Don't put credentials in results from externally accessible activities

ConfirmLockPattern and ConfirmLockPassword return an intent that contains the password, and as such are dangerous. Create internal versions that are locked down, and don't put this info in the externally accessible versions. Bug: 13741939 Change-Id: I0df4d1e720b3c33d2c9ca086636dc54f17b19bf0
2014-07-07 13:10:16 -07:00
parent 74e7c3e360
commit 204440427a
6 changed files with 60 additions and 16 deletions
--- a/AndroidManifest.xml
+++ b/AndroidManifest.xml
@@ -1007,6 +1007,15 @@
        <activity android:name="ConfirmLockPassword"
            android:windowSoftInputMode="stateVisible|adjustResize"/>

+        <!-- Note this must not be exported since it returns the password in the intent -->
+        <activity android:name="ConfirmLockPattern$InternalActivity"
+            android:exported="false"/>
+
+        <!-- Note this must not be exported since it returns the password in the intent -->
+        <activity android:name="ConfirmLockPassword$InternalActivity"
+            android:exported="false"
+            android:windowSoftInputMode="stateVisible|adjustResize"/>
+
        <activity android:name="ChooseLockGeneric"
            android:label="@string/lockpassword_choose_lock_generic_header"
            android:excludeFromRecents="true" >
--- a/src/com/android/settings/ChooseLockSettingsHelper.java
+++ b/src/com/android/settings/ChooseLockSettingsHelper.java
@@ -54,10 +54,24 @@ public final class ChooseLockSettingsHelper {
     * @see #onActivityResult(int, int, android.content.Intent)
     */
    boolean launchConfirmationActivity(int request, CharSequence message, CharSequence details) {
+        return launchConfirmationActivity(request, message, details, false);
+    }
+
+    /**
+     * If a pattern, password or PIN exists, prompt the user before allowing them to change it.
+     * @param message optional message to display about the action about to be done
+     * @param details optional detail message to display
+     * @param returnCredentials if true, put credentials into intent. Note that if this is true,
+                                this can only be called internally.
+     * @return true if one exists and we launched an activity to confirm it
+     * @see #onActivityResult(int, int, android.content.Intent)
+     */
+    boolean launchConfirmationActivity(int request, CharSequence message, CharSequence details,
+                                       boolean returnCredentials) {
        boolean launched = false;
        switch (mLockPatternUtils.getKeyguardStoredPasswordQuality()) {
            case DevicePolicyManager.PASSWORD_QUALITY_SOMETHING:
-                launched = confirmPattern(request, message, details);
+                launched = confirmPattern(request, message, details, returnCredentials);
                break;
            case DevicePolicyManager.PASSWORD_QUALITY_NUMERIC:
            case DevicePolicyManager.PASSWORD_QUALITY_NUMERIC_COMPLEX:
@@ -65,7 +79,7 @@ public final class ChooseLockSettingsHelper {
            case DevicePolicyManager.PASSWORD_QUALITY_ALPHANUMERIC:
            case DevicePolicyManager.PASSWORD_QUALITY_COMPLEX:
                // TODO: update UI layout for ConfirmPassword to show message and details
-                launched = confirmPassword(request);
+                launched = confirmPassword(request, returnCredentials);
                break;
        }
        return launched;
@@ -75,10 +89,12 @@ public final class ChooseLockSettingsHelper {
     * Launch screen to confirm the existing lock pattern.
     * @param message shown in header of ConfirmLockPattern if not null
     * @param details shown in footer of ConfirmLockPattern if not null
+     * @param returnCredentials if true, put credentials into intent.
     * @see #onActivityResult(int, int, android.content.Intent)
     * @return true if we launched an activity to confirm pattern
     */
-    private boolean confirmPattern(int request, CharSequence message, CharSequence details) {
+    private boolean confirmPattern(int request, CharSequence message,
+                                   CharSequence details, boolean returnCredentials) {
        if (!mLockPatternUtils.isLockPatternEnabled() || !mLockPatternUtils.savedPatternExists()) {
            return false;
        }
@@ -86,7 +102,10 @@ public final class ChooseLockSettingsHelper {
        // supply header and footer text in the intent
        intent.putExtra(ConfirmLockPattern.HEADER_TEXT, message);
        intent.putExtra(ConfirmLockPattern.FOOTER_TEXT, details);
-        intent.setClassName("com.android.settings", "com.android.settings.ConfirmLockPattern");
+        intent.setClassName("com.android.settings",
+                            returnCredentials
+                            ? ConfirmLockPattern.InternalActivity.class.getName()
+                            : ConfirmLockPattern.class.getName());
        if (mFragment != null) {
            mFragment.startActivityForResult(intent, request);
        } else {
@@ -97,13 +116,17 @@ public final class ChooseLockSettingsHelper {

