2 * Copyright (C) 2010 The Android Open Source Project
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
17 package com.android.settings;
19 import android.app.Activity;
20 import android.app.PendingIntent;
21 import android.app.admin.DevicePolicyManager;
22 import android.content.Context;
23 import android.content.Intent;
24 import android.os.Bundle;
25 import android.preference.Preference;
26 import android.preference.PreferenceActivity;
27 import android.preference.PreferenceScreen;
28 import android.security.KeyStore;
29 import android.view.LayoutInflater;
30 import android.view.View;
31 import android.view.ViewGroup;
32 import android.widget.ListView;
34 import com.android.internal.widget.LockPatternUtils;
36 public class ChooseLockGeneric extends PreferenceActivity {
39 public Intent getIntent() {
40 Intent modIntent = new Intent(super.getIntent());
41 modIntent.putExtra(EXTRA_SHOW_FRAGMENT, ChooseLockGenericFragment.class.getName());
42 modIntent.putExtra(EXTRA_NO_HEADERS, true);
46 public static class ChooseLockGenericFragment extends SettingsPreferenceFragment {
47 private static final int MIN_PASSWORD_LENGTH = 4;
48 private static final String KEY_UNLOCK_BACKUP_INFO = "unlock_backup_info";
49 private static final String KEY_UNLOCK_SET_OFF = "unlock_set_off";
50 private static final String KEY_UNLOCK_SET_NONE = "unlock_set_none";
51 private static final String KEY_UNLOCK_SET_BIOMETRIC_WEAK = "unlock_set_biometric_weak";
52 private static final String KEY_UNLOCK_SET_PIN = "unlock_set_pin";
53 private static final String KEY_UNLOCK_SET_PASSWORD = "unlock_set_password";
54 private static final String KEY_UNLOCK_SET_PATTERN = "unlock_set_pattern";
55 private static final int CONFIRM_EXISTING_REQUEST = 100;
56 private static final int FALLBACK_REQUEST = 101;
57 private static final String PASSWORD_CONFIRMED = "password_confirmed";
58 private static final String CONFIRM_CREDENTIALS = "confirm_credentials";
59 public static final String MINIMUM_QUALITY_KEY = "minimum_quality";
61 private static final boolean ALWAY_SHOW_TUTORIAL = true;
63 private ChooseLockSettingsHelper mChooseLockSettingsHelper;
64 private DevicePolicyManager mDPM;
65 private KeyStore mKeyStore;
66 private boolean mPasswordConfirmed = false;
69 public void onCreate(Bundle savedInstanceState) {
70 super.onCreate(savedInstanceState);
72 mDPM = (DevicePolicyManager) getSystemService(Context.DEVICE_POLICY_SERVICE);
73 mKeyStore = KeyStore.getInstance();
74 mChooseLockSettingsHelper = new ChooseLockSettingsHelper(this.getActivity());
76 // Defaults to needing to confirm credentials
77 final boolean confirmCredentials = getActivity().getIntent()
78 .getBooleanExtra(CONFIRM_CREDENTIALS, true);
79 mPasswordConfirmed = !confirmCredentials;
81 if (savedInstanceState != null) {
82 mPasswordConfirmed = savedInstanceState.getBoolean(PASSWORD_CONFIRMED);
85 if (!mPasswordConfirmed) {
86 ChooseLockSettingsHelper helper =
87 new ChooseLockSettingsHelper(this.getActivity(), this);
88 if (!helper.launchConfirmationActivity(CONFIRM_EXISTING_REQUEST, null, null)) {
89 mPasswordConfirmed = true; // no password set, so no need to confirm
90 updatePreferencesOrFinish();
93 updatePreferencesOrFinish();
98 public boolean onPreferenceTreeClick(PreferenceScreen preferenceScreen,
99 Preference preference) {
100 final String key = preference.getKey();
101 boolean handled = true;
