import com.android.internal.telephony.ITelephony; |
| 21 | import com.google.android.collect.Lists; |
| 22 | |
Dianne Hackborn | 87bba1e | 2010-02-26 17:25:54 -0800 | [diff] [blame] | 23 | import android.app.admin.DevicePolicyManager; |
The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 24 | import android.content.ContentResolver; |
Jim Miller | 31f90b6 | 2010-01-20 13:35:20 -0800 | [diff] [blame] | 25 | import android.content.Context; |
Steven Ross | 329979c | 2011-09-28 11:42:56 -0400 | [diff] [blame] | 26 | import android.content.Intent; |
Danielle Millett | 5839698 | 2011-09-30 13:55:07 -0400 | [diff] [blame] | 27 | import android.content.pm.PackageManager; |
Brad Fitzpatrick | 9088100 | 2010-08-23 18:30:08 -0700 | [diff] [blame] | 28 | import android.os.FileObserver; |
Jason parks | f7b3cd4 | 2011-01-27 09:28:25 -0600 | [diff] [blame] | 29 | import android.os.IBinder; |
Jim Miller | 69ac988 | 2010-02-24 15:35:05 -0800 | [diff] [blame] | 30 | import android.os.RemoteException; |
| 31 | import android.os.ServiceManager; |
The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 32 | import android.os.SystemClock; |
Jason parks | f7b3cd4 | 2011-01-27 09:28:25 -0600 | [diff] [blame] | 33 | import android.os.storage.IMountService; |
The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 34 | import android.provider.Settings; |
Brian Carlstrom | 5cfee3f | 2011-05-31 01:00:15 -0700 | [diff] [blame] | 35 | import android.security.KeyStore; |
Jim Miller | 69ac988 | 2010-02-24 15:35:05 -0800 | [diff] [blame] | 36 | import android.telephony.TelephonyManager; |
The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 37 | import android.text.TextUtils; |
| 38 | import android.util.Log; |
John Wang | 0f7b3f8 | 2011-05-31 11:20:55 -0700 | [diff] [blame] | 39 | import android.view.View; |
Jim Miller | 69ac988 | 2010-02-24 15:35:05 -0800 | [diff] [blame] | 40 | import android.widget.Button; |
The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 41 | |
Brad Fitzpatrick | 9088100 | 2010-08-23 18:30:08 -0700 | [diff] [blame] | 42 | import java.io.File; |
The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 43 | import java.io.FileNotFoundException; |
| 44 | import java.io.IOException; |
| 45 | import java.io.RandomAccessFile; |
Brian Carlstrom | 929a1c2 | 2011-02-01 21:54:09 -0800 | [diff] [blame] | 46 | import java.security.MessageDigest; |
The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 47 | import java.security.NoSuchAlgorithmException; |
Jim Miller | 11b019d | 2010-01-20 16:34:45 -0800 | [diff] [blame] | 48 | import java.security.SecureRandom; |
The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 49 | import java.util.Arrays; |
| 50 | import java.util.List; |
Brad Fitzpatrick | 9088100 | 2010-08-23 18:30:08 -0700 | [diff] [blame] | 51 | import java.util.concurrent.atomic.AtomicBoolean; |
The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 52 | |
| 53 | /** |
Brian Carlstrom | 5cfee3f | 2011-05-31 01:00:15 -0700 | [diff] [blame] | 54 | * Utilities for the lock pattern and its settings. |
The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 55 | */ |
| 56 | public class LockPatternUtils { |
| 57 | |
Jim Miller | cb3521e | 2011-10-03 20:42:26 -0700 | [diff] [blame] | 58 | private static final String OPTION_ENABLE_FACELOCK = "enable_facelock"; |
| 59 | |
The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 60 | private static final String TAG = "LockPatternUtils"; |
Jim Miller | 69aa4a9 | 2009-12-22 19:03:28 -0800 | [diff] [blame] | 61 | |
Brad Fitzpatrick | 9088100 | 2010-08-23 18:30:08 -0700 | [diff] [blame] | 62 | private static final String SYSTEM_DIRECTORY = "/system/"; |
| 63 | private static final String LOCK_PATTERN_FILE = "gesture.key"; |
| 64 | private static final String LOCK_PASSWORD_FILE = "password.key"; |
The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 65 | |
| 66 | /** |
| 67 | * The maximum number of incorrect attempts before the user is prevented |
| 68 | * from trying again for {@link #FAILED_ATTEMPT_TIMEOUT_MS}. |
| 69 | */ |
| 70 | public static final int FAILED_ATTEMPTS_BEFORE_TIMEOUT = 5; |
| 71 | |
| 72 | /** |
| 73 | * The number of incorrect attempts before which we fall back on an alternative |
| 74 | * method of verifying the user, and resetting their lock pattern. |
| 75 | */ |
| 76 | public static final int FAILED_ATTEMPTS_BEFORE_RESET = 20; |
| 77 | |
| 78 | /** |
| 79 | * How long the user is prevented from trying again after entering the |
| 80 | * wrong pattern too many times. |
| 81 | */ |
| 82 | public static final long FAILED_ATTEMPT_TIMEOUT_MS = 30000L; |
| 83 | |
| 84 | /** |
| 85 | * The interval of the countdown for showing progress of the lockout. |
| 86 | */ |
| 87 | public static final long FAILED_ATTEMPT_COUNTDOWN_INTERVAL_MS = 1000L; |
| 88 | |
Jim Miller | 4f36995 | 2011-08-19 18:29:22 -0700 | [diff] [blame] | 89 | |
| 90 | /** |
| 91 | * This dictates when we start telling the user that continued failed attempts will wipe |
| 92 | * their device. |
| 93 | */ |
| 94 | public static final int FAILED_ATTEMPTS_BEFORE_WIPE_GRACE = 5; |
| 95 | |
The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 96 | /** |
| 97 | * The minimum number of dots in a valid pattern. |
| 98 | */ |
| 99 | public static final int MIN_LOCK_PATTERN_SIZE = 4; |
| 100 | |
| 101 | /** |
| 102 | * The minimum number of dots the user must include in a wrong pattern |
| 103 | * attempt for it to be counted against the counts that affect |
| 104 | * {@link #FAILED_ATTEMPTS_BEFORE_TIMEOUT} and {@link #FAILED_ATTEMPTS_BEFORE_RESET} |
| 105 | */ |
Jim Miller | 4f36995 | 2011-08-19 18:29:22 -0700 | [diff] [blame] | 106 | public static final int MIN_PATTERN_REGISTER_FAIL = MIN_LOCK_PATTERN_SIZE; |
The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 107 | |
| 108 | private final static String LOCKOUT_PERMANENT_KEY = "lockscreen.lockedoutpermanently"; |
| 109 | private final static String LOCKOUT_ATTEMPT_DEADLINE = "lockscreen.lockoutattemptdeadline"; |
Jim Miller | 69aa4a9 | 2009-12-22 19:03:28 -0800 | [diff] [blame] | 110 | private final static String PATTERN_EVER_CHOSEN_KEY = "lockscreen.patterneverchosen"; |
| 111 | public final static String PASSWORD_TYPE_KEY = "lockscreen.password_type"; |
Jim Miller | 6edf263 | 2011-09-05 16:03:14 -0700 | [diff] [blame] | 112 | public static final String PASSWORD_TYPE_ALTERNATE_KEY = "lockscreen.password_type_alternate"; |
Jim Miller | 11b019d | 2010-01-20 16:34:45 -0800 | [diff] [blame] | 113 | private final static String LOCK_PASSWORD_SALT_KEY = "lockscreen.password_salt"; |
Jim Miller | 2a98a4c | 2010-11-19 18:49:26 -0800 | [diff] [blame] | 114 | private final static String DISABLE_LOCKSCREEN_KEY = "lockscreen.disabled"; |
Jim Miller | cb3521e | 2011-10-03 20:42:26 -0700 | [diff] [blame] | 115 | private final static String LOCKSCREEN_OPTIONS = "lockscreen.options"; |
Jim Miller | 6edf263 | 2011-09-05 16:03:14 -0700 | [diff] [blame] | 116 | public final static String LOCKSCREEN_BIOMETRIC_WEAK_FALLBACK |
| 117 | = "lockscreen.biometric_weak_fallback"; |
Danielle Millett | 7a07219 | 2011-10-03 17:36:01 -0400 | [diff] [blame] | 118 | public final static String BIOMETRIC_WEAK_EVER_CHOSEN_KEY |
| 119 | = "lockscreen.biometricweakeverchosen"; |
Jim Miller | a4edd15 | 2012-01-06 18:24:04 -0800 | [diff] [blame] | 120 | public final static String LOCKSCREEN_POWER_BUTTON_INSTANTLY_LOCKS |
| 121 | = "lockscreen.power_button_instantly_locks"; |
The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 122 | |
Konstantin Lopyrev | 863f22d | 2010-05-12 17:16:58 -0700 | [diff] [blame] | 123 | private final static String PASSWORD_HISTORY_KEY = "lockscreen.passwordhistory"; |
| 124 | |
Dianne Hackborn | df83afa | 2010-01-20 13:37:26 -0800 | [diff] [blame] | 125 | private final Context mContext; |
The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 126 | private final ContentResolver mContentResolver; |
Jim Miller | 31f90b6 | 2010-01-20 13:35:20 -0800 | [diff] [blame] | 127 | private DevicePolicyManager mDevicePolicyManager; |
The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 128 | private static String sLockPatternFilename; |
Jim Miller | 69aa4a9 | 2009-12-22 19:03:28 -0800 | [diff] [blame] | 129 | private static String sLockPasswordFilename; |
