diff options
19 files changed, 53 insertions, 85 deletions
diff --git a/services/core/java/com/android/server/locksettings/BiometricDeferredQueue.java b/services/core/java/com/android/server/locksettings/BiometricDeferredQueue.java index 2bdeab4703a8..f144cf8efbba 100644 --- a/services/core/java/com/android/server/locksettings/BiometricDeferredQueue.java +++ b/services/core/java/com/android/server/locksettings/BiometricDeferredQueue.java @@ -44,7 +44,6 @@ import java.util.Set; public class BiometricDeferredQueue { private static final String TAG = "BiometricDeferredQueue"; - @NonNull private final Context mContext; @NonNull private final SyntheticPasswordManager mSpManager; @NonNull private final Handler mHandler; @Nullable private FingerprintManager mFingerprintManager; @@ -131,9 +130,7 @@ public class BiometricDeferredQueue { mFaceResetLockoutTask = null; }; - BiometricDeferredQueue(@NonNull Context context, @NonNull SyntheticPasswordManager spManager, - @NonNull Handler handler) { - mContext = context; + BiometricDeferredQueue(@NonNull SyntheticPasswordManager spManager, @NonNull Handler handler) { mSpManager = spManager; mHandler = handler; mPendingResetLockoutsForFingerprint = new ArrayList<>(); diff --git a/services/core/java/com/android/server/locksettings/LockSettingsService.java b/services/core/java/com/android/server/locksettings/LockSettingsService.java index f4ad750948e6..c5f73625379f 100644 --- a/services/core/java/com/android/server/locksettings/LockSettingsService.java +++ b/services/core/java/com/android/server/locksettings/LockSettingsService.java @@ -67,7 +67,6 @@ import android.content.Intent; import android.content.IntentFilter; import android.content.pm.PackageManager; import android.content.pm.UserInfo; -import android.content.res.Resources; import android.database.ContentObserver; import android.database.sqlite.SQLiteDatabase; import android.hardware.authsecret.V1_0.IAuthSecret; @@ -238,7 +237,6 @@ public class LockSettingsService extends ILockSettings.Stub { @VisibleForTesting protected final SyntheticPasswordManager mSpManager; - private final KeyStore mKeyStore; private final java.security.KeyStore mJavaKeyStore; private final RecoverableKeyStoreManager mRecoverableKeyStoreManager; private ManagedProfilePasswordCache mManagedProfilePasswordCache; @@ -570,7 +568,6 @@ public class LockSettingsService extends ILockSettings.Stub { protected LockSettingsService(Injector injector) { mInjector = injector; mContext = injector.getContext(); - mKeyStore = injector.getKeyStore(); mJavaKeyStore = injector.getJavaKeyStore(); mRecoverableKeyStoreManager = injector.getRecoverableKeyStoreManager(); mHandler = injector.getHandler(injector.getServiceThread()); @@ -595,7 +592,7 @@ public class LockSettingsService extends ILockSettings.Stub { mSpManager = injector.getSyntheticPasswordManager(mStorage); mManagedProfilePasswordCache = injector.getManagedProfilePasswordCache(mJavaKeyStore); - mBiometricDeferredQueue = new BiometricDeferredQueue(mContext, mSpManager, mHandler); + mBiometricDeferredQueue = new BiometricDeferredQueue(mSpManager, mHandler); mRebootEscrowManager = injector.getRebootEscrowManager(new RebootEscrowCallbacks(), mStorage); @@ -637,7 +634,6 @@ public class LockSettingsService extends ILockSettings.Stub { } private void showEncryptionNotificationForProfile(UserHandle user, String reason) { - Resources r = mContext.getResources(); CharSequence title = getEncryptionNotificationTitle(); CharSequence message = getEncryptionNotificationMessage(); CharSequence detail = getEncryptionNotificationDetail(); @@ -657,7 +653,7 @@ public class LockSettingsService extends ILockSettings.Stub { PendingIntent intent = PendingIntent.getActivity(mContext, 0, unlockIntent, PendingIntent.FLAG_UPDATE_CURRENT | PendingIntent.FLAG_MUTABLE_UNAUDITED); - Slog.d(TAG, String.format("showing encryption notification, user: %d; reason: %s", + Slog.d(TAG, TextUtils.formatSimple("showing encryption notification, user: %d; reason: %s", user.getIdentifier(), reason)); showEncryptionNotification(user, title, message, detail, intent); @@ -839,7 +835,7 @@ public class LockSettingsService extends ILockSettings.Stub { if (mContext.checkCallingOrSelfPermission(PERMISSION) != PERMISSION_GRANTED) { EventLog.writeEvent(0x534e4554, "28251513", getCallingUid(), ""); // SafetyNet } - checkWritePermission(UserHandle.USER_SYSTEM); + checkWritePermission(); mHasSecureLockScreen = mContext.getPackageManager() .hasSystemFeature(PackageManager.FEATURE_SECURE_LOCK_SCREEN); @@ -979,7 +975,7 @@ public class LockSettingsService extends ILockSettings.Stub { } } - private final void checkWritePermission(int userId) { + private final void checkWritePermission() { mContext.enforceCallingOrSelfPermission(PERMISSION, "LockSettingsWrite"); } @@ -987,7 +983,7 @@ public class LockSettingsService extends ILockSettings.Stub { mContext.enforceCallingOrSelfPermission(PERMISSION, "LockSettingsRead"); } - private final void checkPasswordHavePermission(int userId) { + private final void checkPasswordHavePermission() { if (mContext.checkCallingOrSelfPermission(PERMISSION) != PERMISSION_GRANTED) { EventLog.writeEvent(0x534e4554, "28251513", getCallingUid(), ""); // SafetyNet } @@ -1056,7 +1052,7 @@ public class LockSettingsService extends ILockSettings.Stub { @Override public void setSeparateProfileChallengeEnabled(int userId, boolean enabled, LockscreenCredential profileUserPassword) { - checkWritePermission(userId); + checkWritePermission(); if (!mHasSecureLockScreen && profileUserPassword != null && profileUserPassword.getType() != CREDENTIAL_TYPE_NONE) { @@ -1103,19 +1099,19 @@ public class LockSettingsService extends ILockSettings.Stub { @Override public void setBoolean(String key, boolean value, int userId) { - checkWritePermission(userId); + checkWritePermission(); mStorage.setBoolean(key, value, userId); } @Override public void setLong(String key, long value, int userId) { - checkWritePermission(userId); + checkWritePermission(); mStorage.setLong(key, value, userId); } @Override public void setString(String key, String value, int userId) { - checkWritePermission(userId); + checkWritePermission(); mStorage.setString(key, value, userId); } @@ -1154,7 +1150,7 @@ public class LockSettingsService extends ILockSettings.Stub { */ @Override public int getCredentialType(int userId) { - checkPasswordHavePermission(userId); + checkPasswordHavePermission(); return getCredentialTypeInternal(userId); } @@ -1967,7 +1963,7 @@ public class LockSettingsService extends ILockSettings.Stub { @Override public void resetKeyStore(int userId) { - checkWritePermission(userId); + checkWritePermission(); if (DEBUG) Slog.v(TAG, "Reset keystore for user: " + userId); List<Integer> profileUserIds = new ArrayList<>(); List<LockscreenCredential> profileUserDecryptedPasswords = new ArrayList<>(); @@ -2275,7 +2271,7 @@ public class LockSettingsService extends ILockSettings.Stub { @Override public void requireStrongAuth(int strongAuthReason, int userId) { - checkWritePermission(userId); + checkWritePermission(); mStrongAuth.requireStrongAuth(strongAuthReason, userId); } @@ -2293,7 +2289,7 @@ public class LockSettingsService extends ILockSettings.Stub { @Override public void userPresent(int userId) { - checkWritePermission(userId); + checkWritePermission(); mStrongAuth.reportUnlock(userId); } @@ -2321,9 +2317,9 @@ public class LockSettingsService extends ILockSettings.Stub { final int origPid = Binder.getCallingPid(); final int origUid = Binder.getCallingUid(); + Slog.e(TAG, "Caller pid " + origPid + " Caller uid " + origUid); // The original identity is an opaque integer. final long origId = Binder.clearCallingIdentity(); - Slog.e(TAG, "Caller pid " + origPid + " Caller uid " + origUid); try { final LockSettingsShellCommand command = new LockSettingsShellCommand(new LockPatternUtils(mContext), mContext, origPid, @@ -2847,7 +2843,7 @@ public class LockSettingsService extends ILockSettings.Stub { synchronized (mSpManager) { disableEscrowTokenOnNonManagedDevicesIfNeeded(userId); for (long handle : mSpManager.getPendingTokensForUser(userId)) { - Slog.i(TAG, String.format("activateEscrowTokens: %x %d ", handle, userId)); + Slog.i(TAG, TextUtils.formatSimple("activateEscrowTokens: %x %d ", handle, userId)); mSpManager.createTokenBasedProtector(handle, sp, userId); } } @@ -3008,14 +3004,14 @@ public class LockSettingsService extends ILockSettings.Stub { pw.println("User " + userId); pw.increaseIndent(); synchronized (mSpManager) { - pw.println(String.format("LSKF-based SP protector ID: %x", + pw.println(TextUtils.formatSimple("LSKF-based SP protector ID: %x", getCurrentLskfBasedProtectorId(userId))); - pw.println(String.format("LSKF last changed: %s (previous protector: %x)", + pw.println(TextUtils.formatSimple("LSKF last changed: %s (previous protector: %x)", timestampToString(getLong(LSKF_LAST_CHANGED_TIME_KEY, 0, userId)), getLong(PREV_LSKF_BASED_PROTECTOR_ID_KEY, 0, userId))); } try { - pw.println(String.format("SID: %x", + pw.println(TextUtils.formatSimple("SID: %x", getGateKeeperService().getSecureUserId(userId))); } catch (RemoteException e) { // ignore. @@ -3026,7 +3022,7 @@ public class LockSettingsService extends ILockSettings.Stub { pw.println("CredentialType: " + credentialTypeToString( getCredentialTypeInternal(userId))); pw.println("SeparateChallenge: " + getSeparateProfileChallengeEnabledInternal(userId)); - pw.println(String.format("Metrics: %s", + pw.println(TextUtils.formatSimple("Metrics: %s", getUserPasswordMetrics(userId) != null ? "known" : "unknown")); pw.decreaseIndent(); } diff --git a/services/core/java/com/android/server/locksettings/LockSettingsStorage.java b/services/core/java/com/android/server/locksettings/LockSettingsStorage.java index e5b50362b03d..db036b06a77a 100644 --- a/services/core/java/com/android/server/locksettings/LockSettingsStorage.java +++ b/services/core/java/com/android/server/locksettings/LockSettingsStorage.java @@ -17,7 +17,6 @@ package com.android.server.locksettings; import static android.content.Context.USER_SERVICE; -import static android.text.TextUtils.formatSimple; import static com.android.internal.annotations.VisibleForTesting.Visibility.PACKAGE; import static com.android.internal.widget.LockPatternUtils.USER_FRP; @@ -437,7 +436,7 @@ class LockSettingsStorage { } private File getSyntheticPasswordStateFileForUser(int userId, long protectorId, String name) { - String fileName = formatSimple("%016x.%s", protectorId, name); + String fileName = TextUtils.formatSimple("%016x.%s", protectorId, name); return new File(getSyntheticPasswordDirectoryForUser(userId), fileName); } @@ -643,13 +642,13 @@ class LockSettingsStorage { final UserManager um = UserManager.get(mContext); for (UserInfo user : um.getUsers()) { File userPath = getSyntheticPasswordDirectoryForUser(user.id); - pw.println(String.format("User %d [%s]:", user.id, userPath)); + pw.println(TextUtils.formatSimple("User %d [%s]:", user.id, userPath)); pw.increaseIndent(); File[] files = userPath.listFiles(); if (files != null) { Arrays.sort(files); for (File file : files) { - pw.println(String.format("%6d %s %s", file.length(), + pw.println(TextUtils.formatSimple("%6d %s %s", file.length(), LockSettingsService.timestampToString(file.lastModified()), file.getName())); } diff --git a/services/core/java/com/android/server/locksettings/PasswordSlotManager.java b/services/core/java/com/android/server/locksettings/PasswordSlotManager.java index 17aca1576e40..21fb403a41c9 100644 --- a/services/core/java/com/android/server/locksettings/PasswordSlotManager.java +++ b/services/core/java/com/android/server/locksettings/PasswordSlotManager.java @@ -72,8 +72,6 @@ public class PasswordSlotManager { /** * Notify the manager of which slots are definitively in use by the current OS image. - * - * @throws RuntimeException */ public void refreshActiveSlots(Set<Integer> activeSlots) throws RuntimeException { if (mSlotMap == null) { @@ -103,8 +101,6 @@ public class PasswordSlotManager { /** * Mark the given slot as in use by the current OS image. - * - * @throws RuntimeException */ public void markSlotInUse(int slot) throws RuntimeException { ensureSlotMapLoaded(); @@ -117,8 +113,6 @@ public class PasswordSlotManager { /** * Mark the given slot as no longer in use by the current OS image. - * - * @throws RuntimeException */ public void markSlotDeleted(int slot) throws RuntimeException { ensureSlotMapLoaded(); diff --git a/services/core/java/com/android/server/locksettings/RebootEscrowKeyStoreManager.java b/services/core/java/com/android/server/locksettings/RebootEscrowKeyStoreManager.java index da29368df082..41cdb42cd8e2 100644 --- a/services/core/java/com/android/server/locksettings/RebootEscrowKeyStoreManager.java +++ b/services/core/java/com/android/server/locksettings/RebootEscrowKeyStoreManager.java @@ -64,9 +64,9 @@ public class RebootEscrowKeyStoreManager { private SecretKey getKeyStoreEncryptionKeyLocked() { try { KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE_PROVIDER); - KeyStore.LoadStoreParameter loadStoreParameter = null; // Load from the specific namespace if keystore2 is enabled. - loadStoreParameter = new AndroidKeyStoreLoadStoreParameter(KEY_STORE_NAMESPACE); + KeyStore.LoadStoreParameter loadStoreParameter = + new AndroidKeyStoreLoadStoreParameter(KEY_STORE_NAMESPACE); keyStore.load(loadStoreParameter); return (SecretKey) keyStore.getKey(REBOOT_ESCROW_KEY_STORE_ENCRYPTION_KEY_NAME, null); @@ -86,9 +86,9 @@ public class RebootEscrowKeyStoreManager { synchronized (mKeyStoreLock) { try { KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE_PROVIDER); - KeyStore.LoadStoreParameter loadStoreParameter = null; // Load from the specific namespace if keystore2 is enabled. - loadStoreParameter = new AndroidKeyStoreLoadStoreParameter(KEY_STORE_NAMESPACE); + KeyStore.LoadStoreParameter loadStoreParameter = + new AndroidKeyStoreLoadStoreParameter(KEY_STORE_NAMESPACE); keyStore.load(loadStoreParameter); keyStore.deleteEntry(REBOOT_ESCROW_KEY_STORE_ENCRYPTION_KEY_NAME); } catch (IOException | GeneralSecurityException e) { diff --git a/services/core/java/com/android/server/locksettings/SyntheticPasswordCrypto.java b/services/core/java/com/android/server/locksettings/SyntheticPasswordCrypto.java index a9318449c8a0..2a6ae44a99e8 100644 --- a/services/core/java/com/android/server/locksettings/SyntheticPasswordCrypto.java +++ b/services/core/java/com/android/server/locksettings/SyntheticPasswordCrypto.java @@ -23,6 +23,7 @@ import android.security.keystore.KeyProtection; import android.security.keystore2.AndroidKeyStoreLoadStoreParameter; import android.system.keystore2.Domain; import android.system.keystore2.KeyDescriptor; +import android.text.TextUtils; import android.util.Slog; import com.android.internal.util.ArrayUtils; @@ -301,7 +302,7 @@ public class SyntheticPasswordCrypto { // Treat this as a success so we don't migrate again. return true; } else { - Slog.e(TAG, String.format("Failed to migrate key: %d", err)); + Slog.e(TAG, TextUtils.formatSimple("Failed to migrate key: %d", err)); return false; } } diff --git a/services/core/java/com/android/server/locksettings/SyntheticPasswordManager.java b/services/core/java/com/android/server/locksettings/SyntheticPasswordManager.java index 5b75b6a64861..f1afb96866eb 100644 --- a/services/core/java/com/android/server/locksettings/SyntheticPasswordManager.java +++ b/services/core/java/com/android/server/locksettings/SyntheticPasswordManager.java @@ -36,6 +36,7 @@ import android.security.GateKeeper; import android.security.Scrypt; import android.service.gatekeeper.GateKeeperResponse; import android.service.gatekeeper.IGateKeeperService; +import android.text.TextUtils; import android.util.ArrayMap; import android.util.ArraySet; import android.util.Slog; @@ -590,7 +591,7 @@ public class SyntheticPasswordManager { // Remove potential persistent state (in RPMB), to prevent them from accumulating and // causing problems. try { - gatekeeper.clearSecureUserId(fakeUid(userId)); + gatekeeper.clearSecureUserId(fakeUserId(userId)); } catch (RemoteException ignore) { Slog.w(TAG, "Failed to clear SID from gatekeeper"); } @@ -800,13 +801,13 @@ public class SyntheticPasswordManager { // In case GK enrollment leaves persistent state around (in RPMB), this will nuke them // to prevent them from accumulating and causing problems. try { - gatekeeper.clearSecureUserId(fakeUid(userId)); + gatekeeper.clearSecureUserId(fakeUserId(userId)); } catch (RemoteException ignore) { Slog.w(TAG, "Failed to clear SID from gatekeeper"); } GateKeeperResponse response; try { - response = gatekeeper.enroll(fakeUid(userId), null, null, + response = gatekeeper.enroll(fakeUserId(userId), null, null, stretchedLskfToGkPassword(stretchedLskf)); } catch (RemoteException e) { throw new IllegalStateException("Failed to enroll LSKF for new SP protector for " @@ -840,7 +841,7 @@ public class SyntheticPasswordManager { GateKeeperResponse