102 if (KEY_UNLOCK_SET_OFF.equals(key)) {
103 updateUnlockMethodAndFinish(
104 DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED, true);
105 } else if (KEY_UNLOCK_SET_NONE.equals(key)) {
106 updateUnlockMethodAndFinish(
107 DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED, false);
108 } else if (KEY_UNLOCK_SET_BIOMETRIC_WEAK.equals(key)) {
109 updateUnlockMethodAndFinish(
110 DevicePolicyManager.PASSWORD_QUALITY_BIOMETRIC_WEAK, false);
111 }else if (KEY_UNLOCK_SET_PATTERN.equals(key)) {
112 updateUnlockMethodAndFinish(
113 DevicePolicyManager.PASSWORD_QUALITY_SOMETHING, false);
114 } else if (KEY_UNLOCK_SET_PIN.equals(key)) {
115 updateUnlockMethodAndFinish(
116 DevicePolicyManager.PASSWORD_QUALITY_NUMERIC, false);
117 } else if (KEY_UNLOCK_SET_PASSWORD.equals(key)) {
118 updateUnlockMethodAndFinish(
119 DevicePolicyManager.PASSWORD_QUALITY_ALPHABETIC, false);
127 public View onCreateView(LayoutInflater inflater, ViewGroup container,
128 Bundle savedInstanceState) {
129 View v = super.onCreateView(inflater, container, savedInstanceState);
130 final boolean onlyShowFallback = getActivity().getIntent()
131 .getBooleanExtra(LockPatternUtils.LOCKSCREEN_BIOMETRIC_WEAK_FALLBACK, false);
132 if (onlyShowFallback) {
133 View header = v.inflate(getActivity(),
134 R.layout.weak_biometric_fallback_header, null);
135 ((ListView) v.findViewById(android.R.id.list)).addHeaderView(header, null, false);
142 public void onActivityResult(int requestCode, int resultCode, Intent data) {
143 super.onActivityResult(requestCode, resultCode, data);
144 if (requestCode == CONFIRM_EXISTING_REQUEST && resultCode == Activity.RESULT_OK) {
145 mPasswordConfirmed = true;
146 updatePreferencesOrFinish();
147 } else if(requestCode == FALLBACK_REQUEST) {
148 mChooseLockSettingsHelper.utils().deleteTempGallery();
149 getActivity().setResult(resultCode);
152 getActivity().setResult(Activity.RESULT_CANCELED);
158 public void onSaveInstanceState(Bundle outState) {
159 super.onSaveInstanceState(outState);
160 // Saved so we don't force user to re-enter their password if configuration changes
161 outState.putBoolean(PASSWORD_CONFIRMED, mPasswordConfirmed);
164 private void updatePreferencesOrFinish() {
165 Intent intent = getActivity().getIntent();
166 int quality = intent.getIntExtra(LockPatternUtils.PASSWORD_TYPE_KEY, -1);
168 // If caller didn't specify password quality, show UI and allow the user to choose.
169 quality = intent.getIntExtra(MINIMUM_QUALITY_KEY, -1);
170 quality = upgradeQuality(quality);
171 final PreferenceScreen prefScreen = getPreferenceScreen();
172 if (prefScreen != null) {
173 prefScreen.removeAll();
175 addPreferencesFromResource(R.xml.security_settings_picker);
176 disableUnusablePreferences(quality);
178 updateUnlockMethodAndFinish(quality, false);
182 private int upgradeQuality(int quality) {
183 quality = upgradeQualityForDPM(quality);
184 quality = upgradeQualityForEncryption(quality);
185 quality = upgradeQualityForKeyStore(quality);
189 private int upgradeQualityForDPM(int quality) {
190 // Compare min allowed password quality
191 int minQuality = mDPM.getPasswordQuality(null);
192 if (quality < minQuality) {
193 quality = minQuality;
199 * Mix in "encryption minimums" to any given quality value. This prevents users
200 * from downgrading the pattern/pin/password to a level below the minimums.