| 130 | |
Brad Fitzpatrick | 9088100 | 2010-08-23 18:30:08 -0700 | [diff] [blame] | 131 | private static final AtomicBoolean sHaveNonZeroPatternFile = new AtomicBoolean(false); |
| 132 | private static final AtomicBoolean sHaveNonZeroPasswordFile = new AtomicBoolean(false); |
Jim Miller | 4f36995 | 2011-08-19 18:29:22 -0700 | [diff] [blame] | 133 | |
Brad Fitzpatrick | 9088100 | 2010-08-23 18:30:08 -0700 | [diff] [blame] | 134 | private static FileObserver sPasswordObserver; |
| 135 | |
Dianne Hackborn | de4c26f | 2011-07-17 13:42:47 -0700 | [diff] [blame] | 136 | private static class PasswordFileObserver extends FileObserver { |
| 137 | public PasswordFileObserver(String path, int mask) { |
| 138 | super(path, mask); |
| 139 | } |
| 140 | |
| 141 | @Override |
| 142 | public void onEvent(int event, String path) { |
| 143 | if (LOCK_PATTERN_FILE.equals(path)) { |
| 144 | Log.d(TAG, "lock pattern file changed"); |
| 145 | sHaveNonZeroPatternFile.set(new File(sLockPatternFilename).length() > 0); |
| 146 | } else if (LOCK_PASSWORD_FILE.equals(path)) { |
| 147 | Log.d(TAG, "lock password file changed"); |
| 148 | sHaveNonZeroPasswordFile.set(new File(sLockPasswordFilename).length() > 0); |
| 149 | } |
| 150 | } |
| 151 | } |
| 152 | |
Jim Miller | cd70988 | 2010-03-25 18:24:02 -0700 | [diff] [blame] | 153 | public DevicePolicyManager getDevicePolicyManager() { |
Jim Miller | 5b0fb3a | 2010-02-23 13:46:35 -0800 | [diff] [blame] | 154 | if (mDevicePolicyManager == null) { |
| 155 | mDevicePolicyManager = |
| 156 | (DevicePolicyManager)mContext.getSystemService(Context.DEVICE_POLICY_SERVICE); |
| 157 | if (mDevicePolicyManager == null) { |
| 158 | Log.e(TAG, "Can't get DevicePolicyManagerService: is it running?", |
| 159 | new IllegalStateException("Stack trace:")); |
| 160 | } |
| 161 | } |
| 162 | return mDevicePolicyManager; |
| 163 | } |
The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 164 | /** |
| 165 | * @param contentResolver Used to look up and save settings. |
| 166 | */ |
Jim Miller | 31f90b6 | 2010-01-20 13:35:20 -0800 | [diff] [blame] | 167 | public LockPatternUtils(Context context) { |
Dianne Hackborn | df83afa | 2010-01-20 13:37:26 -0800 | [diff] [blame] | 168 | mContext = context; |
Jim Miller | 31f90b6 | 2010-01-20 13:35:20 -0800 | [diff] [blame] | 169 | mContentResolver = context.getContentResolver(); |
Jim Miller | 69aa4a9 | 2009-12-22 19:03:28 -0800 | [diff] [blame] | 170 | |
Brad Fitzpatrick | 9088100 | 2010-08-23 18:30:08 -0700 | [diff] [blame] | 171 | // Initialize the location of gesture & PIN lock files |
| 172 | if (sLockPatternFilename == null) { |
| 173 | String dataSystemDirectory = |
| 174 | android.os.Environment.getDataDirectory().getAbsolutePath() + |
| 175 | SYSTEM_DIRECTORY; |
| 176 | sLockPatternFilename = dataSystemDirectory + LOCK_PATTERN_FILE; |
| 177 | sLockPasswordFilename = dataSystemDirectory + LOCK_PASSWORD_FILE; |
| 178 | sHaveNonZeroPatternFile.set(new File(sLockPatternFilename).length() > 0); |
| 179 | sHaveNonZeroPasswordFile.set(new File(sLockPasswordFilename).length() > 0); |
| 180 | int fileObserverMask = FileObserver.CLOSE_WRITE | FileObserver.DELETE | |
| 181 | FileObserver.MOVED_TO | FileObserver.CREATE; |
Dianne Hackborn | de4c26f | 2011-07-17 13:42:47 -0700 | [diff] [blame] | 182 | sPasswordObserver = new PasswordFileObserver(dataSystemDirectory, fileObserverMask); |
Brad Fitzpatrick | 9088100 | 2010-08-23 18:30:08 -0700 | [diff] [blame] | 183 | sPasswordObserver.startWatching(); |
| 184 | } |
The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 185 | } |
| 186 | |
Jim Miller | 31f90b6 | 2010-01-20 13:35:20 -0800 | [diff] [blame] | 187 | public int getRequestedMinimumPasswordLength() { |
Jim Miller | 5b0fb3a | 2010-02-23 13:46:35 -0800 | [diff] [blame] | 188 | return getDevicePolicyManager().getPasswordMinimumLength(null); |
Jim Miller | 31f90b6 | 2010-01-20 13:35:20 -0800 | [diff] [blame] | 189 | } |
| 190 | |
Jim Miller | cd70988 | 2010-03-25 18:24:02 -0700 | [diff] [blame] | 191 | |
Jim Miller | 31f90b6 | 2010-01-20 13:35:20 -0800 | [diff] [blame] | 192 | /** |
| 193 | * Gets the device policy password mode. If the mode is non-specific, returns |
| 194 | * MODE_PATTERN which allows the user to choose anything. |
Jim Miller | 31f90b6 | 2010-01-20 13:35:20 -0800 | [diff] [blame] | 195 | */ |
Jim Miller | cd70988 | 2010-03-25 18:24:02 -0700 | [diff] [blame] | 196 | public int getRequestedPasswordQuality() { |
| 197 | return getDevicePolicyManager().getPasswordQuality(null); |
Jim Miller | 31f90b6 | 2010-01-20 13:35:20 -0800 | [diff] [blame] | 198 | } |
| 199 | |
Konstantin Lopyrev | 3255823 | 2010-05-20 16:18:05 -0700 | [diff] [blame] | 200 | public int getRequestedPasswordHistoryLength() { |
| 201 | return getDevicePolicyManager().getPasswordHistoryLength(null); |
| 202 | } |
| 203 | |
Konstantin Lopyrev | a15dcfa | 2010-05-24 17:10:56 -0700 | [diff] [blame] | 204 | public int getRequestedPasswordMinimumLetters() { |
| 205 | return getDevicePolicyManager().getPasswordMinimumLetters(null); |
| 206 | } |
| 207 | |
| 208 | public int getRequestedPasswordMinimumUpperCase() { |
| 209 | return getDevicePolicyManager().getPasswordMinimumUpperCase(null); |
| 210 | } |
| 211 | |
| 212 | public int getRequestedPasswordMinimumLowerCase() { |
| 213 | return getDevicePolicyManager().getPasswordMinimumLowerCase(null); |
| 214 | } |
| 215 | |
| 216 | public int getRequestedPasswordMinimumNumeric() { |
| 217 | return getDevicePolicyManager().getPasswordMinimumNumeric(null); |
| 218 | } |
| 219 | |
| 220 | public int getRequestedPasswordMinimumSymbols() { |
| 221 | return getDevicePolicyManager().getPasswordMinimumSymbols(null); |
| 222 | } |
| 223 | |
Konstantin Lopyrev | c857740 | 2010-06-04 17:15:02 -0700 | [diff] [blame] | 224 | public int getRequestedPasswordMinimumNonLetter() { |
| 225 | return getDevicePolicyManager().getPasswordMinimumNonLetter(null); |
| 226 | } |
Jim Miller | 31f90b6 | 2010-01-20 13:35:20 -0800 | [diff] [blame] | 227 | /** |
| 228 | * Returns the actual password mode, as set by keyguard after updating the password. |
| 229 | * |
| 230 | * @return |
| 231 | */ |
Jim Miller | 31f90b6 | 2010-01-20 13:35:20 -0800 | [diff] [blame] | 232 | public void reportFailedPasswordAttempt() { |
Jim Miller | 5b0fb3a | 2010-02-23 13:46:35 -0800 | [diff] [blame] | 233 | getDevicePolicyManager().reportFailedPasswordAttempt(); |
Jim Miller | 31f90b6 | 2010-01-20 13:35:20 -0800 | [diff] [blame] | 234 | } |
| 235 | |
| 236 | public void reportSuccessfulPasswordAttempt() { |
Jim Miller | 5b0fb3a | 2010-02-23 13:46:35 -0800 | [diff] [blame] | 237 | getDevicePolicyManager().reportSuccessfulPasswordAttempt(); |
Jim Miller | 31f90b6 | 2010-01-20 13:35:20 -0800 | [diff] [blame] | 238 | } |
| 239 | |
The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 240 | /** |
| 241 | * Check to see if a pattern matches the saved pattern. If no pattern exists, |
| 242 | * always returns true. |
| 243 | * @param pattern The pattern to check. |
Jim Miller | 69aa4a9 | 2009-12-22 19:03:28 -0800 | [diff] [blame] | 244 | * @return Whether the pattern matches the stored one. |
The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 245 | */ |
| 246 | public boolean checkPattern(List<LockPatternView.Cell> pattern) { |
| 247 | try { |
| 248 | // Read all the bytes from the file |
| 249 | RandomAccessFile raf = new RandomAccessFile(sLockPatternFilename, "r"); |
| 250 | final byte[] stored = new byte[(int) raf.length()]; |
| 251 | int got = raf.read(stored, 0, stored.length); |
| 252 | raf.close(); |
| 253 | if (got <= 0) { |
| 254 | return true; |
| 255 | } |
| 256 | // Compare the hash from the file with the entered pattern's hash |
| 257 | return Arrays.equals(stored, LockPatternUtils.patternToHash(pattern)); |
| 258 | } catch (FileNotFoundException fnfe) { |
| 259 | return true; |
| 260 | } catch (IOException ioe) { |
| 261 | return true; |
| 262 | } |
| 263 | } |
| 264 | |
| 265 | /** |
Jim Miller | 69aa4a9 | 2009-12-22 19:03:28 -0800 | [diff] [blame] | 266 | * Check to see if a password matches the saved password. If no password exists, |
| 267 | * always returns true. |
| 268 | * @param password The password to check. |
| 269 | * @return Whether the password matches the stored one. |
