PawletOS/app_Settings
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Maintain password quality while encrypted

Browse Source 
Bug: 3378277
Change-Id: I68aae06c518eb514c1be38214d8c9918b0398f95
This commit is contained in:
Andy Stadler
2011-01-21 16:25:22 -08:00
parent ac94d68528
commit 6370c87a6b
1 changed files with 46 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

61
src/com/android/settings/ChooseLockGeneric.java
View File

@@ -65,7 +65,8 @@ public class ChooseLockGeneric extends PreferenceActivity {
} }
if (!mPasswordConfirmed) { if (!mPasswordConfirmed) {
ChooseLockSettingsHelper helper = new ChooseLockSettingsHelper(this.getActivity(), this); ChooseLockSettingsHelper helper =
new ChooseLockSettingsHelper(this.getActivity(), this);
if (!helper.launchConfirmationActivity(CONFIRM_EXISTING_REQUEST, null, null)) { if (!helper.launchConfirmationActivity(CONFIRM_EXISTING_REQUEST, null, null)) {
mPasswordConfirmed = true; // no password set, so no need to confirm mPasswordConfirmed = true; // no password set, so no need to confirm
updatePreferencesOrFinish(); updatePreferencesOrFinish();
@@ -81,15 +82,20 @@ public class ChooseLockGeneric extends PreferenceActivity {
final String key = preference.getKey(); final String key = preference.getKey();
boolean handled = true; boolean handled = true;
if (KEY_UNLOCK_SET_OFF.equals(key)) { if (KEY_UNLOCK_SET_OFF.equals(key)) {
updateUnlockMethodAndFinish(DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED, true); updateUnlockMethodAndFinish(
DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED, true);
} else if (KEY_UNLOCK_SET_NONE.equals(key)) { } else if (KEY_UNLOCK_SET_NONE.equals(key)) {
updateUnlockMethodAndFinish(DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED, false); updateUnlockMethodAndFinish(
DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED, false);
} else if (KEY_UNLOCK_SET_PATTERN.equals(key)) { } else if (KEY_UNLOCK_SET_PATTERN.equals(key)) {
updateUnlockMethodAndFinish(DevicePolicyManager.PASSWORD_QUALITY_SOMETHING, false); updateUnlockMethodAndFinish(
DevicePolicyManager.PASSWORD_QUALITY_SOMETHING, false);
} else if (KEY_UNLOCK_SET_PIN.equals(key)) { } else if (KEY_UNLOCK_SET_PIN.equals(key)) {
updateUnlockMethodAndFinish(DevicePolicyManager.PASSWORD_QUALITY_NUMERIC, false); updateUnlockMethodAndFinish(
DevicePolicyManager.PASSWORD_QUALITY_NUMERIC, false);
} else if (KEY_UNLOCK_SET_PASSWORD.equals(key)) { } else if (KEY_UNLOCK_SET_PASSWORD.equals(key)) {
updateUnlockMethodAndFinish(DevicePolicyManager.PASSWORD_QUALITY_ALPHABETIC, false); updateUnlockMethodAndFinish(
DevicePolicyManager.PASSWORD_QUALITY_ALPHABETIC, false);
} else { } else {
handled = false; handled = false;
} }
@@ -116,28 +122,51 @@ public class ChooseLockGeneric extends PreferenceActivity {
} }
private void updatePreferencesOrFinish() { private void updatePreferencesOrFinish() {
int quality = getActivity().getIntent().getIntExtra(LockPatternUtils.PASSWORD_TYPE_KEY, -1); int quality = getActivity().getIntent()
.getIntExtra(LockPatternUtils.PASSWORD_TYPE_KEY, -1);
if (quality == -1) { if (quality == -1) {
// If caller didn't specify password quality, show the UI and allow the user to choose. // If caller didn't specify password quality, show UI and allow the user to choose.
quality = mChooseLockSettingsHelper.utils().getKeyguardStoredPasswordQuality(); quality = mDPM.getPasswordQuality(null);
quality = upgradeQualityForEncryption(quality);
final PreferenceScreen prefScreen = getPreferenceScreen(); final PreferenceScreen prefScreen = getPreferenceScreen();
if (prefScreen != null) { if (prefScreen != null) {
prefScreen.removeAll(); prefScreen.removeAll();
} }
addPreferencesFromResource(R.xml.security_settings_picker); addPreferencesFromResource(R.xml.security_settings_picker);
disableUnusablePreferences(mDPM.getPasswordQuality(null)); disableUnusablePreferences(quality);
