From 3d2b855e53776b4406e1fb01f6198be89c9f8114 Mon Sep 17 00:00:00 2001 From: Jim Miller Date: Thu, 18 Aug 2016 20:22:33 -0700 Subject: Bind fingerprint when we start authentication - DO NOT MERGE This fixes a bug where it was possible to authenticate the wrong user. We now bind the userId when we start authentication and confirm it when authentication completes. Fixes bug 30744668 Change-Id: I346d92c301414ed81e11fa9c171584c7ae4341c2 (cherry picked from commit b6f4b48df273d210d13631b4c2426482feb40c97) --- .../Keyguard/src/com/android/keyguard/KeyguardUpdateMonitor.java | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) (limited to 'packages') diff --git a/packages/Keyguard/src/com/android/keyguard/KeyguardUpdateMonitor.java b/packages/Keyguard/src/com/android/keyguard/KeyguardUpdateMonitor.java index 57ee319..f31df51 100644 --- a/packages/Keyguard/src/com/android/keyguard/KeyguardUpdateMonitor.java +++ b/packages/Keyguard/src/com/android/keyguard/KeyguardUpdateMonitor.java @@ -430,7 +430,8 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener { } } - private void handleFingerprintAuthenticated() { + + private void handleFingerprintAuthenticated(int authUserId) { try { final int userId; try { @@ -439,6 +440,10 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener { Log.e(TAG, "Failed to get current user id: ", e); return; } + if (userId != authUserId) { + Log.d(TAG, "Fingerprint authenticated for wrong user: " + authUserId); + return; + } if (isFingerprintDisabled(userId)) { Log.d(TAG, "Fingerprint disabled by DPM for userId: " + userId); return; @@ -705,7 +710,7 @@ public class KeyguardUpdateMonitor implements TrustManager.TrustListener { @Override public void onAuthenticationSucceeded(AuthenticationResult result) { - handleFingerprintAuthenticated(); + handleFingerprintAuthenticated(result.getUserId()); } @Override -- cgit v1.1