202 * ASSUMPTION: Setting quality is sufficient (e.g. minimum lengths will be set
205 private int upgradeQualityForEncryption(int quality) {
206 int encryptionStatus = mDPM.getStorageEncryptionStatus();
207 boolean encrypted = (encryptionStatus == DevicePolicyManager.ENCRYPTION_STATUS_ACTIVE)
208 || (encryptionStatus == DevicePolicyManager.ENCRYPTION_STATUS_ACTIVATING);
210 if (quality < CryptKeeperSettings.MIN_PASSWORD_QUALITY) {
211 quality = CryptKeeperSettings.MIN_PASSWORD_QUALITY;
217 private int upgradeQualityForKeyStore(int quality) {
218 if (!mKeyStore.isEmpty()) {
219 if (quality < CredentialStorage.MIN_PASSWORD_QUALITY) {
220 quality = CredentialStorage.MIN_PASSWORD_QUALITY;
227 * Disables preferences that are less secure than required quality.
229 * @param quality the requested quality.
231 private void disableUnusablePreferences(final int quality) {
232 final PreferenceScreen entries = getPreferenceScreen();
233 final boolean onlyShowFallback = getActivity().getIntent()
234 .getBooleanExtra(LockPatternUtils.LOCKSCREEN_BIOMETRIC_WEAK_FALLBACK, false);
235 final boolean weakBiometricAvailable =
236 mChooseLockSettingsHelper.utils().isBiometricWeakInstalled();
237 for (int i = entries.getPreferenceCount() - 1; i >= 0; --i) {
238 Preference pref = entries.getPreference(i);
239 if (pref instanceof PreferenceScreen) {
240 final String key = ((PreferenceScreen) pref).getKey();
241 boolean enabled = true;
242 boolean visible = true;
243 if (KEY_UNLOCK_SET_OFF.equals(key)) {
244 enabled = quality <= DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED;
245 } else if (KEY_UNLOCK_SET_NONE.equals(key)) {
246 enabled = quality <= DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED;
247 } else if (KEY_UNLOCK_SET_BIOMETRIC_WEAK.equals(key)) {
248 enabled = quality <= DevicePolicyManager.PASSWORD_QUALITY_BIOMETRIC_WEAK;
249 visible = weakBiometricAvailable; // If not available, then don't show it.
250 } else if (KEY_UNLOCK_SET_PATTERN.equals(key)) {
251 enabled = quality <= DevicePolicyManager.PASSWORD_QUALITY_SOMETHING;
252 } else if (KEY_UNLOCK_SET_PIN.equals(key)) {
253 enabled = quality <= DevicePolicyManager.PASSWORD_QUALITY_NUMERIC;
254 } else if (KEY_UNLOCK_SET_PASSWORD.equals(key)) {
255 enabled = quality <= DevicePolicyManager.PASSWORD_QUALITY_COMPLEX;
257 if (!visible || (onlyShowFallback && !allowedForFallback(key))) {
258 entries.removePreference(pref);
259 } else if (!enabled) {
260 pref.setSummary(R.string.unlock_set_unlock_disabled_summary);
261 pref.setEnabled(false);
268 * Check whether the key is allowed for fallback (e.g. bio sensor). Returns true if it's
269 * supported as a backup.
272 * @return true if allowed
274 private boolean allowedForFallback(String key) {
275 return KEY_UNLOCK_BACKUP_INFO.equals(key) ||
276 KEY_UNLOCK_SET_PATTERN.equals(key) || KEY_UNLOCK_SET_PIN.equals(key);
279 private Intent getBiometricSensorIntent(int quality) {
280 Intent fallBackIntent = new Intent().setClass(getActivity(), ChooseLockGeneric.class);
281 fallBackIntent.putExtra(LockPatternUtils.LOCKSCREEN_BIOMETRIC_WEAK_FALLBACK, true);
282 fallBackIntent.putExtra(CONFIRM_CREDENTIALS, false);
283 fallBackIntent.putExtra(EXTRA_SHOW_FRAGMENT_TITLE,
284 R.string.backup_lock_settings_picker_title);
285 fallBackIntent.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK);
287 boolean showTutorial = ALWAY_SHOW_TUTORIAL ||
288 !mChooseLockSettingsHelper.utils().isBiometricWeakEverChosen();
289 Intent intent = new Intent();
290 intent.setClassName("com.android.facelock", showTutorial
291 ? "com.android.facelock.FaceLockTutorial"
292 : "com.android.facelock.SetupFaceLock");
293 PendingIntent pending = PendingIntent.getActivity(getActivity(), 0, fallBackIntent, 0);
294 intent.putExtra("PendingIntent", pending);
299 * Invokes an activity to change the user's pattern, password or PIN based on given quality
300 * and minimum quality specified by DevicePolicyManager. If quality is
301 * {@link DevicePolicyManager#PASSWORD_QUALITY_UNSPECIFIED}, password is cleared.