The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 270 | */ |
Jim Miller | 69aa4a9 | 2009-12-22 19:03:28 -0800 | [diff] [blame] | 271 | public boolean checkPassword(String password) { |
| 272 | try { |
| 273 | // Read all the bytes from the file |
| 274 | RandomAccessFile raf = new RandomAccessFile(sLockPasswordFilename, "r"); |
| 275 | final byte[] stored = new byte[(int) raf.length()]; |
| 276 | int got = raf.read(stored, 0, stored.length); |
| 277 | raf.close(); |
| 278 | if (got <= 0) { |
| 279 | return true; |
| 280 | } |
| 281 | // Compare the hash from the file with the entered password's hash |
Jim Miller | 11b019d | 2010-01-20 16:34:45 -0800 | [diff] [blame] | 282 | return Arrays.equals(stored, passwordToHash(password)); |
Jim Miller | 69aa4a9 | 2009-12-22 19:03:28 -0800 | [diff] [blame] | 283 | } catch (FileNotFoundException fnfe) { |
| 284 | return true; |
| 285 | } catch (IOException ioe) { |
| 286 | return true; |
| 287 | } |
| 288 | } |
| 289 | |
| 290 | /** |
Konstantin Lopyrev | 863f22d | 2010-05-12 17:16:58 -0700 | [diff] [blame] | 291 | * Check to see if a password matches any of the passwords stored in the |
| 292 | * password history. |
| 293 | * |
| 294 | * @param password The password to check. |
| 295 | * @return Whether the password matches any in the history. |
| 296 | */ |
| 297 | public boolean checkPasswordHistory(String password) { |
| 298 | String passwordHashString = new String(passwordToHash(password)); |
| 299 | String passwordHistory = getString(PASSWORD_HISTORY_KEY); |
Konstantin Lopyrev | 3255823 | 2010-05-20 16:18:05 -0700 | [diff] [blame] | 300 | if (passwordHistory == null) { |
| 301 | return false; |
| 302 | } |
| 303 | // Password History may be too long... |
| 304 | int passwordHashLength = passwordHashString.length(); |
| 305 | int passwordHistoryLength = getRequestedPasswordHistoryLength(); |
| 306 | if(passwordHistoryLength == 0) { |
| 307 | return false; |
| 308 | } |
| 309 | int neededPasswordHistoryLength = passwordHashLength * passwordHistoryLength |
| 310 | + passwordHistoryLength - 1; |
| 311 | if (passwordHistory.length() > neededPasswordHistoryLength) { |
| 312 | passwordHistory = passwordHistory.substring(0, neededPasswordHistoryLength); |
| 313 | } |
| 314 | return passwordHistory.contains(passwordHashString); |
Konstantin Lopyrev | 863f22d | 2010-05-12 17:16:58 -0700 | [diff] [blame] | 315 | } |
| 316 | |
| 317 | /** |
Jim Miller | 69aa4a9 | 2009-12-22 19:03:28 -0800 | [diff] [blame] | 318 | * Check to see if the user has stored a lock pattern. |
| 319 | * @return Whether a saved pattern exists. |
| 320 | */ |
| 321 | public boolean savedPatternExists() { |
Brad Fitzpatrick | 9088100 | 2010-08-23 18:30:08 -0700 | [diff] [blame] | 322 | return sHaveNonZeroPatternFile.get(); |
Jim Miller | 69aa4a9 | 2009-12-22 19:03:28 -0800 | [diff] [blame] | 323 | } |
| 324 | |
| 325 | /** |
| 326 | * Check to see if the user has stored a lock pattern. |
| 327 | * @return Whether a saved pattern exists. |
| 328 | */ |
| 329 | public boolean savedPasswordExists() { |
Brad Fitzpatrick | 9088100 | 2010-08-23 18:30:08 -0700 | [diff] [blame] | 330 | return sHaveNonZeroPasswordFile.get(); |
Jim Miller | 69aa4a9 | 2009-12-22 19:03:28 -0800 | [diff] [blame] | 331 | } |
| 332 | |
| 333 | /** |
The Android Open Source Project | ba87e3e | 2009-03-13 13:04:22 -0700 | [diff] [blame] | 334 | * Return true if the user has ever chosen a pattern. This is true even if the pattern is |
| 335 | * currently cleared. |
| 336 | * |
| 337 | * @return True if the user has ever chosen a pattern. |
| 338 | */ |
| 339 | public boolean isPatternEverChosen() { |
Jim Miller | a4edd15 | 2012-01-06 18:24:04 -0800 | [diff] [blame] | 340 | return getBoolean(PATTERN_EVER_CHOSEN_KEY, false); |
The Android Open Source Project | ba87e3e | 2009-03-13 13:04:22 -0700 | [diff] [blame] | 341 | } |
| 342 | |
| 343 | /** |
Danielle Millett | 7a07219 | 2011-10-03 17:36:01 -0400 | [diff] [blame] | 344 | * Return true if the user has ever chosen biometric weak. This is true even if biometric |
| 345 | * weak is not current set. |
| 346 | * |
| 347 | * @return True if the user has ever chosen biometric weak. |
| 348 | */ |
| 349 | public boolean isBiometricWeakEverChosen() { |
Jim Miller | a4edd15 | 2012-01-06 18:24:04 -0800 | [diff] [blame] | 350 | return getBoolean(BIOMETRIC_WEAK_EVER_CHOSEN_KEY, false); |
Danielle Millett | 7a07219 | 2011-10-03 17:36:01 -0400 | [diff] [blame] | 351 | } |
| 352 | |
| 353 | /** |
Dianne Hackborn | 85f2c9c | 2010-03-22 11:12:48 -0700 | [diff] [blame] | 354 | * Used by device policy manager to validate the current password |
| 355 | * information it has. |
| 356 | */ |
| 357 | public int getActivePasswordQuality() { |
Jim Miller | cd70988 | 2010-03-25 18:24:02 -0700 | [diff] [blame] | 358 | int activePasswordQuality = DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED; |
Danielle Millett | c8fb532 | 2011-10-04 12:18:51 -0400 | [diff] [blame] | 359 | // Note we don't want to use getKeyguardStoredPasswordQuality() because we want this to |
| 360 | // return biometric_weak if that is being used instead of the backup |
| 361 | int quality = |
| 362 | (int) getLong(PASSWORD_TYPE_KEY, DevicePolicyManager.PASSWORD_QUALITY_SOMETHING); |
| 363 | switch (quality) { |
Jim Miller | cd70988 | 2010-03-25 18:24:02 -0700 | [diff] [blame] | 364 | case DevicePolicyManager.PASSWORD_QUALITY_SOMETHING: |
Dianne Hackborn | 85f2c9c | 2010-03-22 11:12:48 -0700 | [diff] [blame] | 365 | if (isLockPatternEnabled()) { |
Jim Miller | cd70988 | 2010-03-25 18:24:02 -0700 | [diff] [blame] | 366 | activePasswordQuality = DevicePolicyManager.PASSWORD_QUALITY_SOMETHING; |
Dianne Hackborn | 85f2c9c | 2010-03-22 11:12:48 -0700 | [diff] [blame] | 367 | } |
Jim Miller | cd70988 | 2010-03-25 18:24:02 -0700 | [diff] [blame] | 368 | break; |
Danielle Millett | c8fb532 | 2011-10-04 12:18:51 -0400 | [diff] [blame] | 369 | case DevicePolicyManager.PASSWORD_QUALITY_BIOMETRIC_WEAK: |
| 370 | if (isBiometricWeakInstalled()) { |
| 371 | activePasswordQuality = DevicePolicyManager.PASSWORD_QUALITY_BIOMETRIC_WEAK; |
| 372 | } |
| 373 | break; |
Jim Miller | cd70988 | 2010-03-25 18:24:02 -0700 | [diff] [blame] | 374 | case DevicePolicyManager.PASSWORD_QUALITY_NUMERIC: |
Dianne Hackborn | 85f2c9c | 2010-03-22 11:12:48 -0700 | [diff] [blame] | 375 | if (isLockPasswordEnabled()) { |
Jim Miller | cd70988 | 2010-03-25 18:24:02 -0700 | [diff] [blame] | 376 | activePasswordQuality = DevicePolicyManager.PASSWORD_QUALITY_NUMERIC; |
Dianne Hackborn | 85f2c9c | 2010-03-22 11:12:48 -0700 | [diff] [blame] | 377 | } |
Jim Miller | cd70988 | 2010-03-25 18:24:02 -0700 | [diff] [blame] | 378 | break; |
| 379 | case DevicePolicyManager.PASSWORD_QUALITY_ALPHABETIC: |
Dianne Hackborn | 85f2c9c | 2010-03-22 11:12:48 -0700 | [diff] [blame] | 380 | if (isLockPasswordEnabled()) { |
Jim Miller | cd70988 | 2010-03-25 18:24:02 -0700 | [diff] [blame] | 381 | activePasswordQuality = DevicePolicyManager.PASSWORD_QUALITY_ALPHABETIC; |
Dianne Hackborn | 85f2c9c | 2010-03-22 11:12:48 -0700 | [diff] [blame] | 382 | } |
Jim Miller | cd70988 | 2010-03-25 18:24:02 -0700 | [diff] [blame] | 383 | break; |
| 384 | case DevicePolicyManager.PASSWORD_QUALITY_ALPHANUMERIC: |
| 385 | if (isLockPasswordEnabled()) { |
| 386 | activePasswordQuality = DevicePolicyManager.PASSWORD_QUALITY_ALPHANUMERIC; |
| 387 | } |
| 388 | break; |
Konstantin Lopyrev | a15dcfa | 2010-05-24 17:10:56 -0700 | [diff] [blame] | 389 | case DevicePolicyManager.PASSWORD_QUALITY_COMPLEX: |
| 390 | if (isLockPasswordEnabled()) { |
| 391 | activePasswordQuality = DevicePolicyManager.PASSWORD_QUALITY_COMPLEX; |
| 392 | } |
| 393 | break; |
Dianne Hackborn | 85f2c9c | 2010-03-22 11:12:48 -0700 | [diff] [blame] | 394 | } |
Danielle Millett | c8fb532 | 2011-10-04 12:18:51 -0400 | [diff] [blame] | 395 | |
Jim Miller | cd70988 | 2010-03-25 18:24:02 -0700 | [diff] [blame] | 396 | return activePasswordQuality; |
Dianne Hackborn | 85f2c9c | 2010-03-22 11:12:48 -0700 | [diff] [blame] | 397 | } |
Jim Miller | cd70988 | 2010-03-25 18:24:02 -0700 | [diff] [blame] | 398 | |
Dianne Hackborn | 85f2c9c | 2010-03-22 11:12:48 -0700 | [diff] [blame] | 399 | /** |