response; try { - response = gatekeeper.verifyChallenge(fakeUid(persistentData.userId), + response = gatekeeper.verifyChallenge(fakeUserId(persistentData.userId), 0 /* challenge */, pwd.passwordHandle, stretchedLskfToGkPassword(stretchedLskf)); } catch (RemoteException e) { @@ -1029,7 +1030,7 @@ public class SyntheticPasswordManager { userId)); if (!credential.checkAgainstStoredType(pwd.credentialType)) { - Slog.e(TAG, String.format("Credential type mismatch: expected %d actual %d", + Slog.e(TAG, TextUtils.formatSimple("Credential type mismatch: expected %d actual %d", pwd.credentialType, credential.getType())); result.gkResponse = VerifyCredentialResponse.ERROR; return result; @@ -1059,7 +1060,7 @@ public class SyntheticPasswordManager { byte[] gkPassword = stretchedLskfToGkPassword(stretchedLskf); GateKeeperResponse response; try { - response = gatekeeper.verifyChallenge(fakeUid(userId), 0L, + response = gatekeeper.verifyChallenge(fakeUserId(userId), 0L, pwd.passwordHandle, gkPassword); } catch (RemoteException e) { Slog.e(TAG, "gatekeeper verify failed", e); @@ -1072,7 +1073,7 @@ public class SyntheticPasswordManager { if (response.getShouldReEnroll()) { GateKeeperResponse reenrollResponse; try { - reenrollResponse = gatekeeper.enroll(fakeUid(userId), + reenrollResponse = gatekeeper.enroll(fakeUserId(userId), pwd.passwordHandle, gkPassword, gkPassword); } catch (RemoteException e) { Slog.w(TAG, "Fail to invoke gatekeeper.enroll", e); @@ -1452,8 +1453,8 @@ public class SyntheticPasswordManager { return result; } - private int fakeUid(int uid) { - return 100000 + uid; + private int fakeUserId(int userId) { + return 100000 + userId; } protected static byte[] secureRandom(int length) { @@ -1466,7 +1467,7 @@ public class SyntheticPasswordManager { } private String getProtectorKeyAlias(long protectorId) { - return String.format("%s%x", PROTECTOR_KEY_ALIAS_PREFIX, protectorId); + return TextUtils.formatSimple("%s%x", PROTECTOR_KEY_ALIAS_PREFIX, protectorId); } private byte[] stretchLskf(LockscreenCredential credential, PasswordData data) { diff --git a/services/core/java/com/android/server/locksettings/recoverablekeystore/PlatformKeyManager.java b/services/core/java/com/android/server/locksettings/recoverablekeystore/PlatformKeyManager.java index f32af5434c43..7009a41726e2 100644 --- a/services/core/java/com/android/server/locksettings/recoverablekeystore/PlatformKeyManager.java +++ b/services/core/java/com/android/server/locksettings/recoverablekeystore/PlatformKeyManager.java @@ -75,7 +75,6 @@ public class PlatformKeyManager { "com.android.server.locksettings.recoverablekeystore/platform/"; private static final String ENCRYPT_KEY_ALIAS_SUFFIX = "encrypt"; private static final String DECRYPT_KEY_ALIAS_SUFFIX = "decrypt"; - private static final int USER_AUTHENTICATION_VALIDITY_DURATION_SECONDS = 15; private static final String KEY_WRAP_CIPHER_ALGORITHM = "AES/GCM/NoPadding"; private static final int GCM_TAG_LENGTH_BITS = 128; // Only used for checking if a key is usable @@ -184,7 +183,6 @@ public class PlatformKeyManager { invalidatePlatformKey(userId, generationId); nextId = generationId + 1; } - generationId = Math.max(generationId, MIN_GENERATION_ID_FOR_UNLOCKED_DEVICE_REQUIRED); generateAndLoadKey(userId, nextId); } diff --git a/services/core/java/com/android/server/locksettings/recoverablekeystore/storage/CleanupManager.java b/services/core/java/com/android/server/locksettings/recoverablekeystore/storage/CleanupManager.java index be35b50c361e..7d5fd652ef38 100644 --- a/services/core/java/com/android/server/locksettings/recoverablekeystore/storage/CleanupManager.java +++ b/services/core/java/com/android/server/locksettings/recoverablekeystore/storage/CleanupManager.java @@ -35,7 +35,6 @@ import java.util.Map; public class CleanupManager { private static final String TAG = "CleanupManager"; - private final Context mContext; private final UserManager mUserManager; private final RecoverableKeyStoreDb mDatabase; private final RecoverySnapshotStorage mSnapshotStorage; @@ -54,7 +53,6 @@ public class CleanupManager { RecoverableKeyStoreDb recoverableKeyStoreDb, ApplicationKeyStorage applicationKeyStorage) { return new CleanupManager( - context, snapshotStorage, recoverableKeyStoreDb, UserManager.get(context), @@ -63,12 +61,10 @@ public class CleanupManager { @VisibleForTesting CleanupManager( - Context context, RecoverySnapshotStorage snapshotStorage, RecoverableKeyStoreDb recoverableKeyStoreDb, UserManager userManager, ApplicationKeyStorage applicationKeyStorage) { - mContext = context; mSnapshotStorage = snapshotStorage; mDatabase = recoverableKeyStoreDb; mUserManager = userManager; diff --git a/services/tests/servicestests/src/com/android/server/locksettings/FakeGateKeeperService.java b/services/tests/servicestests/src/com/android/server/locksettings/FakeGateKeeperService.java index 094b7af0fb8e..b044d7af9acd 100644 --- a/services/tests/servicestests/src/com/android/server/locksettings/FakeGateKeeperService.java +++ b/services/tests/servicestests/src/com/android/server/locksettings/FakeGateKeeperService.java @@ -42,7 +42,7 @@ public class FakeGateKeeperService implements IGateKeeperService { ByteBuffer buffer = ByteBuffer.allocate(handle.length); buffer.put(handle, 0, handle.length); buffer.flip(); - int version = buffer.get(); + buffer.get(); // version sid = buffer.getLong(); password = new byte[buffer.remaining()]; buffer.get(password); @@ -50,7 +50,7 @@ public class FakeGateKeeperService implements IGateKeeperService { public byte[] toBytes() { ByteBuffer buffer = ByteBuffer.allocate(1 + Long.BYTES + password.length); - buffer.put((byte)0); + buffer.put((byte)0); // version buffer.putLong(sid); buffer.put(password); return buffer.array(); @@ -70,14 +70,14 @@ public class FakeGateKeeperService implements IGateKeeperService { ByteBuffer buffer = ByteBuffer.allocate(handle.length); buffer.put(handle, 0, handle.length); buffer.flip(); - int version = buffer.get(); + buffer.get(); // version challenge = buffer.getLong(); sid = buffer.getLong(); } public byte[] toBytes() { ByteBuffer buffer = ByteBuffer.allocate(1 + Long.BYTES + Long.BYTES); - buffer.put((byte)0); + buffer.put((byte)0); // version buffer.putLong(challenge); buffer.putLong(sid); return buffer.array(); diff --git a/services/tests/servicestests/src/com/android/server/locksettings/LockSettingsStrongAuthTest.java b/services/tests/servicestests/src/com/android/server/locksettings/LockSettingsStrongAuthTest.java index 6de7fddf6ccd..ec708adb993b 100644 --- a/services/tests/servicestests/src/com/android/server/locksettings/LockSettingsStrongAuthTest.java +++ b/services/tests/servicestests/src/com/android/server/locksettings/LockSettingsStrongAuthTest.java @@ -250,8 +250,8 @@ public class LockSettingsStrongAuthTest { // schedule (a) an alarm for non-strong biometric fallback timeout and (b) an alarm for // non-strong biometric idle timeout, so later we can verify that unlocking with // strong biometric or primary auth will cancel those alarms - mStrongAuth.reportSuccessfulBiometricUnlock(false /* isStrongBiometric */, PRIMARY_USER_ID); - mStrongAuth.scheduleNonStrongBiometricIdleTimeout(PRIMARY_USER_ID); + mStrongAuth.reportSuccessfulBiometricUnlock(false /* isStrongBiometric */, userId); + mStrongAuth.scheduleNonStrongBiometricIdleTimeout(userId); } private void verifyAlarmsCancelledAndNonStrongBiometricAllowed(int userId) { diff --git a/services/tests/servicestests/src/com/android/server/locksettings/MockSyntheticPasswordManager.java b/services/tests/servicestests/src/com/android/server/locksettings/MockSyntheticPasswordManager.java index 186a04f9f546..8cb18a88c840 100644 --- a/services/tests/servicestests/src/com/android/server/locksettings/MockSyntheticPasswordManager.java +++ b/services/tests/servicestests/src/com/android/server/locksettings/MockSyntheticPasswordManager.java @@ -35,7 +35,6 @@ public class MockSyntheticPasswordManager extends SyntheticPasswordManager { private FakeGateKeeperService mGateKeeper; private IWeaver mWeaverService; - private PasswordSlotManagerTestable mPasswordSlotManager; public MockSyntheticPasswordManager(Context context, LockSettingsStorage storage, FakeGateKeeperService gatekeeper, UserManager userManager, diff --git a/services/tests/servicestests/src/com/android/server/locksettings/PasswordSlotManagerTests.java b/services/tests/servicestests/src/com/android/server/locksettings/PasswordSlotManagerTests.java index 0f24fb2aac5f..2faf6a2b29d1 