303 * @param quality the desired quality. Ignored if DevicePolicyManager requires more security
304 * @param disabled whether or not to show LockScreen at all. Only meaningful when quality is
305 * {@link DevicePolicyManager#PASSWORD_QUALITY_UNSPECIFIED}
307 void updateUnlockMethodAndFinish(int quality, boolean disabled) {
308 // Sanity check. We should never get here without confirming user's existing password.
309 if (!mPasswordConfirmed) {
310 throw new IllegalStateException("Tried to update password without confirming it");
313 final boolean isFallback = getActivity().getIntent()
314 .getBooleanExtra(LockPatternUtils.LOCKSCREEN_BIOMETRIC_WEAK_FALLBACK, false);
316 quality = upgradeQuality(quality);
318 if (quality >= DevicePolicyManager.PASSWORD_QUALITY_NUMERIC) {
319 int minLength = mDPM.getPasswordMinimumLength(null);
320 if (minLength < MIN_PASSWORD_LENGTH) {
321 minLength = MIN_PASSWORD_LENGTH;
323 final int maxLength = mDPM.getPasswordMaximumLength(quality);
324 Intent intent = new Intent().setClass(getActivity(), ChooseLockPassword.class);
325 intent.putExtra(LockPatternUtils.PASSWORD_TYPE_KEY, quality);
326 intent.putExtra(ChooseLockPassword.PASSWORD_MIN_KEY, minLength);
327 intent.putExtra(ChooseLockPassword.PASSWORD_MAX_KEY, maxLength);
328 intent.putExtra(CONFIRM_CREDENTIALS, false);
329 intent.putExtra(LockPatternUtils.LOCKSCREEN_BIOMETRIC_WEAK_FALLBACK,
332 startActivityForResult(intent, FALLBACK_REQUEST);
335 intent.addFlags(Intent.FLAG_ACTIVITY_FORWARD_RESULT);
336 startActivity(intent);
338 } else if (quality == DevicePolicyManager.PASSWORD_QUALITY_SOMETHING) {
339 boolean showTutorial = !mChooseLockSettingsHelper.utils().isPatternEverChosen();
340 Intent intent = new Intent();
341 intent.setClass(getActivity(), showTutorial
342 ? ChooseLockPatternTutorial.class
343 : ChooseLockPattern.class);
344 intent.putExtra("key_lock_method", "pattern");
345 intent.putExtra(CONFIRM_CREDENTIALS, false);
346 intent.putExtra(LockPatternUtils.LOCKSCREEN_BIOMETRIC_WEAK_FALLBACK,
349 startActivityForResult(intent, FALLBACK_REQUEST);
352 intent.addFlags(Intent.FLAG_ACTIVITY_FORWARD_RESULT);
353 startActivity(intent);
355 } else if (quality == DevicePolicyManager.PASSWORD_QUALITY_BIOMETRIC_WEAK) {
356 Intent intent = getBiometricSensorIntent(quality);
357 startActivity(intent);
358 } else if (quality == DevicePolicyManager.PASSWORD_QUALITY_UNSPECIFIED) {
359 mChooseLockSettingsHelper.utils().clearLock(false);
360 mChooseLockSettingsHelper.utils().setLockScreenDisabled(disabled);
361 getActivity().setResult(Activity.RESULT_OK);