Dianne Hackborn | df83afa | 2010-01-20 13:37:26 -0800 | [diff] [blame] | 400 | * Clear any lock pattern or password. |
| 401 | */ |
Steven Ross | 329979c | 2011-09-28 11:42:56 -0400 | [diff] [blame] | 402 | public void clearLock(boolean isFallback) { |
| 403 | if(!isFallback) deleteGallery(); |
Jim Miller | cd70988 | 2010-03-25 18:24:02 -0700 | [diff] [blame] | 404 | saveLockPassword(null, DevicePolicyManager.PASSWORD_QUALITY_SOMETHING); |
Dianne Hackborn | df83afa | 2010-01-20 13:37:26 -0800 | [diff] [blame] | 405 | setLockPatternEnabled(false); |
| 406 | saveLockPattern(null); |
Jim Miller | 93708af1 | 2012-01-25 18:26:12 -0800 | [diff] [blame] | 407 | setLong(PASSWORD_TYPE_KEY, DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED); |
Jim Miller | 6edf263 | 2011-09-05 16:03:14 -0700 | [diff] [blame] | 408 | setLong(PASSWORD_TYPE_ALTERNATE_KEY, DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED); |
Dianne Hackborn | df83afa | 2010-01-20 13:37:26 -0800 | [diff] [blame] | 409 | } |
Jim Miller | 5b0fb3a | 2010-02-23 13:46:35 -0800 | [diff] [blame] | 410 | |
Dianne Hackborn | df83afa | 2010-01-20 13:37:26 -0800 | [diff] [blame] | 411 | /** |
Jim Miller | 2a98a4c | 2010-11-19 18:49:26 -0800 | [diff] [blame] | 412 | * Disable showing lock screen at all when the DevicePolicyManager allows it. |
| 413 | * This is only meaningful if pattern, pin or password are not set. |
| 414 | * |
| 415 | * @param disable Disables lock screen when true |
| 416 | */ |
| 417 | public void setLockScreenDisabled(boolean disable) { |
| 418 | setLong(DISABLE_LOCKSCREEN_KEY, disable ? 1 : 0); |
| 419 | } |
| 420 | |
| 421 | /** |
| 422 | * Determine if LockScreen can be disabled. This is used, for example, to tell if we should |
| 423 | * show LockScreen or go straight to the home screen. |
| 424 | * |
| 425 | * @return true if lock screen is can be disabled |
| 426 | */ |
| 427 | public boolean isLockScreenDisabled() { |
| 428 | return !isSecure() && getLong(DISABLE_LOCKSCREEN_KEY, 0) != 0; |
| 429 | } |
| 430 | |
| 431 | /** |
Steven Ross | 3553c29 | 2011-09-30 15:48:40 -0400 | [diff] [blame] | 432 | * Calls back SetupFaceLock to delete the temporary gallery file |
Steven Ross | 329979c | 2011-09-28 11:42:56 -0400 | [diff] [blame] | 433 | */ |
| 434 | public void deleteTempGallery() { |
Steven Ross | 3553c29 | 2011-09-30 15:48:40 -0400 | [diff] [blame] | 435 | Intent intent = new Intent().setClassName("com.android.facelock", |
| 436 | "com.android.facelock.SetupFaceLock"); |
| 437 | intent.putExtra("deleteTempGallery", true); |
| 438 | mContext.startActivity(intent); |
Steven Ross | 329979c | 2011-09-28 11:42:56 -0400 | [diff] [blame] | 439 | } |
| 440 | |
| 441 | /** |
| 442 | * Calls back SetupFaceLock to delete the gallery file when the lock type is changed |
| 443 | */ |
| 444 | void deleteGallery() { |
Danielle Millett | 5839698 | 2011-09-30 13:55:07 -0400 | [diff] [blame] | 445 | if(usingBiometricWeak()) { |
Steven Ross | 329979c | 2011-09-28 11:42:56 -0400 | [diff] [blame] | 446 | Intent intent = new Intent().setClassName("com.android.facelock", |
| 447 | "com.android.facelock.SetupFaceLock"); |
| 448 | intent.putExtra("deleteGallery", true); |
| 449 | mContext.startActivity(intent); |
| 450 | } |
| 451 | } |
| 452 | |
| 453 | /** |
Jim Miller | 6edf263 | 2011-09-05 16:03:14 -0700 | [diff] [blame] | 454 | * Save a lock pattern. |
| 455 | * @param pattern The new pattern to save. |
Danielle Millett | 2364a22 | 2011-12-21 17:02:32 -0500 | [diff] [blame] | 456 | */ |
| 457 | public void saveLockPattern(List<LockPatternView.Cell> pattern) { |
| 458 | this.saveLockPattern(pattern, false); |
| 459 | } |
| 460 | |
| 461 | /** |
| 462 | * Save a lock pattern. |
| 463 | * @param pattern The new pattern to save. |
Jim Miller | 6edf263 | 2011-09-05 16:03:14 -0700 | [diff] [blame] | 464 | * @param isFallback Specifies if this is a fallback to biometric weak |
| 465 | */ |
| 466 | public void saveLockPattern(List<LockPatternView.Cell> pattern, boolean isFallback) { |
The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 467 | // Compute the hash |
Konstantin Lopyrev | a15dcfa | 2010-05-24 17:10:56 -0700 | [diff] [blame] | 468 | final byte[] hash = LockPatternUtils.patternToHash(pattern); |
The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 469 | try { |
| 470 | // Write the hash to file |
| 471 | RandomAccessFile raf = new RandomAccessFile(sLockPatternFilename, "rw"); |
| 472 | // Truncate the file if pattern is null, to clear the lock |
| 473 | if (pattern == null) { |
| 474 | raf.setLength(0); |
| 475 | } else { |
| 476 | raf.write(hash, 0, hash.length); |
| 477 | } |
| 478 | raf.close(); |
Dianne Hackborn | 2509d3c | 2010-03-08 12:54:25 -0800 | [diff] [blame] | 479 | DevicePolicyManager dpm = getDevicePolicyManager(); |
Brian Carlstrom | e2afc24 | 2011-06-02 16:21:55 -0700 | [diff] [blame] | 480 | KeyStore keyStore = KeyStore.getInstance(); |
Dianne Hackborn | df83afa | 2010-01-20 13:37:26 -0800 | [diff] [blame] | 481 | if (pattern != null) { |
Brian Carlstrom | e2afc24 | 2011-06-02 16:21:55 -0700 | [diff] [blame] | 482 | keyStore.password(patternToString(pattern)); |
Dianne Hackborn | df83afa | 2010-01-20 13:37:26 -0800 | [diff] [blame] | 483 | setBoolean(PATTERN_EVER_CHOSEN_KEY, true); |
Jim Miller | 6edf263 | 2011-09-05 16:03:14 -0700 | [diff] [blame] | 484 | if (!isFallback) { |
Steven Ross | 329979c | 2011-09-28 11:42:56 -0400 | [diff] [blame] | 485 | deleteGallery(); |
Jim Miller | 6edf263 | 2011-09-05 16:03:14 -0700 | [diff] [blame] | 486 | setLong(PASSWORD_TYPE_KEY, DevicePolicyManager.PASSWORD_QUALITY_SOMETHING); |
Danielle Millett | 2364a22 | 2011-12-21 17:02:32 -0500 | [diff] [blame] | 487 | dpm.setActivePasswordState(DevicePolicyManager.PASSWORD_QUALITY_SOMETHING, |
| 488 | pattern.size(), 0, 0, 0, 0, 0, 0); |
Jim Miller | 6edf263 | 2011-09-05 16:03:14 -0700 | [diff] [blame] | 489 | } else { |
| 490 | setLong(PASSWORD_TYPE_KEY, DevicePolicyManager.PASSWORD_QUALITY_BIOMETRIC_WEAK); |
| 491 | setLong(PASSWORD_TYPE_ALTERNATE_KEY, |
| 492 | DevicePolicyManager.PASSWORD_QUALITY_SOMETHING); |
Danielle Millett | 044a0a7 | 2011-11-07 15:42:12 -0500 | [diff] [blame] | 493 | finishBiometricWeak(); |
Danielle Millett | 2364a22 | 2011-12-21 17:02:32 -0500 | [diff] [blame] | 494 | dpm.setActivePasswordState(DevicePolicyManager.PASSWORD_QUALITY_BIOMETRIC_WEAK, |
| 495 | 0, 0, 0, 0, 0, 0, 0); |
Jim Miller | 6edf263 | 2011-09-05 16:03:14 -0700 | [diff] [blame] | 496 | } |
Dianne Hackborn | 2509d3c | 2010-03-08 12:54:25 -0800 | [diff] [blame] | 497 | } else { |
Brian Carlstrom | e2afc24 | 2011-06-02 16:21:55 -0700 | [diff] [blame] | 498 | if (keyStore.isEmpty()) { |
| 499 | keyStore.reset(); |
| 500 | } |
Konstantin Lopyrev | a15dcfa | 2010-05-24 17:10:56 -0700 | [diff] [blame] | 501 | dpm.setActivePasswordState(DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED, 0, 0, |
Konstantin Lopyrev | c857740 | 2010-06-04 17:15:02 -0700 | [diff] [blame] | 502 | 0, 0, 0, 0, 0); |
Jim Miller | 31f90b6 | 2010-01-20 13:35:20 -0800 | [diff] [blame] | 503 | } |
The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 504 | } catch (FileNotFoundException fnfe) { |
Konstantin Lopyrev | a15dcfa | 2010-05-24 17:10:56 -0700 | [diff] [blame] | 505 | // Cant do much, unless we want to fail over to using the settings |
| 506 | // provider |
The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 507 | Log.e(TAG, "Unable to save lock pattern to " + sLockPatternFilename); |
| 508 | } catch (IOException ioe) { |
| 509 | // Cant do much |
| 510 | Log.e(TAG, "Unable to save lock pattern to " + sLockPatternFilename); |
| 511 | } |
| 512 | } |
| 513 | |
| 514 | /** |
Dianne Hackborn | 85f2c9c | 2010-03-22 11:12:48 -0700 | [diff] [blame] | 515 | * Compute the password quality from the given password string. |
Dianne Hackborn | 9327f4f | 2010-01-29 10:38:29 -0800 | [diff] [blame] | 516 | */ |
Dianne Hackborn | 85f2c9c | 2010-03-22 11:12:48 -0700 | [diff] [blame] | 517 | static public int computePasswordQuality(String password) { |
Dianne Hackborn | 9327f4f | 2010-01-29 10:38:29 -0800 | [diff] [blame] | 518 | boolean hasDigit = false; |
| 519 | boolean hasNonDigit = false; |
| 520 | final int len = password.length(); |
| 521 | for (int i = 0; i < len; i++) { |