    /**
     * Launch screen to confirm the existing lock password.
+     * @param returnCredentials if true, put credentials into intent.
     * @see #onActivityResult(int, int, android.content.Intent)
     * @return true if we launched an activity to confirm password
     */
-    private boolean confirmPassword(int request) {
+    private boolean confirmPassword(int request, boolean returnCredentials) {
        if (!mLockPatternUtils.isLockPasswordEnabled()) return false;
        final Intent intent = new Intent();
-        intent.setClassName("com.android.settings", "com.android.settings.ConfirmLockPassword");
+        intent.setClassName("com.android.settings",
+                            returnCredentials
+                            ? ConfirmLockPassword.InternalActivity.class.getName()
+                            : ConfirmLockPassword.class.getName());
        if (mFragment != null) {
            mFragment.startActivityForResult(intent, request);
        } else {
--- a/src/com/android/settings/ConfirmLockPassword.java
+++ b/src/com/android/settings/ConfirmLockPassword.java
@@ -44,6 +44,9 @@ import android.widget.TextView.OnEditorActionListener;

 public class ConfirmLockPassword extends SettingsActivity {

+    public static class InternalActivity extends ConfirmLockPassword {
+    }
+
    @Override
    public Intent getIntent() {
        Intent modIntent = new Intent(super.getIntent());
@@ -168,10 +171,12 @@ public class ConfirmLockPassword extends SettingsActivity {
            if (mLockPatternUtils.checkPassword(pin)) {

                Intent intent = new Intent();
+                if (getActivity() instanceof ConfirmLockPassword.InternalActivity) {
                    intent.putExtra(ChooseLockSettingsHelper.EXTRA_KEY_TYPE,
                                    mIsAlpha ? StorageManager.CRYPT_TYPE_PASSWORD
                                             : StorageManager.CRYPT_TYPE_PIN);
                    intent.putExtra(ChooseLockSettingsHelper.EXTRA_KEY_PASSWORD, pin);
+                }

                getActivity().setResult(RESULT_OK, intent);
                getActivity().finish();
--- a/src/com/android/settings/ConfirmLockPattern.java
+++ b/src/com/android/settings/ConfirmLockPattern.java
@@ -43,6 +43,9 @@ import java.util.List;
 */
 public class ConfirmLockPattern extends SettingsActivity {

+    public static class InternalActivity extends ConfirmLockPattern {
+    }
+
    /**
     * Names of {@link CharSequence} fields within the originating {@link Intent}
     * that are used to configure the keyguard confirmation view's labeling.
@@ -266,10 +269,12 @@ public class ConfirmLockPattern extends SettingsActivity {
                if (mLockPatternUtils.checkPattern(pattern)) {

                    Intent intent = new Intent();
+                    if (getActivity() instanceof ConfirmLockPattern.InternalActivity) {
                        intent.putExtra(ChooseLockSettingsHelper.EXTRA_KEY_TYPE,
                                        StorageManager.CRYPT_TYPE_PATTERN);
                        intent.putExtra(ChooseLockSettingsHelper.EXTRA_KEY_PASSWORD,
                                        LockPatternUtils.patternToString(pattern));
+                    }

                    getActivity().setResult(Activity.RESULT_OK, intent);
                    getActivity().finish();
--- a/src/com/android/settings/CredentialStorage.java
+++ b/src/com/android/settings/CredentialStorage.java
@@ -378,7 +378,8 @@ public final class CredentialStorage extends Activity {
        boolean launched = new ChooseLockSettingsHelper(this)
                .launchConfirmationActivity(CONFIRM_KEY_GUARD_REQUEST,
                                            res.getText(R.string.credentials_install_gesture_prompt),
-                                            res.getText(R.string.credentials_install_gesture_explanation));
+                                            res.getText(R.string.credentials_install_gesture_explanation),
+                                            true);
        return launched;
    }

--- a/src/com/android/settings/CryptKeeperSettings.java
+++ b/src/com/android/settings/CryptKeeperSettings.java
@@ -164,7 +164,8 @@ public class CryptKeeperSettings extends Fragment {

        return helper.launchConfirmationActivity(request,
                res.getText(R.string.master_clear_gesture_prompt),
-                res.getText(R.string.master_clear_gesture_explanation));
+                res.getText(R.string.master_clear_gesture_explanation),
+                true);
    }

    @Override