diff options
author | Andy Stadler <stadler@google.com> | 2011-01-21 16:25:22 -0800 |
---|---|---|
committer | Andy Stadler <stadler@google.com> | 2011-01-21 16:25:22 -0800 |
commit | 6370c87a6b98abfc6badb31070a60f84b3f528b3 (patch) | |
tree | 43e277043059cf80f378f60fa13e3d2355e90b77 /src/com/android/settings/ChooseLockGeneric.java | |
parent | ac94d6852850889ca58480d1af91bc91541f2fce (diff) | |
download | packages_apps_settings-6370c87a6b98abfc6badb31070a60f84b3f528b3.zip packages_apps_settings-6370c87a6b98abfc6badb31070a60f84b3f528b3.tar.gz packages_apps_settings-6370c87a6b98abfc6badb31070a60f84b3f528b3.tar.bz2 |
Maintain password quality while encrypted
Bug: 3378277
Change-Id: I68aae06c518eb514c1be38214d8c9918b0398f95
Diffstat (limited to 'src/com/android/settings/ChooseLockGeneric.java')
-rw-r--r-- | src/com/android/settings/ChooseLockGeneric.java | 61 |
1 files changed, 46 insertions, 15 deletions
diff --git a/src/com/android/settings/ChooseLockGeneric.java b/src/com/android/settings/ChooseLockGeneric.java index 264db5f..118bc6f 100644 --- a/src/com/android/settings/ChooseLockGeneric.java +++ b/src/com/android/settings/ChooseLockGeneric.java @@ -65,7 +65,8 @@ public class ChooseLockGeneric extends PreferenceActivity { } if (!mPasswordConfirmed) { - ChooseLockSettingsHelper helper = new ChooseLockSettingsHelper(this.getActivity(), this); + ChooseLockSettingsHelper helper = + new ChooseLockSettingsHelper(this.getActivity(), this); if (!helper.launchConfirmationActivity(CONFIRM_EXISTING_REQUEST, null, null)) { mPasswordConfirmed = true; // no password set, so no need to confirm updatePreferencesOrFinish(); @@ -81,15 +82,20 @@ public class ChooseLockGeneric extends PreferenceActivity { final String key = preference.getKey(); boolean handled = true; if (KEY_UNLOCK_SET_OFF.equals(key)) { - updateUnlockMethodAndFinish(DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED, true); + updateUnlockMethodAndFinish( + DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED, true); } else if (KEY_UNLOCK_SET_NONE.equals(key)) { - updateUnlockMethodAndFinish(DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED, false); + updateUnlockMethodAndFinish( + DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED, false); } else if (KEY_UNLOCK_SET_PATTERN.equals(key)) { - updateUnlockMethodAndFinish(DevicePolicyManager.PASSWORD_QUALITY_SOMETHING, false); + updateUnlockMethodAndFinish( + DevicePolicyManager.PASSWORD_QUALITY_SOMETHING, false); } else if (KEY_UNLOCK_SET_PIN.equals(key)) { - updateUnlockMethodAndFinish(DevicePolicyManager.PASSWORD_QUALITY_NUMERIC, false); + updateUnlockMethodAndFinish( + DevicePolicyManager.PASSWORD_QUALITY_NUMERIC, false); } else if (KEY_UNLOCK_SET_PASSWORD.equals(key)) { - updateUnlockMethodAndFinish(DevicePolicyManager.PASSWORD_QUALITY_ALPHABETIC, false); + updateUnlockMethodAndFinish( + DevicePolicyManager.PASSWORD_QUALITY_ALPHABETIC, false); } else { handled = false; } @@ -116,28 +122,51 @@ public class ChooseLockGeneric extends PreferenceActivity { } private void updatePreferencesOrFinish() { - int quality = getActivity().getIntent().getIntExtra(LockPatternUtils.PASSWORD_TYPE_KEY, -1); + int quality = getActivity().getIntent() + .getIntExtra(LockPatternUtils.PASSWORD_TYPE_KEY, -1); if (quality == -1) { - // If caller didn't specify password quality, show the UI and allow the user to choose. - quality = mChooseLockSettingsHelper.utils().getKeyguardStoredPasswordQuality(); + // If caller didn't specify password quality, show UI and allow the user to choose. + quality = mDPM.getPasswordQuality(null); + quality = upgradeQualityForEncryption(quality); final PreferenceScreen prefScreen = getPreferenceScreen(); if (prefScreen != null) { prefScreen.removeAll(); } addPreferencesFromResource(R.xml.security_settings_picker); - disableUnusablePreferences(mDPM.getPasswordQuality(null)); + disableUnusablePreferences(quality); } else { + quality = upgradeQualityForEncryption(quality); updateUnlockMethodAndFinish(quality, false); } } + /** + * Mix in "encryption minimums" to any given quality value. This prevents users + * from downgrading the pattern/pin/password to a level below the minimums. + * + * ASSUMPTION: Setting quality is sufficient (e.g. minimum lengths will be set + * appropriately.) + */ + private int upgradeQualityForEncryption(int quality) { + int encryptionStatus = mDPM.getStorageEncryptionStatus(); + boolean encrypted = (encryptionStatus == DevicePolicyManager.ENCRYPTION_STATUS_ACTIVE) + || (encryptionStatus == DevicePolicyManager.ENCRYPTION_STATUS_ACTIVATING); + if (encrypted) { + if (quality < DevicePolicyManager.PASSWORD_QUALITY_NUMERIC) { + quality = DevicePolicyManager.PASSWORD_QUALITY_NUMERIC; + } + } + return quality; + } + /*** * Disables preferences that are less secure than required quality. * * @param quality the requested quality. */ private void disableUnusablePreferences(final int quality) { - final Preference picker = getPreferenceScreen().findPreference("security_picker_category"); + final Preference picker = + getPreferenceScreen().findPreference("security_picker_category"); final PreferenceCategory cat = (PreferenceCategory) picker; final int preferenceCount = cat.getPreferenceCount(); for (int i = 0; i < preferenceCount; i++) { @@ -169,21 +198,23 @@ public class ChooseLockGeneric extends PreferenceActivity { * and minimum quality specified by DevicePolicyManager. If quality is * {@link DevicePolicyManager#PASSWORD_QUALITY_UNSPECIFIED}, password is cleared. * - * @param quality the desired quality. Ignored if DevicePolicyManager requires more security. + * @param quality the desired quality. Ignored if DevicePolicyManager requires more security * @param disabled whether or not to show LockScreen at all. Only meaningful when quality is * {@link DevicePolicyManager#PASSWORD_QUALITY_UNSPECIFIED} */ void updateUnlockMethodAndFinish(int quality, boolean disabled) { - // Sanity check. We should never get here without confirming user's existing password first. + // Sanity check. We should never get here without confirming user's existing password. if (!mPasswordConfirmed) { - throw new IllegalStateException("Tried to update password without confirming first"); + throw new IllegalStateException("Tried to update password without confirming it"); } - // Compare minimum allowed password quality and launch appropriate security setting method + // Compare min allowed password quality and launch appropriate security setting method int minQuality = mDPM.getPasswordQuality(null); if (quality < minQuality) { quality = minQuality; } + quality = upgradeQualityForEncryption(quality); + if (quality >= DevicePolicyManager.PASSWORD_QUALITY_NUMERIC) { int minLength = mDPM.getPasswordMinimumLength(null); if (minLength < MIN_PASSWORD_LENGTH) { |