| 522 | if (Character.isDigit(password.charAt(i))) { |
| 523 | hasDigit = true; |
| 524 | } else { |
| 525 | hasNonDigit = true; |
| 526 | } |
| 527 | } |
Jim Miller | 5b0fb3a | 2010-02-23 13:46:35 -0800 | [diff] [blame] | 528 | |
Dianne Hackborn | 85f2c9c | 2010-03-22 11:12:48 -0700 | [diff] [blame] | 529 | if (hasNonDigit && hasDigit) { |
| 530 | return DevicePolicyManager.PASSWORD_QUALITY_ALPHANUMERIC; |
Dianne Hackborn | 9327f4f | 2010-01-29 10:38:29 -0800 | [diff] [blame] | 531 | } |
Dianne Hackborn | 9327f4f | 2010-01-29 10:38:29 -0800 | [diff] [blame] | 532 | if (hasNonDigit) { |
Dianne Hackborn | 85f2c9c | 2010-03-22 11:12:48 -0700 | [diff] [blame] | 533 | return DevicePolicyManager.PASSWORD_QUALITY_ALPHABETIC; |
Dianne Hackborn | 9327f4f | 2010-01-29 10:38:29 -0800 | [diff] [blame] | 534 | } |
| 535 | if (hasDigit) { |
Dianne Hackborn | 85f2c9c | 2010-03-22 11:12:48 -0700 | [diff] [blame] | 536 | return DevicePolicyManager.PASSWORD_QUALITY_NUMERIC; |
Dianne Hackborn | 9327f4f | 2010-01-29 10:38:29 -0800 | [diff] [blame] | 537 | } |
Dianne Hackborn | 85f2c9c | 2010-03-22 11:12:48 -0700 | [diff] [blame] | 538 | return DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED; |
Dianne Hackborn | 9327f4f | 2010-01-29 10:38:29 -0800 | [diff] [blame] | 539 | } |
Jim Miller | 5b0fb3a | 2010-02-23 13:46:35 -0800 | [diff] [blame] | 540 | |
Jason parks | f7b3cd4 | 2011-01-27 09:28:25 -0600 | [diff] [blame] | 541 | /** Update the encryption password if it is enabled **/ |
| 542 | private void updateEncryptionPassword(String password) { |
| 543 | DevicePolicyManager dpm = getDevicePolicyManager(); |
| 544 | if (dpm.getStorageEncryptionStatus() != DevicePolicyManager.ENCRYPTION_STATUS_ACTIVE) { |
| 545 | return; |
| 546 | } |
| 547 | |
| 548 | IBinder service = ServiceManager.getService("mount"); |
| 549 | if (service == null) { |
| 550 | Log.e(TAG, "Could not find the mount service to update the encryption password"); |
| 551 | return; |
| 552 | } |
| 553 | |
| 554 | IMountService mountService = IMountService.Stub.asInterface(service); |
| 555 | try { |
| 556 | mountService.changeEncryptionPassword(password); |
| 557 | } catch (RemoteException e) { |
| 558 | Log.e(TAG, "Error changing encryption password", e); |
| 559 | } |
| 560 | } |
| 561 | |
Dianne Hackborn | 9327f4f | 2010-01-29 10:38:29 -0800 | [diff] [blame] | 562 | /** |
Jim Miller | cd70988 | 2010-03-25 18:24:02 -0700 | [diff] [blame] | 563 | * Save a lock password. Does not ensure that the password is as good |
Dianne Hackborn | 9327f4f | 2010-01-29 10:38:29 -0800 | [diff] [blame] | 564 | * as the requested mode, but will adjust the mode to be as good as the |
| 565 | * pattern. |
Jim Miller | 69aa4a9 | 2009-12-22 19:03:28 -0800 | [diff] [blame] | 566 | * @param password The password to save |
Jim Miller | cd70988 | 2010-03-25 18:24:02 -0700 | [diff] [blame] | 567 | * @param quality {@see DevicePolicyManager#getPasswordQuality(android.content.ComponentName)} |
Jim Miller | 69aa4a9 | 2009-12-22 19:03:28 -0800 | [diff] [blame] | 568 | */ |
Jim Miller | cd70988 | 2010-03-25 18:24:02 -0700 | [diff] [blame] | 569 | public void saveLockPassword(String password, int quality) { |
Jim Miller | 6edf263 | 2011-09-05 16:03:14 -0700 | [diff] [blame] | 570 | this.saveLockPassword(password, quality, false); |
| 571 | } |
| 572 | |
| 573 | /** |
| 574 | * Save a lock password. Does not ensure that the password is as good |
| 575 | * as the requested mode, but will adjust the mode to be as good as the |
| 576 | * pattern. |
| 577 | * @param password The password to save |
| 578 | * @param quality {@see DevicePolicyManager#getPasswordQuality(android.content.ComponentName)} |
| 579 | * @param isFallback Specifies if this is a fallback to biometric weak |
| 580 | */ |
| 581 | public void saveLockPassword(String password, int quality, boolean isFallback) { |
Jim Miller | 69aa4a9 | 2009-12-22 19:03:28 -0800 | [diff] [blame] | 582 | // Compute the hash |
Jim Miller | 11b019d | 2010-01-20 16:34:45 -0800 | [diff] [blame] | 583 | final byte[] hash = passwordToHash(password); |
Jim Miller | 69aa4a9 | 2009-12-22 19:03:28 -0800 | [diff] [blame] | 584 | try { |
| 585 | // Write the hash to file |
| 586 | RandomAccessFile raf = new RandomAccessFile(sLockPasswordFilename, "rw"); |
| 587 | // Truncate the file if pattern is null, to clear the lock |
| 588 | if (password == null) { |
| 589 | raf.setLength(0); |
| 590 | } else { |
| 591 | raf.write(hash, 0, hash.length); |
| 592 | } |
| 593 | raf.close(); |
Dianne Hackborn | 2509d3c | 2010-03-08 12:54:25 -0800 | [diff] [blame] | 594 | DevicePolicyManager dpm = getDevicePolicyManager(); |
Brian Carlstrom | e2afc24 | 2011-06-02 16:21:55 -0700 | [diff] [blame] | 595 | KeyStore keyStore = KeyStore.getInstance(); |
Dianne Hackborn | df83afa | 2010-01-20 13:37:26 -0800 | [diff] [blame] | 596 | if (password != null) { |
Jason parks | f7b3cd4 | 2011-01-27 09:28:25 -0600 | [diff] [blame] | 597 | // Update the encryption password. |
| 598 | updateEncryptionPassword(password); |
| 599 | |
Brian Carlstrom | 5cfee3f | 2011-05-31 01:00:15 -0700 | [diff] [blame] | 600 | // Update the keystore password |
Brian Carlstrom | e2afc24 | 2011-06-02 16:21:55 -0700 | [diff] [blame] | 601 | keyStore.password(password); |
Brian Carlstrom | 5cfee3f | 2011-05-31 01:00:15 -0700 | [diff] [blame] | 602 | |
Jim Miller | cd70988 | 2010-03-25 18:24:02 -0700 | [diff] [blame] | 603 | int computedQuality = computePasswordQuality(password); |
Jim Miller | 6edf263 | 2011-09-05 16:03:14 -0700 | [diff] [blame] | 604 | if (!isFallback) { |
Steven Ross | 329979c | 2011-09-28 11:42:56 -0400 | [diff] [blame] | 605 | deleteGallery(); |
Jim Miller | 6edf263 | 2011-09-05 16:03:14 -0700 | [diff] [blame] | 606 | setLong(PASSWORD_TYPE_KEY, Math.max(quality, computedQuality)); |
Danielle Millett | 2364a22 | 2011-12-21 17:02:32 -0500 | [diff] [blame] | 607 | if (computedQuality != DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED) { |
| 608 | int letters = 0; |
| 609 | int uppercase = 0; |
| 610 | int lowercase = 0; |
| 611 | int numbers = 0; |
| 612 | int symbols = 0; |
| 613 | int nonletter = 0; |
| 614 | for (int i = 0; i < password.length(); i++) { |
| 615 | char c = password.charAt(i); |
| 616 | if (c >= 'A' && c <= 'Z') { |
| 617 | letters++; |
| 618 | uppercase++; |
| 619 | } else if (c >= 'a' && c <= 'z') { |
| 620 | letters++; |
| 621 | lowercase++; |
| 622 | } else if (c >= '0' && c <= '9') { |
| 623 | numbers++; |
| 624 | nonletter++; |
| 625 | } else { |
| 626 | symbols++; |
| 627 | nonletter++; |
| 628 | } |
| 629 | } |
| 630 | dpm.setActivePasswordState(Math.max(quality, computedQuality), |
| 631 | password.length(), letters, uppercase, lowercase, |
| 632 | numbers, symbols, nonletter); |
| 633 | } else { |
| 634 | // The password is not anything. |
| 635 | dpm.setActivePasswordState( |
| 636 | DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED, |
| 637 | 0, 0, 0, 0, 0, 0, 0); |
| 638 | } |
Jim Miller | 6edf263 | 2011-09-05 16:03:14 -0700 | [diff] [blame] | 639 | } else { |
Danielle Millett | 2364a22 | 2011-12-21 17:02:32 -0500 | [diff] [blame] | 640 | // Case where it's a fallback for biometric weak |
Jim Miller | 6edf263 | 2011-09-05 16:03:14 -0700 | [diff] [blame] | 641 | setLong(PASSWORD_TYPE_KEY, DevicePolicyManager.PASSWORD_QUALITY_BIOMETRIC_WEAK); |
| 642 | setLong(PASSWORD_TYPE_ALTERNATE_KEY, Math.max(quality, computedQuality)); |
Danielle Millett | 044a0a7 | 2011-11-07 15:42:12 -0500 | [diff] [blame] | 643 | finishBiometricWeak(); |
Danielle Millett | 2364a22 | 2011-12-21 17:02:32 -0500 | [diff] [blame] | 644 | dpm.setActivePasswordState(DevicePolicyManager.PASSWORD_QUALITY_BIOMETRIC_WEAK, |
| 645 | 0, 0, 0, 0, 0, 0, 0); |
Dianne Hackborn | 85f2c9c | 2010-03-22 11:12:48 -0700 | [diff] [blame] | 646 | } |
Konstantin Lopyrev | 863f22d | 2010-05-12 17:16:58 -0700 | [diff] [blame] | 647 | // Add the password to the password history. We assume all |
| 648 | // password |
| 649 | // hashes have the same length for simplicity of implementation. |
| 650 | String passwordHistory = getString(PASSWORD_HISTORY_KEY); |
| 651 | if (passwordHistory == null) { |
| 652 | passwordHistory = new String(); |
| 653 | } |