100644 --- a/services/tests/servicestests/src/com/android/server/locksettings/PasswordSlotManagerTests.java +++ b/services/tests/servicestests/src/com/android/server/locksettings/PasswordSlotManagerTests.java @@ -16,8 +16,9 @@ package com.android.server.locksettings; +import static org.junit.Assert.assertEquals; + import android.platform.test.annotations.Presubmit; -import android.test.AndroidTestCase; import androidx.test.filters.SmallTest; import androidx.test.runner.AndroidJUnit4; @@ -37,7 +38,7 @@ import java.util.Set; @SmallTest @Presubmit @RunWith(AndroidJUnit4.class) -public class PasswordSlotManagerTests extends AndroidTestCase { +public class PasswordSlotManagerTests { PasswordSlotManagerTestable mManager; diff --git a/services/tests/servicestests/src/com/android/server/locksettings/RebootEscrowManagerTests.java b/services/tests/servicestests/src/com/android/server/locksettings/RebootEscrowManagerTests.java index b01c1c8ead28..858f658b52f0 100644 --- a/services/tests/servicestests/src/com/android/server/locksettings/RebootEscrowManagerTests.java +++ b/services/tests/servicestests/src/com/android/server/locksettings/RebootEscrowManagerTests.java @@ -125,7 +125,6 @@ public class RebootEscrowManagerTests { static class MockInjector extends RebootEscrowManager.Injector { private final IRebootEscrow mRebootEscrow; - private final ResumeOnRebootServiceConnection mServiceConnection; private final RebootEscrowProviderInterface mDefaultRebootEscrowProvider; private final UserManager mUserManager; private final MockableRebootEscrowInjected mInjected; @@ -140,7 +139,6 @@ public class RebootEscrowManagerTests { MockableRebootEscrowInjected injected) { super(context, storage); mRebootEscrow = rebootEscrow; - mServiceConnection = null; mServerBased = false; RebootEscrowProviderHalImpl.Injector halInjector = new RebootEscrowProviderHalImpl.Injector() { @@ -161,7 +159,6 @@ public class RebootEscrowManagerTests { LockSettingsStorageTestable storage, MockableRebootEscrowInjected injected) { super(context, storage); - mServiceConnection = serviceConnection; mRebootEscrow = null; mServerBased = true; RebootEscrowProviderServerBasedImpl.Injector injector = diff --git a/services/tests/servicestests/src/com/android/server/locksettings/recoverablekeystore/KeySyncTaskTest.java b/services/tests/servicestests/src/com/android/server/locksettings/recoverablekeystore/KeySyncTaskTest.java index c2e83f23ae86..ea5caa865666 100644 --- a/services/tests/servicestests/src/com/android/server/locksettings/recoverablekeystore/KeySyncTaskTest.java +++ b/services/tests/servicestests/src/com/android/server/locksettings/recoverablekeystore/KeySyncTaskTest.java @@ -678,8 +678,7 @@ public class KeySyncTaskTest { mRecoverableKeyStoreDb.setRecoveryServiceCertPath( TEST_USER_ID, TEST_RECOVERY_AGENT_UID, TEST_ROOT_CERT_ALIAS, TestData.CERT_PATH_1); when(mSnapshotListenersStorage.hasListener(TEST_RECOVERY_AGENT_UID)).thenReturn(true); - SecretKey applicationKey = - addApplicationKey(TEST_USER_ID, TEST_RECOVERY_AGENT_UID, TEST_APP_KEY_ALIAS); + addApplicationKey(TEST_USER_ID, TEST_RECOVERY_AGENT_UID, TEST_APP_KEY_ALIAS); mKeySyncTask.run(); @@ -710,8 +709,7 @@ public class KeySyncTaskTest { mRecoverableKeyStoreDb.setRecoveryServiceCertPath( TEST_USER_ID, TEST_RECOVERY_AGENT_UID, TEST_ROOT_CERT_ALIAS, TestData.CERT_PATH_1); when(mSnapshotListenersStorage.hasListener(TEST_RECOVERY_AGENT_UID)).thenReturn(true); - SecretKey applicationKey = - addApplicationKey(TEST_USER_ID, TEST_RECOVERY_AGENT_UID, TEST_APP_KEY_ALIAS); + addApplicationKey(TEST_USER_ID, TEST_RECOVERY_AGENT_UID, TEST_APP_KEY_ALIAS); mKeySyncTask.run(); diff --git a/services/tests/servicestests/src/com/android/server/locksettings/recoverablekeystore/PlatformKeyManagerTest.java b/services/tests/servicestests/src/com/android/server/locksettings/recoverablekeystore/PlatformKeyManagerTest.java index 3fd2c97075ac..c546a741e76a 100644 --- a/services/tests/servicestests/src/com/android/server/locksettings/recoverablekeystore/PlatformKeyManagerTest.java +++ b/services/tests/servicestests/src/com/android/server/locksettings/recoverablekeystore/PlatformKeyManagerTest.java @@ -587,7 +587,7 @@ public class PlatformKeyManagerTest { return