am 83e405ec: am 1b09c716: am d07b648b: Merge "Fixes setting password through DevicePolicyManager" into lmp-dev

* commit '83e405ec2dc5430f5f9bb4cec68ca85412441838': Fixes setting password through DevicePolicyManager
2014-07-24 19:57:44 +00:00
parent e4998d93fd 832f82f9eb
commit d213923d48
2 changed files with 20 additions and 10 deletions
--- a/core/java/com/android/internal/widget/LockPatternUtils.java
+++ b/core/java/com/android/internal/widget/LockPatternUtils.java
@@ -359,7 +359,8 @@ public class LockPatternUtils {
     * @return Whether the password matches any in the history.
     */
    public boolean checkPasswordHistory(String password) {
-        String passwordHashString = new String(passwordToHash(password));
+        String passwordHashString = new String(
+                passwordToHash(password, getCurrentOrCallingUserId()));
        String passwordHistory = getString(PASSWORD_HISTORY_KEY);
        if (passwordHistory == null) {
            return false;
@@ -828,7 +829,7 @@ public class LockPatternUtils {
                if (passwordHistoryLength == 0) {
                    passwordHistory = "";
                } else {
-                    byte[] hash = passwordToHash(password);
+                    byte[] hash = passwordToHash(password, userHandle);
                    passwordHistory = new String(hash) + "," + passwordHistory;
                    // Cut it to contain passwordHistoryLength hashes
                    // and passwordHistoryLength -1 commas.
@@ -944,13 +945,13 @@ public class LockPatternUtils {
        }
    }

-    private String getSalt() {
-        long salt = getLong(LOCK_PASSWORD_SALT_KEY, 0);
+    private String getSalt(int userId) {
+        long salt = getLong(LOCK_PASSWORD_SALT_KEY, 0, userId);
        if (salt == 0) {
            try {
                salt = SecureRandom.getInstance("SHA1PRNG").nextLong();
-                setLong(LOCK_PASSWORD_SALT_KEY, salt);
-                Log.v(TAG, "Initialized lock password salt");
+                setLong(LOCK_PASSWORD_SALT_KEY, salt, userId);
+                Log.v(TAG, "Initialized lock password salt for user: " + userId);
            } catch (NoSuchAlgorithmException e) {
                // Throw an exception rather than storing a password we'll never be able to recover
                throw new IllegalStateException("Couldn't get SecureRandom number", e);
@@ -966,14 +967,14 @@ public class LockPatternUtils {
     * @param password the gesture pattern.
     * @return the hash of the pattern in a byte array.
     */
-    public byte[] passwordToHash(String password) {
+    public byte[] passwordToHash(String password, int userId) {
        if (password == null) {
            return null;
        }
        String algo = null;
        byte[] hashed = null;
        try {
-            byte[] saltedPassword = (password + getSalt()).getBytes();
+            byte[] saltedPassword = (password + getSalt(userId)).getBytes();
            byte[] sha1 = MessageDigest.getInstance(algo = "SHA-1").digest(saltedPassword);
            byte[] md5 = MessageDigest.getInstance(algo = "MD5").digest(saltedPassword);
            hashed = (toHex(sha1) + toHex(md5)).getBytes();
@@ -1336,6 +1337,14 @@ public class LockPatternUtils {
        return true;
    }

+    private long getLong(String secureSettingKey, long defaultValue, int userHandle) {
+        try {
+            return getLockSettings().getLong(secureSettingKey, defaultValue, userHandle);
+        } catch (RemoteException re) {
+            return defaultValue;
+        }
+    }
+
    private long getLong(String secureSettingKey, long defaultValue) {
        try {
            return getLockSettings().getLong(secureSettingKey, defaultValue,
--- a/services/core/java/com/android/server/LockSettingsService.java
+++ b/services/core/java/com/android/server/LockSettingsService.java
@@ -346,7 +346,8 @@ public class LockSettingsService extends ILockSettings.Stub {

        maybeUpdateKeystore(password, userId);

-        writeFile(getLockPasswordFilename(userId), mLockPatternUtils.passwordToHash(password));
+        writeFile(getLockPasswordFilename(userId),
+                mLockPatternUtils.passwordToHash(password, userId));
    }

    @Override
@@ -391,7 +392,7 @@ public class LockSettingsService extends ILockSettings.Stub {
                return true;
            }
            // Compare the hash from the file with the entered password's hash
-            final byte[] hash = mLockPatternUtils.passwordToHash(password);
+            final byte[] hash = mLockPatternUtils.passwordToHash(password, userId);
            final boolean matched = Arrays.equals(stored, hash);
            if (matched && !TextUtils.isEmpty(password)) {
                maybeUpdateKeystore(password, userId);