Konstantin Lopyrev | 3255823 | 2010-05-20 16:18:05 -0700 | [diff] [blame] | 654 | int passwordHistoryLength = getRequestedPasswordHistoryLength(); |
| 655 | if (passwordHistoryLength == 0) { |
| 656 | passwordHistory = ""; |
| 657 | } else { |
| 658 | passwordHistory = new String(hash) + "," + passwordHistory; |
| 659 | // Cut it to contain passwordHistoryLength hashes |
| 660 | // and passwordHistoryLength -1 commas. |
| 661 | passwordHistory = passwordHistory.substring(0, Math.min(hash.length |
| 662 | * passwordHistoryLength + passwordHistoryLength - 1, passwordHistory |
| 663 | .length())); |
| 664 | } |
Konstantin Lopyrev | 863f22d | 2010-05-12 17:16:58 -0700 | [diff] [blame] | 665 | setString(PASSWORD_HISTORY_KEY, passwordHistory); |
Dianne Hackborn | 2509d3c | 2010-03-08 12:54:25 -0800 | [diff] [blame] | 666 | } else { |
Brian Carlstrom | e2afc24 | 2011-06-02 16:21:55 -0700 | [diff] [blame] | 667 | // Conditionally reset the keystore if empty. If |
| 668 | // non-empty, we are just switching key guard type |
| 669 | if (keyStore.isEmpty()) { |
| 670 | keyStore.reset(); |
| 671 | } |
Dianne Hackborn | 2509d3c | 2010-03-08 12:54:25 -0800 | [diff] [blame] | 672 | dpm.setActivePasswordState( |
Konstantin Lopyrev | c857740 | 2010-06-04 17:15:02 -0700 | [diff] [blame] | 673 | DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED, 0, 0, 0, 0, 0, 0, 0); |
Jim Miller | 31f90b6 | 2010-01-20 13:35:20 -0800 | [diff] [blame] | 674 | } |
Jim Miller | 69aa4a9 | 2009-12-22 19:03:28 -0800 | [diff] [blame] | 675 | } catch (FileNotFoundException fnfe) { |
| 676 | // Cant do much, unless we want to fail over to using the settings provider |
| 677 | Log.e(TAG, "Unable to save lock pattern to " + sLockPasswordFilename); |
| 678 | } catch (IOException ioe) { |
| 679 | // Cant do much |
| 680 | Log.e(TAG, "Unable to save lock pattern to " + sLockPasswordFilename); |
| 681 | } |
| 682 | } |
| 683 | |
Jim Miller | cd70988 | 2010-03-25 18:24:02 -0700 | [diff] [blame] | 684 | /** |
| 685 | * Retrieves the quality mode we're in. |
| 686 | * {@see DevicePolicyManager#getPasswordQuality(android.content.ComponentName)} |
| 687 | * |
| 688 | * @return stored password quality |
| 689 | */ |
| 690 | public int getKeyguardStoredPasswordQuality() { |
Jim Miller | 6edf263 | 2011-09-05 16:03:14 -0700 | [diff] [blame] | 691 | int quality = |
| 692 | (int) getLong(PASSWORD_TYPE_KEY, DevicePolicyManager.PASSWORD_QUALITY_SOMETHING); |
| 693 | // If the user has chosen to use weak biometric sensor, then return the backup locking |
| 694 | // method and treat biometric as a special case. |
| 695 | if (quality == DevicePolicyManager.PASSWORD_QUALITY_BIOMETRIC_WEAK) { |
| 696 | quality = |
| 697 | (int) getLong(PASSWORD_TYPE_ALTERNATE_KEY, |
| 698 | DevicePolicyManager.PASSWORD_QUALITY_SOMETHING); |
| 699 | } |
| 700 | return quality; |
| 701 | } |
| 702 | |
Danielle Millett | 5839698 | 2011-09-30 13:55:07 -0400 | [diff] [blame] | 703 | /** |
| 704 | * @return true if the lockscreen method is set to biometric weak |
| 705 | */ |
Jim Miller | 6edf263 | 2011-09-05 16:03:14 -0700 | [diff] [blame] | 706 | public boolean usingBiometricWeak() { |
| 707 | int quality = |
| 708 | (int) getLong(PASSWORD_TYPE_KEY, DevicePolicyManager.PASSWORD_QUALITY_SOMETHING); |
| 709 | return quality == DevicePolicyManager.PASSWORD_QUALITY_BIOMETRIC_WEAK; |
Jim Miller | 69aa4a9 | 2009-12-22 19:03:28 -0800 | [diff] [blame] | 710 | } |
| 711 | |
| 712 | /** |
The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 713 | * Deserialize a pattern. |
| 714 | * @param string The pattern serialized with {@link #patternToString} |
| 715 | * @return The pattern. |
| 716 | */ |
| 717 | public static List<LockPatternView.Cell> stringToPattern(String string) { |
| 718 | List<LockPatternView.Cell> result = Lists.newArrayList(); |
| 719 | |
| 720 | final byte[] bytes = string.getBytes(); |
| 721 | for (int i = 0; i < bytes.length; i++) { |
| 722 | byte b = bytes[i]; |
| 723 | result.add(LockPatternView.Cell.of(b / 3, b % 3)); |
| 724 | } |
| 725 | return result; |
| 726 | } |
| 727 | |
| 728 | /** |
| 729 | * Serialize a pattern. |
| 730 | * @param pattern The pattern. |
| 731 | * @return The pattern in string form. |
| 732 | */ |
| 733 | public static String patternToString(List<LockPatternView.Cell> pattern) { |
| 734 | if (pattern == null) { |
| 735 | return ""; |
| 736 | } |
| 737 | final int patternSize = pattern.size(); |
| 738 | |
| 739 | byte[] res = new byte[patternSize]; |
| 740 | for (int i = 0; i < patternSize; i++) { |
| 741 | LockPatternView.Cell cell = pattern.get(i); |
| 742 | res[i] = (byte) (cell.getRow() * 3 + cell.getColumn()); |
| 743 | } |
| 744 | return new String(res); |
| 745 | } |
Jim Miller | 69aa4a9 | 2009-12-22 19:03:28 -0800 | [diff] [blame] | 746 | |
The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 747 | /* |
| 748 | * Generate an SHA-1 hash for the pattern. Not the most secure, but it is |
| 749 | * at least a second level of protection. First level is that the file |
| 750 | * is in a location only readable by the system process. |
| 751 | * @param pattern the gesture pattern. |
| 752 | * @return the hash of the pattern in a byte array. |
| 753 | */ |
Jim Miller | 69aa4a9 | 2009-12-22 19:03:28 -0800 | [diff] [blame] | 754 | private static byte[] patternToHash(List<LockPatternView.Cell> pattern) { |
The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 755 | if (pattern == null) { |
| 756 | return null; |
| 757 | } |
Jim Miller | 69aa4a9 | 2009-12-22 19:03:28 -0800 | [diff] [blame] | 758 | |
The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 759 | final int patternSize = pattern.size(); |
| 760 | byte[] res = new byte[patternSize]; |
| 761 | for (int i = 0; i < patternSize; i++) { |
| 762 | LockPatternView.Cell cell = pattern.get(i); |
| 763 | res[i] = (byte) (cell.getRow() * 3 + cell.getColumn()); |
| 764 | } |
| 765 | try { |
| 766 | MessageDigest md = MessageDigest.getInstance("SHA-1"); |
| 767 | byte[] hash = md.digest(res); |
| 768 | return hash; |
| 769 | } catch (NoSuchAlgorithmException nsa) { |
| 770 | return res; |
| 771 | } |
| 772 | } |
| 773 | |
Jim Miller | 11b019d | 2010-01-20 16:34:45 -0800 | [diff] [blame] | 774 | private String getSalt() { |
| 775 | long salt = getLong(LOCK_PASSWORD_SALT_KEY, 0); |
| 776 | if (salt == 0) { |
| 777 | try { |
| 778 | salt = SecureRandom.getInstance("SHA1PRNG").nextLong(); |
| 779 | setLong(LOCK_PASSWORD_SALT_KEY, salt); |
| 780 | Log.v(TAG, "Initialized lock password salt"); |
| 781 | } catch (NoSuchAlgorithmException e) { |
| 782 | // Throw an exception rather than storing a password we'll never be able to recover |
| 783 | throw new IllegalStateException("Couldn't get SecureRandom number", e); |
| 784 | } |
| 785 | } |
| 786 | return Long.toHexString(salt); |
| 787 | } |
| 788 | |
Jim Miller | 69aa4a9 | 2009-12-22 19:03:28 -0800 | [diff] [blame] | 789 | /* |
| 790 | * Generate a hash for the given password. To avoid brute force attacks, we use a salted hash. |
| 791 | * Not the most secure, but it is at least a second level of protection. First level is that |
| 792 | * the file is in a location only readable by the system process. |
| 793 | * @param password the gesture pattern. |
| 794 | * @return the hash of the pattern in a byte array. |
| 795 | */ |
Brian Carlstrom | 5cfee3f | 2011-05-31 01:00:15 -0700 | [diff] [blame] | 796 | public byte[] passwordToHash(String password) { |
Jim Miller | 69aa4a9 | 2009-12-22 19:03:28 -0800 | [diff] [blame] | 797 | if (password == null) { |
| 798 | return null; |
| 799 | } |
| 800 | String algo = null; |
| 801 | byte[] hashed = null; |
| 802 | try { |
Jim Miller | 11b019d | 2010-01-20 16:34:45 -0800 | [diff] [blame] | 803 | byte[] saltedPassword = (password + getSalt()).getBytes(); |
Jim Miller | 69aa4a9 | 2009-12-22 19:03:28 -0800 | [diff] [blame] | 804 | byte[] sha1 = MessageDigest.getInstance(algo = "SHA-1").digest(saltedPassword); |
| 805 | byte[] md5 = MessageDigest.getInstance(algo = "MD5").digest(saltedPassword); |
| 806 | hashed = (toHex(sha1) + toHex(md5)).getBytes(); |
| 807 | } catch (NoSuchAlgorithmException e) { |
| 808 | Log.w(TAG, "Failed to encode string because of missing algorithm: " + algo); |
| 809 | } |
| 810 | return hashed; |
| 811 | } |
| 812 | |
| 813 | private static String toHex(byte[] ary) { |