} else { } else {
quality = upgradeQualityForEncryption(quality);
updateUnlockMethodAndFinish(quality, false); updateUnlockMethodAndFinish(quality, false);
} }
} }
/**
* Mix in "encryption minimums" to any given quality value. This prevents users
* from downgrading the pattern/pin/password to a level below the minimums.
*
* ASSUMPTION: Setting quality is sufficient (e.g. minimum lengths will be set
* appropriately.)
*/
private int upgradeQualityForEncryption(int quality) {
int encryptionStatus = mDPM.getStorageEncryptionStatus();
boolean encrypted = (encryptionStatus == DevicePolicyManager.ENCRYPTION_STATUS_ACTIVE)
|| (encryptionStatus == DevicePolicyManager.ENCRYPTION_STATUS_ACTIVATING);
if (encrypted) {
if (quality < DevicePolicyManager.PASSWORD_QUALITY_NUMERIC) {
quality = DevicePolicyManager.PASSWORD_QUALITY_NUMERIC;
}
}
return quality;
}
/*** /***
* Disables preferences that are less secure than required quality. * Disables preferences that are less secure than required quality.
* *
* @param quality the requested quality. * @param quality the requested quality.
*/ */
private void disableUnusablePreferences(final int quality) { private void disableUnusablePreferences(final int quality) {
final Preference picker = getPreferenceScreen().findPreference("security_picker_category"); final Preference picker =
getPreferenceScreen().findPreference("security_picker_category");
final PreferenceCategory cat = (PreferenceCategory) picker; final PreferenceCategory cat = (PreferenceCategory) picker;
final int preferenceCount = cat.getPreferenceCount(); final int preferenceCount = cat.getPreferenceCount();
for (int i = 0; i < preferenceCount; i++) { for (int i = 0; i < preferenceCount; i++) {
@@ -169,21 +198,23 @@ public class ChooseLockGeneric extends PreferenceActivity {
* and minimum quality specified by DevicePolicyManager. If quality is * and minimum quality specified by DevicePolicyManager. If quality is
* {@link DevicePolicyManager#PASSWORD_QUALITY_UNSPECIFIED}, password is cleared. * {@link DevicePolicyManager#PASSWORD_QUALITY_UNSPECIFIED}, password is cleared.
* *
* @param quality the desired quality. Ignored if DevicePolicyManager requires more security. * @param quality the desired quality. Ignored if DevicePolicyManager requires more security
* @param disabled whether or not to show LockScreen at all. Only meaningful when quality is * @param disabled whether or not to show LockScreen at all. Only meaningful when quality is
* {@link DevicePolicyManager#PASSWORD_QUALITY_UNSPECIFIED} * {@link DevicePolicyManager#PASSWORD_QUALITY_UNSPECIFIED}
*/ */
void updateUnlockMethodAndFinish(int quality, boolean disabled) { void updateUnlockMethodAndFinish(int quality, boolean disabled) {
// Sanity check. We should never get here without confirming user's existing password first. // Sanity check. We should never get here without confirming user's existing password.
if (!mPasswordConfirmed) { if (!mPasswordConfirmed) {
throw new IllegalStateException("Tried to update password without confirming first"); throw new IllegalStateException("Tried to update password without confirming it");
} }
// Compare minimum allowed password quality and launch appropriate security setting method // Compare min allowed password quality and launch appropriate security setting method
int minQuality = mDPM.getPasswordQuality(null); int minQuality = mDPM.getPasswordQuality(null);
if (quality < minQuality) { if (quality < minQuality) {
quality = minQuality; quality = minQuality;
} }
quality = upgradeQualityForEncryption(quality);
if (quality >= DevicePolicyManager.PASSWORD_QUALITY_NUMERIC) { if (quality >= DevicePolicyManager.PASSWORD_QUALITY_NUMERIC) {
int minLength = mDPM.getPasswordMinimumLength(null); int minLength = mDPM.getPasswordMinimumLength(null);
if (minLength < MIN_PASSWORD_LENGTH) { if (minLength < MIN_PASSWORD_LENGTH) {