keyGenerator.generateKey(); } - class PlatformKeyManagerTestable extends PlatformKeyManager { + static class PlatformKeyManagerTestable extends PlatformKeyManager { private IGateKeeperService mGateKeeperService; PlatformKeyManagerTestable( diff --git a/services/tests/servicestests/src/com/android/server/locksettings/recoverablekeystore/RecoverableKeyStoreManagerTest.java b/services/tests/servicestests/src/com/android/server/locksettings/recoverablekeystore/RecoverableKeyStoreManagerTest.java index aceae61b8b9d..281195de4b35 100644 --- a/services/tests/servicestests/src/com/android/server/locksettings/recoverablekeystore/RecoverableKeyStoreManagerTest.java +++ b/services/tests/servicestests/src/com/android/server/locksettings/recoverablekeystore/RecoverableKeyStoreManagerTest.java @@ -134,7 +134,6 @@ public class RecoverableKeyStoreManagerTest { "V1 reencrypted_recovery_key".getBytes(StandardCharsets.UTF_8); private static final String TEST_ALIAS = "nick"; private static final String TEST_ALIAS2 = "bob"; - private static final int RECOVERABLE_KEY_SIZE_BYTES = 32; private static final int APPLICATION_KEY_SIZE_BYTES = 32; private static final int GENERATION_ID = 1; private static final byte[] NONCE = getUtf8Bytes("nonce"); @@ -503,8 +502,6 @@ public class RecoverableKeyStoreManagerTest { @Test public void initRecoveryService_throwsExceptionOnSmallerSerial() throws Exception { - int uid = Binder.getCallingUid(); - int userId = UserHandle.getCallingUserId(); long certSerial = 1000L; mRecoverableKeyStoreManager.initRecoveryService(ROOT_CERTIFICATE_ALIAS, @@ -636,7 +633,6 @@ public class RecoverableKeyStoreManagerTest { throws Exception { int uid = Binder.getCallingUid(); int userId = UserHandle.getCallingUserId(); - long certSerial = 1000L; mRecoverableKeyStoreDb.setShouldCreateSnapshot(userId, uid, false); mRecoverableKeyStoreManager.initRecoveryServiceWithSigFile( diff --git a/services/tests/servicestests/src/com/android/server/locksettings/recoverablekeystore/TestData.java b/services/tests/servicestests/src/com/android/server/locksettings/recoverablekeystore/TestData.java index 5d4be1bee105..4bf99e0951b6 100644 --- a/services/tests/servicestests/src/com/android/server/locksettings/recoverablekeystore/TestData.java +++ b/services/tests/servicestests/src/com/android/server/locksettings/recoverablekeystore/TestData.java @@ -39,7 +39,6 @@ public final class TestData { private static final String KEY_ALGORITHM = "AES"; private static final long DEFAULT_SERIAL = 10001; - private static final String CERT_PATH_ENCODING = "PkiPath"; private static final String CERT_PATH_1_BASE64 = "" + "MIIIXTCCBRowggMCoAMCAQICEB35ZwzVpI9ssXg9SAehnU0wDQYJKoZIhvcNAQEL" diff --git a/services/tests/servicestests/src/com/android/server/locksettings/recoverablekeystore/storage/CleanupManagerTest.java b/services/tests/servicestests/src/com/android/server/locksettings/recoverablekeystore/storage/CleanupManagerTest.java index 0b15a126e98a..1c9c6dc8d0db 100644 --- a/services/tests/servicestests/src/com/android/server/locksettings/recoverablekeystore/storage/CleanupManagerTest.java +++ b/services/tests/servicestests/src/com/android/server/locksettings/recoverablekeystore/storage/CleanupManagerTest.java @@ -21,11 +21,9 @@ import static org.mockito.Mockito.times; import static org.mockito.Mockito.verify; import static org.mockito.Mockito.when; -import android.content.Context; import android.os.UserHandle; import android.os.UserManager; -import androidx.test.InstrumentationRegistry; import androidx.test.filters.SmallTest; import androidx.test.runner.AndroidJUnit4; @@ -49,7 +47,6 @@ public class CleanupManagerTest { private static final long USER_SERIAL_NUMBER = 101L; private static final long USER_SERIAL_NUMBER_2 = 202L; - private Context mContext; private CleanupManager mManager; @Mock private RecoverableKeyStoreDb mDatabase; @@ -60,8 +57,7 @@ public class CleanupManagerTest { @Before public void setUp() throws Exception { MockitoAnnotations.initMocks(this); - mContext = InstrumentationRegistry.getTargetContext(); - mManager = new CleanupManager(mContext, mRecoverySnapshotStorage, mDatabase, mUserManager, + mManager = new CleanupManager(mRecoverySnapshotStorage, mDatabase, mUserManager, mApplicationKeyStorage); } |