| 814 | final String hex = "0123456789ABCDEF"; |
| 815 | String ret = ""; |
| 816 | for (int i = 0; i < ary.length; i++) { |
| 817 | ret += hex.charAt((ary[i] >> 4) & 0xf); |
| 818 | ret += hex.charAt(ary[i] & 0xf); |
| 819 | } |
| 820 | return ret; |
| 821 | } |
| 822 | |
| 823 | /** |
Danielle Millett | 73da5fe | 2011-09-13 16:20:05 -0400 | [diff] [blame] | 824 | * @return Whether the lock password is enabled, or if it is set as a backup for biometric weak |
Jim Miller | 69aa4a9 | 2009-12-22 19:03:28 -0800 | [diff] [blame] | 825 | */ |
| 826 | public boolean isLockPasswordEnabled() { |
| 827 | long mode = getLong(PASSWORD_TYPE_KEY, 0); |
Danielle Millett | 73da5fe | 2011-09-13 16:20:05 -0400 | [diff] [blame] | 828 | long backupMode = getLong(PASSWORD_TYPE_ALTERNATE_KEY, 0); |
| 829 | final boolean passwordEnabled = mode == DevicePolicyManager.PASSWORD_QUALITY_ALPHABETIC |
| 830 | || mode == DevicePolicyManager.PASSWORD_QUALITY_NUMERIC |
| 831 | || mode == DevicePolicyManager.PASSWORD_QUALITY_ALPHANUMERIC |
| 832 | || mode == DevicePolicyManager.PASSWORD_QUALITY_COMPLEX; |
| 833 | final boolean backupEnabled = backupMode == DevicePolicyManager.PASSWORD_QUALITY_ALPHABETIC |
| 834 | || backupMode == DevicePolicyManager.PASSWORD_QUALITY_NUMERIC |
| 835 | || backupMode == DevicePolicyManager.PASSWORD_QUALITY_ALPHANUMERIC |
| 836 | || backupMode == DevicePolicyManager.PASSWORD_QUALITY_COMPLEX; |
| 837 | |
| 838 | return savedPasswordExists() && (passwordEnabled || |
Danielle Millett | 5839698 | 2011-09-30 13:55:07 -0400 | [diff] [blame] | 839 | (usingBiometricWeak() && backupEnabled)); |
Jim Miller | 69aa4a9 | 2009-12-22 19:03:28 -0800 | [diff] [blame] | 840 | } |
| 841 | |
The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 842 | /** |
Danielle Millett | 73da5fe | 2011-09-13 16:20:05 -0400 | [diff] [blame] | 843 | * @return Whether the lock pattern is enabled, or if it is set as a backup for biometric weak |
The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 844 | */ |
| 845 | public boolean isLockPatternEnabled() { |
Danielle Millett | 73da5fe | 2011-09-13 16:20:05 -0400 | [diff] [blame] | 846 | final boolean backupEnabled = |
| 847 | getLong(PASSWORD_TYPE_ALTERNATE_KEY, DevicePolicyManager.PASSWORD_QUALITY_SOMETHING) |
| 848 | == DevicePolicyManager.PASSWORD_QUALITY_SOMETHING; |
| 849 | |
Jim Miller | a4edd15 | 2012-01-06 18:24:04 -0800 | [diff] [blame] | 850 | return getBoolean(Settings.Secure.LOCK_PATTERN_ENABLED, false) |
Danielle Millett | 73da5fe | 2011-09-13 16:20:05 -0400 | [diff] [blame] | 851 | && (getLong(PASSWORD_TYPE_KEY, DevicePolicyManager.PASSWORD_QUALITY_SOMETHING) |
| 852 | == DevicePolicyManager.PASSWORD_QUALITY_SOMETHING || |
Danielle Millett | 5839698 | 2011-09-30 13:55:07 -0400 | [diff] [blame] | 853 | (usingBiometricWeak() && backupEnabled)); |
The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 854 | } |
| 855 | |
| 856 | /** |
Danielle Millett | 5839698 | 2011-09-30 13:55:07 -0400 | [diff] [blame] | 857 | * @return Whether biometric weak lock is installed and that the front facing camera exists |
Jim Miller | 6edf263 | 2011-09-05 16:03:14 -0700 | [diff] [blame] | 858 | */ |
Danielle Millett | 5839698 | 2011-09-30 13:55:07 -0400 | [diff] [blame] | 859 | public boolean isBiometricWeakInstalled() { |
Danielle Millett | 5839698 | 2011-09-30 13:55:07 -0400 | [diff] [blame] | 860 | // Check that it's installed |
| 861 | PackageManager pm = mContext.getPackageManager(); |
| 862 | try { |
| 863 | pm.getPackageInfo("com.android.facelock", PackageManager.GET_ACTIVITIES); |
| 864 | } catch (PackageManager.NameNotFoundException e) { |
| 865 | return false; |
| 866 | } |
| 867 | |
| 868 | // Check that the camera is enabled |
| 869 | if (!pm.hasSystemFeature(PackageManager.FEATURE_CAMERA_FRONT)) { |
| 870 | return false; |
| 871 | } |
| 872 | if (getDevicePolicyManager().getCameraDisabled(null)) { |
| 873 | return false; |
| 874 | } |
| 875 | |
| 876 | |
| 877 | return true; |
Jim Miller | 6edf263 | 2011-09-05 16:03:14 -0700 | [diff] [blame] | 878 | } |
| 879 | |
| 880 | /** |
The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 881 | * Set whether the lock pattern is enabled. |
| 882 | */ |
| 883 | public void setLockPatternEnabled(boolean enabled) { |
Amith Yamasani | 156c435 | 2010-03-05 17:10:03 -0800 | [diff] [blame] | 884 | setBoolean(Settings.Secure.LOCK_PATTERN_ENABLED, enabled); |
The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 885 | } |
| 886 | |
| 887 | /** |
| 888 | * @return Whether the visible pattern is enabled. |
| 889 | */ |
| 890 | public boolean isVisiblePatternEnabled() { |
Jim Miller | a4edd15 | 2012-01-06 18:24:04 -0800 | [diff] [blame] | 891 | return getBoolean(Settings.Secure.LOCK_PATTERN_VISIBLE, false); |
The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 892 | } |
| 893 | |
| 894 | /** |
| 895 | * Set whether the visible pattern is enabled. |
| 896 | */ |
| 897 | public void setVisiblePatternEnabled(boolean enabled) { |
Amith Yamasani | 156c435 | 2010-03-05 17:10:03 -0800 | [diff] [blame] | 898 | setBoolean(Settings.Secure.LOCK_PATTERN_VISIBLE, enabled); |
The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 899 | } |
| 900 | |
| 901 | /** |
| 902 | * @return Whether tactile feedback for the pattern is enabled. |
| 903 | */ |
| 904 | public boolean isTactileFeedbackEnabled() { |
Jim Miller | a4edd15 | 2012-01-06 18:24:04 -0800 | [diff] [blame] | 905 | return getBoolean(Settings.Secure.LOCK_PATTERN_TACTILE_FEEDBACK_ENABLED, false); |
The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 906 | } |
| 907 | |
| 908 | /** |
| 909 | * Set whether tactile feedback for the pattern is enabled. |
| 910 | */ |
| 911 | public void setTactileFeedbackEnabled(boolean enabled) { |
Amith Yamasani | 156c435 | 2010-03-05 17:10:03 -0800 | [diff] [blame] | 912 | setBoolean(Settings.Secure.LOCK_PATTERN_TACTILE_FEEDBACK_ENABLED, enabled); |
The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 913 | } |
| 914 | |
| 915 | /** |
| 916 | * Set and store the lockout deadline, meaning the user can't attempt his/her unlock |
| 917 | * pattern until the deadline has passed. |
| 918 | * @return the chosen deadline. |
| 919 | */ |
| 920 | public long setLockoutAttemptDeadline() { |
| 921 | final long deadline = SystemClock.elapsedRealtime() + FAILED_ATTEMPT_TIMEOUT_MS; |
| 922 | setLong(LOCKOUT_ATTEMPT_DEADLINE, deadline); |
| 923 | return deadline; |
| 924 | } |
| 925 | |
| 926 | /** |
| 927 | * @return The elapsed time in millis in the future when the user is allowed to |
| 928 | * attempt to enter his/her lock pattern, or 0 if the user is welcome to |
| 929 | * enter a pattern. |
| 930 | */ |
| 931 | public long getLockoutAttemptDeadline() { |
| 932 | final long deadline = getLong(LOCKOUT_ATTEMPT_DEADLINE, 0L); |
| 933 | final long now = SystemClock.elapsedRealtime(); |
| 934 | if (deadline < now || deadline > (now + FAILED_ATTEMPT_TIMEOUT_MS)) { |
| 935 | return 0L; |
| 936 | } |
| 937 | return deadline; |
| 938 | } |
| 939 | |
| 940 | /** |
| 941 | * @return Whether the user is permanently locked out until they verify their |
| 942 | * credentials. Occurs after {@link #FAILED_ATTEMPTS_BEFORE_RESET} failed |
| 943 | * attempts. |
| 944 | */ |
| 945 | public boolean isPermanentlyLocked() { |
Jim Miller | a4edd15 | 2012-01-06 18:24:04 -0800 | [diff] [blame] | 946 | return getBoolean(LOCKOUT_PERMANENT_KEY, false); |
The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 947 | } |
| 948 | |
| 949 | /** |
| 950 | * Set the state of whether the device is permanently locked, meaning the user |
Karl Rosaen | 678771b | 2009-08-21 14:00:26 -0700 | [diff] [blame] | 951 | * must authenticate via other means. |
| 952 | * |
The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 953 | * @param locked Whether the user is permanently locked out until they verify their |
| 954 | * credentials. Occurs after {@link #FAILED_ATTEMPTS_BEFORE_RESET} failed |
| 955 | * attempts. |
| 956 | */ |
| 957 | public void setPermanentlyLocked(boolean locked) { |
| 958 | setBoolean(LOCKOUT_PERMANENT_KEY, locked); |
The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 959 | } |
| 960 | |
John Wang | 0f7b3f8 | 2011-05-31 11:20:55 -0700 | [diff] [blame] | 961 | public boolean isEmergencyCallCapable() { |
| 962 | return mContext.getResources().getBoolean( |
| 963 | com.android.internal.R.bool.config_voice_capable); |
| 964 | } |
| 965 | |
| 966 | public boolean isPukUnlockScreenEnable() { |
| 967 | return mContext.getResources().getBoolean( |
| 968 | com.android.internal.R.bool.config_enable_puk_unlock_screen); |
| 969 | } |
| 970 | |
Jim Miller | 1f56edc | 2011-11-07 19:00:48 -0800 | [diff] [blame] | 971 | public boolean isEmergencyCallEnabledWhileSimLocked() { |
| 972 | return mContext.getResources().getBoolean( |
| 973 | com.android.internal.R.bool.config_enable_emergency_call_while_sim_locked); |
| 974 | } |
| 975 | |
The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 976 | /** |
| 977 | * @return A formatted string of the next alarm (for showing on the lock screen), |
| 978 | * or null if there is no next alarm. |
| 979 | */ |
| 980 | public String getNextAlarm() { |
| 981 | String nextAlarm = Settings.System.getString(mContentResolver, |
| 982 | Settings.System.NEXT_ALARM_FORMATTED); |
| 983 | if (nextAlarm == null || TextUtils.isEmpty(nextAlarm)) { |
| 984 | return null; |
| 985 | } |
| 986 | return nextAlarm; |
| 987 | } |
| 988 | |
Jim Miller | a4edd15 | 2012-01-06 18:24:04 -0800 | [diff] [blame] | 989 | private boolean getBoolean(String secureSettingKey, boolean defaultValue) { |
The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 990 | return 1 == |
Jim Miller | a4edd15 | 2012-01-06 18:24:04 -0800 | [diff] [blame] | 991 | android.provider.Settings.Secure.getInt(mContentResolver, secureSettingKey, |
| 992 | defaultValue ? 1 : 0); |
The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 993 | } |
| 994 | |
Amith Yamasani | 156c435 | 2010-03-05 17:10:03 -0800 | [diff] [blame] | 995 | private void setBoolean(String secureSettingKey, boolean enabled) { |
| 996 | android.provider.Settings.Secure.putInt(mContentResolver, secureSettingKey, |
| 997 | enabled ? 1 : 0); |
The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 998 | } |
| 999 | |
Amith Yamasani | 156c435 | 2010-03-05 17:10:03 -0800 | [diff] [blame] | 1000 | private long getLong(String secureSettingKey, long def) { |
| 1001 | return android.provider.Settings.Secure.getLong(mContentResolver, secureSettingKey, def); |
The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 1002 | } |
| 1003 | |
Amith Yamasani | 156c435 | 2010-03-05 17:10:03 -0800 | [diff] [blame] | 1004 | private void setLong(String secureSettingKey, long value) { |
| 1005 | android.provider.Settings.Secure.putLong(mContentResolver, secureSettingKey, value); |
The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 1006 | } |
| 1007 | |
Konstantin Lopyrev | 863f22d | 2010-05-12 17:16:58 -0700 | [diff] [blame] | 1008 | private String getString(String secureSettingKey) { |
| 1009 | return android.provider.Settings.Secure.getString(mContentResolver, secureSettingKey); |
| 1010 | } |
| 1011 | |
| 1012 | private void setString(String secureSettingKey, String value) { |
| 1013 | android.provider.Settings.Secure.putString(mContentResolver, secureSettingKey, value); |
| 1014 | } |
| 1015 | |
Jim Miller | 69aa4a9 | 2009-12-22 19:03:28 -0800 | [diff] [blame] | 1016 | public boolean isSecure() { |
Jim Miller | cd70988 | 2010-03-25 18:24:02 -0700 | [diff] [blame] | 1017 | long mode = getKeyguardStoredPasswordQuality(); |
| 1018 | final boolean isPattern = mode == DevicePolicyManager.PASSWORD_QUALITY_SOMETHING; |
| 1019 | final boolean isPassword = mode == DevicePolicyManager.PASSWORD_QUALITY_NUMERIC |
| 1020 | || mode == DevicePolicyManager.PASSWORD_QUALITY_ALPHABETIC |
Konstantin Lopyrev | a15dcfa | 2010-05-24 17:10:56 -0700 | [diff] [blame] | 1021 | || mode == DevicePolicyManager.PASSWORD_QUALITY_ALPHANUMERIC |
| 1022 | || mode == DevicePolicyManager.PASSWORD_QUALITY_COMPLEX; |
Jim Miller | cd70988 | 2010-03-25 18:24:02 -0700 | [diff] [blame] | 1023 | final boolean secure = isPattern && isLockPatternEnabled() && savedPatternExists() |
Danielle Millett | 73da5fe | 2011-09-13 16:20:05 -0400 | [diff] [blame] | 1024 | || isPassword && savedPasswordExists(); |
Jim Miller | 69aa4a9 | 2009-12-22 19:03:28 -0800 | [diff] [blame] | 1025 | return secure; |
| 1026 | } |
Jim Miller | 69ac988 | 2010-02-24 15:35:05 -0800 | [diff] [blame] | 1027 | |
| 1028 | /** |
John Wang | 0f7b3f8 | 2011-05-31 11:20:55 -0700 | [diff] [blame] | 1029 | * Sets the emergency button visibility based on isEmergencyCallCapable(). |
| 1030 | * |
| 1031 | * If the emergency button is visible, sets the text on the emergency button |
| 1032 | * to indicate what action will be taken. |
| 1033 | * |
Jim Miller | 69ac988 | 2010-02-24 15:35:05 -0800 | [diff] [blame] | 1034 | * If there's currently a call in progress, the button will take them to the call |
| 1035 | * @param button the button to update |
Jim Miller | 3f5f83b | 2011-09-26 15:17:05 -0700 | [diff] [blame] | 1036 | * @param the phone state: |
| 1037 | * {@link TelephonyManager#CALL_STATE_IDLE} |
| 1038 | * {@link TelephonyManager#CALL_STATE_RINGING} |
| 1039 | * {@link TelephonyManager#CALL_STATE_OFFHOOK} |
Jim Miller | 1f56edc | 2011-11-07 19:00:48 -0800 | [diff] [blame] | 1040 | * @param shown indicates whether the given screen wants the emergency button to show at all |
Jim Miller | 69ac988 | 2010-02-24 15:35:05 -0800 | [diff] [blame] | 1041 | */ |
Jim Miller | 1f56edc | 2011-11-07 19:00:48 -0800 | [diff] [blame] | 1042 | public void updateEmergencyCallButtonState(Button button, int phoneState, boolean shown) { |
| 1043 | if (isEmergencyCallCapable() && shown) { |
John Wang | 0f7b3f8 | 2011-05-31 11:20:55 -0700 | [diff] [blame] | 1044 | button.setVisibility(View.VISIBLE); |
| 1045 | } else { |
| 1046 | button.setVisibility(View.GONE); |
| 1047 | return; |
| 1048 | } |
| 1049 | |
Jim Miller | 69ac988 | 2010-02-24 15:35:05 -0800 | [diff] [blame] | 1050 | int textId; |
Jim Miller | 3f5f83b | 2011-09-26 15:17:05 -0700 | [diff] [blame] | 1051 | if (phoneState == TelephonyManager.CALL_STATE_OFFHOOK) { |
Jim Miller | 69ac988 | 2010-02-24 15:35:05 -0800 | [diff] [blame] | 1052 | // show "return to call" text and show phone icon |
| 1053 | textId = R.string.lockscreen_return_to_call; |
| 1054 | int phoneCallIcon = R.drawable.stat_sys_phone_call; |
| 1055 | button.setCompoundDrawablesWithIntrinsicBounds(phoneCallIcon, 0, 0, 0); |
| 1056 | } else { |
| 1057 | textId = R.string.lockscreen_emergency_call; |
| 1058 | int emergencyIcon = R.drawable.ic_emergency; |
| 1059 | button.setCompoundDrawablesWithIntrinsicBounds(emergencyIcon, 0, 0, 0); |
| 1060 | } |
| 1061 | button.setText(textId); |
| 1062 | } |
| 1063 | |
| 1064 | /** |
| 1065 | * Resumes a call in progress. Typically launched from the EmergencyCall button |
| 1066 | * on various lockscreens. |
| 1067 | * |
| 1068 | * @return true if we were able to tell InCallScreen to show. |
| 1069 | */ |
| 1070 | public boolean resumeCall() { |
| 1071 | ITelephony phone = ITelephony.Stub.asInterface(ServiceManager.checkService("phone")); |
| 1072 | try { |
| 1073 | if (phone != null && phone.showCallScreen()) { |
| 1074 | return true; |
| 1075 | } |
| 1076 | } catch (RemoteException e) { |
| 1077 | // What can we do? |
| 1078 | } |
| 1079 | return false; |
| 1080 | } |
Danielle Millett | 044a0a7 | 2011-11-07 15:42:12 -0500 | [diff] [blame] | 1081 | |
| 1082 | private void finishBiometricWeak() { |
| 1083 | setBoolean(BIOMETRIC_WEAK_EVER_CHOSEN_KEY, true); |
| 1084 | |
| 1085 | // Launch intent to show final screen, this also |
| 1086 | // moves the temporary gallery to the actual gallery |
| 1087 | Intent intent = new Intent(); |
| 1088 | intent.setClassName("com.android.facelock", |
| 1089 | "com.android.facelock.SetupEndScreen"); |
| 1090 | mContext.startActivity(intent); |
| 1091 | } |
| 1092 | |
Jim Miller | a4edd15 | 2012-01-06 18:24:04 -0800 | [diff] [blame] | 1093 | public void setPowerButtonInstantlyLocks(boolean enabled) { |
| 1094 | setBoolean(LOCKSCREEN_POWER_BUTTON_INSTANTLY_LOCKS, enabled); |
| 1095 | } |
| 1096 | |
| 1097 | public boolean getPowerButtonInstantlyLocks() { |
| 1098 | return getBoolean(LOCKSCREEN_POWER_BUTTON_INSTANTLY_LOCKS, true); |
| 1099 | } |
| 1100 | |
The Android Open Source Project | 9066cfe | 2009-03-03 19:31:44 -0800 | [diff] [blame] | 1101 | } |